urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Submission: On October 09 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 9 countries across 113 domains to perform 586 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 468243.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 172.217.194.132 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
2 69.16.175.42 20446 (STACKPATH...)
31 104.26.2.91 13335 (CLOUDFLAR...)
45 74.125.24.156 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
33 85 172.217.194.155 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
6 142.250.4.155 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
2 74.125.24.97 15169 (GOOGLE)
3 216.239.38.178 15169 (GOOGLE)
1 13 74.125.68.157 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
12 34.248.37.242 16509 (AMAZON-02)
4 18.182.192.59 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 44.230.111.82 16509 (AMAZON-02)
1 23.195.153.54 16625 (AKAMAI-AS)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 7 104.18.19.126 13335 (CLOUDFLAR...)
3 15 145.40.89.200 54825 (PACKET)
1 182.161.73.145 55569 (CRITEO-AS...)
1 9 34.98.64.218 396982 (GOOGLE-CL...)
1 13.251.20.120 16509 (AMAZON-02)
1 5 51.79.234.101 16276 (OVH)
1 35.213.117.18 15169 (GOOGLE)
5 10 104.254.151.36 29990 (ASN-APPNEX)
2 5 103.229.10.180 16509 (AMAZON-02)
2 74.125.130.154 15169 (GOOGLE)
3 74.125.130.156 15169 (GOOGLE)
1 13.33.33.27 16509 (AMAZON-02)
1 13.33.33.118 16509 (AMAZON-02)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
32 74.125.24.132 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.58 16509 (AMAZON-02)
35 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
3 104.17.24.14 13335 (CLOUDFLAR...)
9 182.161.73.142 55569 (CRITEO-AS...)
1 182.161.73.135 55569 (CRITEO-AS...)
7 23.36.252.26 16625 (AKAMAI-AS)
1 42.99.140.216 4637 (ASN-TELST...)
15 23.195.152.23 16625 (AKAMAI-AS)
8 74.125.24.147 15169 (GOOGLE)
3 14 139.5.84.243 27381 (CASALE-MEDIA)
1 2 23.9.178.47 16625 (AKAMAI-AS)
22 23 35.71.131.137 16509 (AMAZON-02)
2 5 67.199.150.81 62713 (AS-PUBMATIC)
16 18 74.118.186.45 26120 (RHYTHMONE)
2 3 23.106.127.165 59253 (LEASEWEB-...)
1 1 35.75.225.181 16509 (AMAZON-02)
1 1 35.208.249.213 15169 (GOOGLE)
34 74.125.24.148 15169 (GOOGLE)
5 5 151.101.130.49 54113 (FASTLY)
5 5 54.192.150.126 16509 (AMAZON-02)
3 3 104.45.178.220 8075 (MICROSOFT...)
1 1 139.162.38.30 63949 (LINODE-AP...)
18 19 35.213.12.39 15169 (GOOGLE)
9 9 35.227.202.26 15169 (GOOGLE)
5 6 107.178.244.193 ()
3 3 18.155.68.53 ()
3 3 202.241.208.56 4694 (IDCF IDC ...)
1 3 172.64.152.245 13335 (CLOUDFLAR...)
11 11 35.230.38.116 396982 (GOOGLE-CL...)
10 11 50.31.142.255 23352 (SERVERCEN...)
1 1 133.186.161.88 45974 (NHN-AS-KR...)
7 7 52.74.162.2 16509 (AMAZON-02)
4 5 50.116.239.135 6336 (TURN-US-ASN)
1 1 31.220.27.155 39572 (ADVANCEDH...)
1 1 150.95.47.242 7506 (INTERQ GM...)
4 142.251.10.155 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
3 10 35.71.178.8 16509 (AMAZON-02)
1 23.72.44.239 16625 (AKAMAI-AS)
3 11 23.9.185.218 16625 (AKAMAI-AS)
1 52.222.144.21 16509 (AMAZON-02)
1 23.72.44.183 16625 (AKAMAI-AS)
2 5 35.244.159.8 15169 (GOOGLE)
2 172.217.194.95 15169 (GOOGLE)
1 104.19.159.19 13335 (CLOUDFLAR...)
2 2 198.8.71.130 ()
4 23.72.44.196 16625 (AKAMAI-AS)
5 5 103.229.205.243 30419 (MEDIAMATH...)
4 4 13.251.173.219 16509 (AMAZON-02)
3 182.161.73.146 55569 (CRITEO-AS...)
1 1 23.108.103.8 ()
3 3 104.69.148.168 ()
2 2 35.156.150.75 ()
2 54.156.112.43 ()
1 172.67.154.71 13335 (CLOUDFLAR...)
10 13 69.173.158.64 ()
2 37.157.2.239 ()
3 3 34.194.85.148 ()
1 4 23.106.127.53 ()
34 43 103.231.98.197 ()
42 53 103.231.98.194 ()
1 1 104.18.18.126 13335 (CLOUDFLAR...)
6 7 209.191.163.208 ()
1 52.209.60.98 ()
1 103.231.98.203 ()
1 18.139.185.219 ()
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.100.194 ()
3 7 54.255.52.29 ()
3 7 52.46.143.56 ()
1 13.107.21.200 8068 (MICROSOFT...)
2 3 52.94.223.167 ()
1 54.249.236.28 ()
1 3 54.224.193.2 ()
1 19 54.238.120.71 ()
6 7 185.84.60.30 ()
2 2 18.138.18.111 ()
1 202.131.200.84 ()
1 1 139.162.40.113 ()
1 18.176.32.10 ()
1 1 35.186.193.173 ()
2 2 35.213.93.179 ()
2 2 13.250.207.233 ()
3 7 103.231.98.195 ()
1 2 151.101.1.44 ()
2 104.19.172.108 ()
1 195.5.165.20 ()
2 169.197.150.7 ()
2 3 35.190.60.146 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
1 1 34.102.253.54 ()
4 4 104.254.150.228 ()
1 1 51.68.39.188 ()
2 2 89.207.22.73 ()
1 35.72.105.127 ()
1 1 185.183.112.155 ()
2 2 74.214.196.131 ()
1 1 34.111.151.213 ()
1 2 44.240.25.198 ()
2 2 3.113.228.209 ()
1 104.18.13.76 ()
2 2 18.180.216.240 ()
3 3 66.225.223.191 ()
1 1 34.193.201.64 ()
1 1 52.4.73.191 ()
1 193.122.130.38 ()
2 2 54.169.99.236 ()
2 2 185.184.8.90 ()
1 1 8.43.72.98 ()
586 109
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
cdn.ampproject.org
989a5fc7e1bc0ab63e333489ed15f375.safeframe.googlesyndication.com
58ad3e685b1b124c341c48eaab5a3d97.safeframe.googlesyndication.com
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
31    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
45    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
pagead2.googlesyndication.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
85    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
cm.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
6    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
adservice.google.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
d-38969000451344156367.ampproject.net
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
3    216.239.38.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
13    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
1    104.16.87.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    34.248.37.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    18.182.192.59 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    44.230.111.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-111-82.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
7    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
15    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
9    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    13.251.20.120 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-20-120.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
5    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
10    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
5    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    74.125.130.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net
partner.googleadservices.com
3    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
adservice.google.com.au
1    13.33.33.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-27.sin2.r.cloudfront.net
adx.holmesmind.com
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
32    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-58.sin2.r.cloudfront.net
pxl.qccerttest.com
35    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
3    104.17.24.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
7    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    42.99.140.216 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-216.pacnet.net
qsearch-a.akamaihd.net
15    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
8    74.125.24.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f147.1e100.net
www.google.com
14    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    23.9.178.47 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-178-47.deploy.static.akamaitechnologies.com
sync.teads.tv
23    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    67.199.150.81 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
18    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
1    35.75.225.181 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-225-181.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
34    74.125.24.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net
s0.2mdn.net
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    54.192.150.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-126.sin2.r.cloudfront.net
cr-p1.ladsp.com
cr-p3.ladsp.com
3    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    139.162.38.30 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1451-30.members.linode.com
a.c.appier.net
19    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
9    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
6    107.178.244.193 (None, )

ASN- ()
pixel.tapad.com
3    18.155.68.53 (None, )

ASN- ()
aa.agkn.com
3    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
3    172.64.152.245 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
11    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
11    50.31.142.255 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHN, KR)
app.cauly.co.kr
7    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
4    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
googleads4.g.doubleclick.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
10    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    23.72.44.239 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-239.deploy.static.akamaitechnologies.com
js-sec.indexww.com
11    23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    52.222.144.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-144-21.mrs52.r.cloudfront.net
public.servenobid.com
1    23.72.44.183 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
1    104.19.159.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    198.8.71.130 (None, )

ASN- ()
p.rfihub.com
4    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    13.251.173.219 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-173-219.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    23.108.103.8 (None, )

ASN- ()
inv-nets.admixer.net
3    104.69.148.168 (None, )

ASN- ()
stags.bluekai.com
2    35.156.150.75 (None, )

ASN- ()
rtb.mfadsrvr.com
2    54.156.112.43 (None, )

ASN- ()
cs.emxdgt.com
1    172.67.154.71 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
13    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
token.rubiconproject.com
2    37.157.2.239 (None, )

ASN- ()
cm.adform.net
3    34.194.85.148 (None, )

ASN- ()
ssp.disqus.com
4    23.106.127.53 (None, )

ASN- ()
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
43    103.231.98.197 (None, )

ASN- ()
image8.pubmatic.com
53    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
1    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
7    209.191.163.208 (None, )

ASN- ()
ap.lijit.com
ce.lijit.com
1    52.209.60.98 (None, )

ASN- ()
c.deployads.com
1    103.231.98.203 (None, )

ASN- ()
ow.pubmatic.com
1    18.139.185.219 (None, )

ASN- ()
pb-server.ezoic.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.100.194 (None, )

ASN- ()
p.adsymptotic.com
7    54.255.52.29 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
7    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    52.94.223.167 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    54.249.236.28 (None, )

ASN- ()
g2.gumgum.com
3    54.224.193.2 (None, )

ASN- ()
x.yieldlift.com
19    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
7    185.84.60.30 (None, )

ASN- ()
c1.adform.net
2    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    139.162.40.113 (None, )

ASN- ()
gocm.c.appier.net
1    18.176.32.10 (None, )

ASN- ()
dps.jp.cinarra.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
2    35.213.93.179 (None, )

ASN- ()
a.sportradarserving.com
2    13.250.207.233 (None, )

ASN- ()
cm.adgrx.com
7    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
2    151.101.1.44 (None, )

ASN- ()
trc.taboola.com
match.taboola.com
2    104.19.172.108 (None, )

ASN- ()
csync.loopme.me
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    169.197.150.7 (None, )

ASN- ()
match.deepintent.com
3    35.190.60.146 (None, )

ASN- ()
idsync.rlcdn.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
4    104.254.150.228 (None, )

ASN- ()
secure.adnxs.com
1    51.68.39.188 (None, )

ASN- ()
dsp.nrich.ai
2    89.207.22.73 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    35.72.105.127 (None, )

ASN- ()
rtb.gumgum.com
1    185.183.112.155 (None, )

ASN- ()
sync.adotmob.com
2    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
2    44.240.25.198 (None, )

ASN- ()
dpm.demdex.net
2    3.113.228.209 (None, )

ASN- ()
match.prod.bidr.io
1    104.18.13.76 (None, )

ASN- ()
cdn.indexww.com
2    18.180.216.240 (None, )

ASN- ()
pool.admedo.com
3    66.225.223.191 (None, )

ASN- ()
sync.outbrain.com
1    34.193.201.64 (None, )

ASN- ()
sync.srv.stackadapt.com
1    52.4.73.191 (None, )

ASN- ()
sync.ipredictive.com
1    193.122.130.38 (None, )

ASN- ()
sync.technoratimedia.com
2    54.169.99.236 (None, )

ASN- ()
ad.360yield.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
113 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 915
ads.pubmatic.com — Cisco Umbrella Rank: 728
image8.pubmatic.com
image2.pubmatic.com
ow.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
62 KB
94 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390
605 KB
83 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
989a5fc7e1bc0ab63e333489ed15f375.safeframe.googlesyndication.com
58ad3e685b1b124c341c48eaab5a3d97.safeframe.googlesyndication.com
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
861 KB
45 criteo.net
static.criteo.net — Cisco Umbrella Rank: 789
csm.as.criteo.net — Cisco Umbrella Rank: 13677
pix.as.criteo.net — Cisco Umbrella Rank: 14259
2 MB
34 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
755 KB
32 bg3.co
www.bg3.co — Cisco Umbrella Rank: 468243
static.bg3.co
529 KB
30 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1426
fastlane.rubiconproject.com — Cisco Umbrella Rank: 701
eus.rubiconproject.com — Cisco Umbrella Rank: 861
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1345
pixel.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
54 KB
23 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 463
13 KB
23 media.net
prebid.media.net — Cisco Umbrella Rank: 1901
hblg.media.net — Cisco Umbrella Rank: 2563
contextual.media.net — Cisco Umbrella Rank: 841
warp.media.net — Cisco Umbrella Rank: 3316
lg3.media.net — Cisco Umbrella Rank: 4956
cs.media.net — Cisco Umbrella Rank: 2337
179 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 754
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908
ssum.casalemedia.com — Cisco Umbrella Rank: 1997
ssum-sec.casalemedia.com
dsum.casalemedia.com
17 KB
21 gumgum.com
g2.gumgum.com
usersync.gumgum.com
rtb.gumgum.com
7 KB
20 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1463
x.bidswitch.net — Cisco Umbrella Rank: 430
9 KB
16 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 844
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20686
ads.as.criteo.com — Cisco Umbrella Rank: 13337
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14501
gum.criteo.com — Cisco Umbrella Rank: 486
dis.criteo.com — Cisco Umbrella Rank: 935
148 KB
16 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1451
assets.a-mo.net — Cisco Umbrella Rank: 5184
8 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
acdn.adnxs.com — Cisco Umbrella Rank: 885
secure.adnxs.com
43 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 432
pr-bh.ybp.yahoo.com
7 KB
14 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 15735
us-u.openx.net — Cisco Umbrella Rank: 708
u.openx.net — Cisco Umbrella Rank: 960
jp-u.openx.net — Cisco Umbrella Rank: 7650
3 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 136
www.google.com — Cisco Umbrella Rank: 19
5 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2779
public.servenobid.com — Cisco Umbrella Rank: 5363
8 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15685
e3.adpushup.com — Cisco Umbrella Rank: 16689
aplogger.adpushup.com — Cisco Umbrella Rank: 18441
217 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 796
8 KB
11 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 827
7 KB
11 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1440
5 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 877
eb2.3lift.com — Cisco Umbrella Rank: 601
4 KB
10 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
7 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 311
218 KB
9 adform.net
cm.adform.net
c1.adform.net
4 KB
9 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1482
932 B
7 lijit.com
ap.lijit.com
ce.lijit.com
4 KB
7 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1188
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
3 KB
6 tapad.com
pixel.tapad.com
791 B
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1879
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
265 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 23455
sync.aralego.com — Cisco Umbrella Rank: 4213
4 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
3 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1257
r.turn.com — Cisco Umbrella Rank: 5416
2 KB
5 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 23807
cr-p3.ladsp.com — Cisco Umbrella Rank: 18176
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 930
1 KB
5 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 84578
1 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1449
pixel.quantserve.com — Cisco Umbrella Rank: 683
cms.quantserve.com — Cisco Umbrella Rank: 1504
12 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1080
3 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1306
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9439
45 KB
3 outbrain.com
sync.outbrain.com
1 KB
3 rlcdn.com
idsync.rlcdn.com
570 B
3 yieldlift.com
x.yieldlift.com
742 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 850
1 KB
3 disqus.com
ssp.disqus.com
1 KB
3 bluekai.com
stags.bluekai.com
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1476
s.tribalfusion.com — Cisco Umbrella Rank: 3850
2 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1662
3 KB
3 agkn.com
aa.agkn.com
2 KB
3 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 6284
1 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 358
15 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1407
sync.teads.tv — Cisco Umbrella Rank: 1522
767 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
430 B
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com
623 B
2 admedo.com
pool.admedo.com
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 contextweb.com
bh.contextweb.com
1 KB
2 dotomi.com
pubmatic-match.dotomi.com
744 B
2 pippio.com
pippio.com
716 B
2 deepintent.com
match.deepintent.com
83 B
2 loopme.me
csync.loopme.me
32 B
2 taboola.com
trc.taboola.com
match.taboola.com
560 B
2 adgrx.com
cm.adgrx.com
1 KB
2 sportradarserving.com
a.sportradarserving.com
971 B
2 ambientdsp.com
cm.ambientdsp.com
1 KB
2 adsymptotic.com
p.adsymptotic.com
500 B
2 emxdgt.com
cs.emxdgt.com
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 965
cdn.indexww.com
2 KB
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 14909
gocm.c.appier.net
941 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1003
1006 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
76 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 977
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 18088
11 KB
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 stackadapt.com
sync.srv.stackadapt.com
593 B
1 brand-display.com
dmp.brand-display.com
348 B
1 adotmob.com
sync.adotmob.com
712 B
1 nrich.ai
dsp.nrich.ai
522 B
1 playground.xyz
ads.playground.xyz
464 B
1 linksynergy.com
tags.rd.linksynergy.com
390 B
1 iprom.net
core.iprom.net
279 B
1 ctnsnet.com
ipac.ctnsnet.com
459 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 426
669 B
1 ezoic.com
pb-server.ezoic.com
456 B
1 deployads.com
c.deployads.com
298 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 4833
513 B
1 admixer.net
inv-nets.admixer.net
585 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 112779
393 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3931
324 B
1 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 106103
549 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 2522
484 B
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 114061
561 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2794
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 1356
548 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1200
680 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 353741
1 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4346
518 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 492
2 KB
1 ampproject.net
d-38969000451344156367.ampproject.net
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
586 113
Domain Requested by
68 cm.g.doubleclick.net 33 redirects googleads.g.doubleclick.net
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
eb2.3lift.com
g2.gumgum.com
45 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
adx.holmesmind.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
43 image8.pubmatic.com 34 redirects ads.pubmatic.com
35 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
www.bg3.co
34 s0.2mdn.net www.bg3.co
s0.2mdn.net
32 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
pagead2.googlesyndication.com
31 static.bg3.co www.bg3.co
29 image2.pubmatic.com 24 redirects prebid.a-mo.net
ads.pubmatic.com
public.servenobid.com
24 simage2.pubmatic.com 18 redirects ads.pubmatic.com
public.servenobid.com
23 match.adsrvr.org 22 redirects cdn.adpushup.com
19 usersync.gumgum.com 1 redirects public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
19 x.bidswitch.net 18 redirects prebid.a-mo.net
public.servenobid.com
15 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
ads.pubmatic.com
eus.rubiconproject.com
15 prebid.a-mo.net 3 redirects cdn.adpushup.com
prebid.a-mo.net
ads.pubmatic.com
13 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 sync.1rx.io 12 redirects ads.pubmatic.com
12 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
11 b1sync.zemanta.com 10 redirects ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
11 um.simpli.fi 11 redirects
11 googleads.g.doubleclick.net 1 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
10 ib.adnxs.com 5 redirects cdn.adpushup.com
googleads.g.doubleclick.net
prebid.a-mo.net
acdn.adnxs.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 pixel.rubiconproject.com 6 redirects www.bg3.co
9 odr.mookie1.com 9 redirects
9 csm.as.criteo.net ads.as.criteo.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
8 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 s.amazon-adsystem.com 3 redirects eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
7 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
7 ups.analytics.yahoo.com 7 redirects
7 us-u.openx.net 3 redirects googleads.g.doubleclick.net
u.openx.net
6 image4.pubmatic.com 3 redirects ads.pubmatic.com
public.servenobid.com
6 pixel.tapad.com 5 redirects public.servenobid.com
6 sync.targeting.unrulymedia.com 4 redirects ads.pubmatic.com
g2.gumgum.com
6 www.googletagservices.com googleads.g.doubleclick.net
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
6 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 e3.adpushup.com www.bg3.co
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 ap.lijit.com 4 redirects public.servenobid.com
5 sync.mathtag.com 5 redirects
5 sync-tm.everesttech.net 5 redirects
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 onetag-sys.com 1 redirects cdn.adpushup.com
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
public.servenobid.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 secure.adnxs.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 pm.w55c.net 4 redirects ads.pubmatic.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 googleads4.g.doubleclick.net www.bg3.co
4 ad.turn.com 4 redirects ads.pubmatic.com
public.servenobid.com
4 cr-p1.ladsp.com 4 redirects
4 ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 prebid-server.rubiconproject.com cdn.adpushup.com
prebid.a-mo.net
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 sync.outbrain.com 3 redirects
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 ssp.disqus.com 3 redirects
3 stags.bluekai.com 3 redirects
3 dis.criteo.com contextual.media.net
ads.pubmatic.com
g2.gumgum.com
3 secure-assets.rubiconproject.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 tg.socdm.com 3 redirects
3 aa.agkn.com 3 redirects
3 mweb.ck.inmobi.com 3 redirects
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 cms.quantserve.com 2 redirects ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
3 cdnjs.cloudflare.com ads.as.criteo.com
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 ads.as.criteo.com googleads.g.doubleclick.net
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 pool.admedo.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 bh.contextweb.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects public.servenobid.com
2 pippio.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
g2.gumgum.com
2 csync.loopme.me ads.pubmatic.com
ssbsync.smartadserver.com
2 cm.adgrx.com 2 redirects ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 cm.ambientdsp.com 2 redirects
2 ce.lijit.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cm.adform.net prebid.a-mo.net
public.servenobid.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 p.rfihub.com 2 redirects
2 fonts.googleapis.com s0.2mdn.net
2 jp-u.openx.net u.openx.net
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 cs.media.net contextual.media.net
2 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
2 aplogger.adpushup.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 sync.adotmob.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 dsp.nrich.ai 1 redirects
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 pb-server.ezoic.com prebid.a-mo.net
1 ow.pubmatic.com prebid.a-mo.net
1 c.deployads.com prebid.a-mo.net
1 ssum.casalemedia.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 id.a-mx.com prebid.a-mo.net
1 inv-nets.admixer.net 1 redirects
1 assets.a-mo.net prebid.a-mo.net
1 cr-p3.ladsp.com 1 redirects
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 sync.dsp.reemo-ad.jp 1 redirects
1 s.uuidksinc.net 1 redirects
1 r.turn.com ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
1 app.cauly.co.kr 1 redirects
1 s.tribalfusion.com ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 trace.mediago.io 1 redirects
1 google.dap.fw-ad.jp 1 redirects
1 warp.media.net googleads.g.doubleclick.net
1 qsearch-a.akamaihd.net www.bg3.co
1 pix.as.criteo.net ads.as.criteo.com
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 58ad3e685b1b124c341c48eaab5a3d97.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 989a5fc7e1bc0ab63e333489ed15f375.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 secure.quantserve.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-38969000451344156367.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 sync.crwdcntrl.net Failed public.servenobid.com
0 uipglob.semasio.net Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
586 180

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.deployads.com
Amazon		 2022-05-05 -
2023-06-03		 a year crt.sh
*.ezoic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-11 -
2023-05-18		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.yieldlift.com
Amazon		 2022-01-14 -
2023-02-11		 a year crt.sh

This page contains 103 frames:

Primary Page: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Frame ID: 2899CDA00BA05EA695A2BD1C91C3757B
Requests: 109 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B942A453CFEA5C3FCBE0D862B68F4EAF
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: DC792C2EA2196F5E54B7900046069214
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1761D0BE5508309414959F9A4EEE9CAF
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: FF7AA2A24B09798571FD9ADBD27C30A5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 33F210AC82BE7ECED3C17162F428037A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Frame ID: B4DD9F9C7E31763B47673A4D203CE7C9
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: A4DCBB282466FCEB29D23B0F205CF242
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 9DFD59D5403924B3C589279F363AED1F
Requests: 16 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Frame ID: 93B95BE63B7EA48258AA69122A326CF6
Requests: 17 HTTP requests in this frame

Frame: https://989a5fc7e1bc0ab63e333489ed15f375.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 627E2D00189FDF873AAC8A1D3084A6E3
Requests: 1 HTTP requests in this frame

Frame: https://58ad3e685b1b124c341c48eaab5a3d97.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 543D4CF817A28AACA4264A9CAF672975
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Frame ID: 928048ABF65E5CBBFBBC6EFDC62B8F80
Requests: 1 HTTP requests in this frame

Frame: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2B480A6376E85A36651C65B984587176
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CkUzLiiBCY9naBYvcoQPCy5GYC6zX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLYBT9CztTEQZdrzYl9K1Q7oIjMV0OVbFArSbtq49ltBdsMjXs-sIOkVphXRuoXl5Rt3hnKPt8IXmee9hqOQaXYpMoTOyEbdeoDwi89IC23a5wtYbt12AHElZTVFTXMTw2yJ0IkfvlXbIaaSTrJ_xBTfrTEIRLvJZUBPUuIZOwYzeKtG9QxQbQhJjGJg3qq7dVccdvB3lbEAKbJ7piQMB4fo9RwCoNxu08v33OVB6T4nCAE_Nh-COjCABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=AohVsZ4aRik&uach_m=[UACH]&cid=CAQSKQDq26N9a6GdSF2fiuv_HTP5rBw-VuN2oCTeV4wa5We80P6DestxNz8lGAEgEw
Frame ID: E46B4852A31DD1C10C111353F2A0075E
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F8EE0849F52714627CCC56253306F5CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0E3AA15F7D8E85C3CF767EC9949D5EB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35118357214AF7F8BAB8A24F55E41D10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08B4471E436DD149526866A41B159433
Requests: 2 HTTP requests in this frame

Frame: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6EE1277202358A61534F1086565EED7
Requests: 15 HTTP requests in this frame

Frame: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AD60EAD26786568C1AA57FF391E5EC68
Requests: 15 HTTP requests in this frame

Frame: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FF638BC9E2DF0EFE308A2CA8D9B2C54B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNXz0yCVnPlYOCiD8cXIyzihBD-Hi61OD5ws6WUNQ8lCZ3yPmxepMdunXFMDe7a_42Blh_tlxzOfG6AFGSYe8oXsT5nhVA
Frame ID: 92ADC71F2CA88ADB8777354DDAE67AAC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNWVvPXcf0HuD18lkp1HnlQ7kVazz2VBbYoynywZb2uSKErXmsTRQIuaPdJRd3yEnI6-9DbJVqLVdN_YKI7aSrivE4xqnA
Frame ID: 84DEFA805955B60B3BA65F7E1F0C7E9C
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 479C04AAB714F1CDE309C5837D40D9FE
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5349943B3574B36F590E63EC7DE6A3C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 343C0677E7E9002EBAB68F59B1F06C77
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD5533EBF9D018F29E5D749C21547D25
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 6E18F7005DAF46FFF433D652C68227DF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B596B55985BB597A59A1BA5F0F2D0A0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66039E35072104C80A44F52E1A623D86
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 55C077829A9B4D87604495FB203E3F49
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A6878389A953FD44C9DC51238EB256DB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1DED389C1D5563E96FD4DAE1028A0A31
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0CCD4F6B2161342DA6C08996F1E83997
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Frame ID: 64735694ABC54A6EDEBE1419C56D006F
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Frame ID: 3A7405682F7D6E960F9A4708DF88BB06
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9679D59CD45C299C9169B370E05E648C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 883AF9FCAC85B83BFCF9E005EC693972
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 394B7F5970722A72E6D8995AE3FE785D
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 578E9434C25B60D2BF1BCA1FD890CB73
Requests: 18 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 9B8369883CD697F69A0C965FDD730A27
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FD0D08FB7928B298E6178009699BDA8C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2CC62EA65232C3A451382E282814F182
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: CB538ED840AAA2D92A9553DD8DFADEF1
Requests: 12 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F1EC34EF16B0CC9736DCE3DDBC470E01
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1665278088522
Frame ID: 92DF4846D2DAEE84C712B82C2B71D797
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1BAD1863C499BC1A3CE6DD5E76671464
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 7E2492855A57864BD3391F94C70544FC
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=rkt&refUrl=&vid=52780934493082796916835720000V10&ovsid=1976306189714053534
Frame ID: A1692047D8F98F6C921D7DCE6F22A73E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Frame ID: 66769C50BB92A57748AD451A2B60B09F
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 936D4D335C78FCE4DAB5DA829A54CB7E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EED6FC09A144C565B62084DF6DDF7730
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 42EE2262C4B1271E0D8E8014819ED8DE
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: D95D5CD5B932BB65BC922E624195F873
Requests: 11 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: D32C55257C41EAA14574C71132011E97
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 10DFE5CD2AB0A00C0681B7355D8ED812
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: AE0C1BCEE968D04CF7A6F12BAC15A183
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 7F40AEB4FFD3F4CE65B95E073FCC8B8E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 8AD17CB972001FE90AC46DFE9C8EBFE1
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54276C58-BB3A-4AAE-9E52-D9135354524C
Frame ID: C2C916671769BDAA08A77AEE7BA1536E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: A2C7068183828E9B676FB4DBEBB236C2
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 45DB78B909D500629834352205C8D3F7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
Frame ID: 61F550E073F3582BA355BCC193E0811A
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: D1B48F949A17DB08443FE16EC769CC22
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 374026BEBC028FA16FEA620003A7559E
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 06238586A1AFF497AB496CBFD8467783
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
Frame ID: BC3A66FD782E0A4FB979B757F47BD274
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=54276C58-BB3A-4AAE-9E52-D9135354524C
Frame ID: 85FE1A262833952014FD2EB7C1A4B08C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: AFF89E93FF8C95C50ECEACF640A8D1FF
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Frame ID: A5896568E9B3511749DB10A74DCE170F
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Frame ID: 7107E66FA5F00A21529BE6A77D9EA1CB
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: A62772345BCD6CE452BA8A6C811A251F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0ea93cf1-d4a5-4620-8bae-96b3f76c8cc8-tucta3ba60f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 48C4DB8330A6EEED7B5BF96802C5CFB0
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 47A2FA9A89BF843FE41D332885DA1B3B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: F39126100FA16ABD02B925C5F8495730
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E7137796C4F63B879676D64054C1F2B4
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 790084725C22C368955C0EF3A5CEE0A8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=pba&refUrl=&vid=52780934493082796916835720000V10&ovsid=54276C58-BB3A-4AAE-9E52-D9135354524C
Frame ID: BE38974139D966C8963E96916F0F30EC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
Frame ID: 6F717B1B89F424AFB920020126C3EE0A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
Frame ID: 513E6B16D2FA9098AB295C87882E92C0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84NjAwY2RlNi04MWMwLTQxMmQtYjIyOC0zMDE2ODlhYjE5NDg=&gdpr=0&gdpr_consent=
Frame ID: 0B6CD2720BD795B3DB4BFA8489EDCF3B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 153406C71275454E73549C2489247957
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=61bf4df7-00ca-4364-92e8-6295063ece25
Frame ID: 9B708A70B50A0A946F5734000CBB54C7
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: B171D1B1F5FCF8803EAD36F2B17B9915
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y0IgjMCo5tIAAEfiHJkAAAAA
Frame ID: D89876F5581B5F2BF64030A948120F21
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y0IgjKcM3bFHDtNdyblpSAAA%264697
Frame ID: 00409112EB080654F8DE77D5FD600EC2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=bL9lfsPu4pFPUGHCX1t5&pi=gumgum&tc=1
Frame ID: 8EAC97D879ED8FB8C362D84DFC366438
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 09AD7C33F21F9C6AB38273812AF5D9BC
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
Frame ID: 0C46518125B57182D153567AA588EF1A
Requests: 1 HTTP requests in this frame

Frame: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Frame ID: BD3E08EC4CF82E5A7BA2004E0CB2E5D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xczncprhyev
Frame ID: 4C4BEA2E4146047DA16C9166E3B123C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-bt8Sv24cEHivHpA_-llTP7pK0jisX9O-7qRTtaZ
Frame ID: 554A20EAA47AC9CA34D14FB81C72D888
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Frame ID: 1AF6E06A242F24A586669ED719CC6919
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4BDE73F99A6DE1AB0D8887D185F7495E
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 4A7672E95CE736AF9197C9EC5868E55D
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 6E621E0F737BD63E82F057C21F68F05E
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=54276C58-BB3A-4AAE-9E52-D9135354524C
Frame ID: 43296D368287C424929A13FC8E148467
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
Frame ID: 603BCE383632564853B6311DF1A388AA
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: C327C70E34FF5C47F2D09A69F62EE8EB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 03FA751DE80C0303B8087A1EE7B5F16B
Requests: 1 HTTP requests in this frame

Frame: https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
Frame ID: 30DFCA4612BA10AE37173D5860A157FD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=54276C58-BB3A-4AAE-9E52-D9135354524C
Frame ID: 0AC5D1D0315A11C1F60359671D76128B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

直擊/網友認證性感味 李毓芬泄雪白小肚肚 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

586
Requests

74 %
HTTPS

0 %
IPv6

113
Domains

180
Subdomains

109
IPs

9
Countries

5875 kB
Transfer

13131 kB
Size

92
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 110
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087621&bpp=5&bdt=1609&idt=683&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=1&ga_vid=1213991827.1665278088&ga_sid=1665278088&ga_hid=1575148861&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4519&biw=1600&bih=1200&isw=336&ish=280&ifk=3931429196&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44773614%2C44773746%2C21066431%2C21065725&oid=2&pvsid=2488395460926590&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.m1m2ipklrrkk&btvi=1&fsb=1&dtd=699 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1&C=1
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0IgjA3FVQgNYOglXcA.SwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1&google_hm=2
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIF8FocUVbHpE5-GzEQnukk&google_cver=1
Request Chain 232
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MzEwMjcxNzQ3NzcwODcwMg%3D%3D
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECy3yDva6rerJkX6xOM1o1U&google_cver=1
Request Chain 234
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJiOGFmNzAtMGUwYi0yMGE2LWYxYWQtMzE3ZWQ1MTQ1N2I1
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGfJuSc5n0WuvIqJQq2bB4o&google_cver=1
Request Chain 236
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YTQ5MWRmZmEtNzJjYi00NmJhLWFhZjQtN2QwZDlmNGE0ZmNl
Request Chain 238
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI9Uk3_qnToqwbKbd1q7vDg&google_cver=1&google_push=AZmPxg8bTtgVIODTj3CaRi-lvn3pBUU1TaBbSAgzwl6A8YOibcooUywntrXTgjhFIDA0fVYJYf7ipzDrZyRYcSvvWP6Btpc3tfF_koRFsQmzKEKdFBHgEiifn59JZxKopktfUEfClucr16kR HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEI9Uk3_qnToqwbKbd1q7vDg&google_cver=1&google_push=AZmPxg8bTtgVIODTj3CaRi-lvn3pBUU1TaBbSAgzwl6A8YOibcooUywntrXTgjhFIDA0fVYJYf7ipzDrZyRYcSvvWP6Btpc3tfF_koRFsQmzKEKdFBHgEiifn59JZxKopktfUEfClucr16kR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjFiZjRkZjctMDBjYS00MzY0LTkyZTgtNjI5NTA2M2VjZTI1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=61bf4df7-00ca-4364-92e8-6295063ece25
Request Chain 239
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAHBJMrCNx0Edx1LeMkRG3I&google_cver=1&google_push=AZmPxg89_6Z2B1GuOq1Ulqm5AQSob2VP203G3nzxBEuYeobH2zzxG9BuLSzY0rV21RViS2XLGtxdNL_neMWfvvXg7efqwG2_zNOD5lcj3dMTRtDednF7Mg0K-BMtXmJUYTmMDsiC0z4800JW HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAHBJMrCNx0Edx1LeMkRG3I&google_cver=1&google_push=AZmPxg89_6Z2B1GuOq1Ulqm5AQSob2VP203G3nzxBEuYeobH2zzxG9BuLSzY0rV21RViS2XLGtxdNL_neMWfvvXg7efqwG2_zNOD5lcj3dMTRtDednF7Mg0K-BMtXmJUYTmMDsiC0z4800JW&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VCdsWLs6Sq6eUtkTU1RSTA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg89_6Z2B1GuOq1Ulqm5AQSob2VP203G3nzxBEuYeobH2zzxG9BuLSzY0rV21RViS2XLGtxdNL_neMWfvvXg7efqwG2_zNOD5lcj3dMTRtDednF7Mg0K-BMtXmJUYTmMDsiC0z4800JW
Request Chain 240
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELLNxYztBz7FEoYpZrplNfw&google_cver=1&google_push=AZmPxg9K2xvIo7JFlBdr5nftha8YxjzZETUd41rMFLuXG9zu6L1aC5FsTqbFpTU0rpduWDNNk9l1cudb0fyjYin6jOQRSLYJolgRl4HqToHbDKqzP5q1t4CxlHBK4XyOaqGfnQktih1RyFZs HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg9K2xvIo7JFlBdr5nftha8YxjzZETUd41rMFLuXG9zu6L1aC5FsTqbFpTU0rpduWDNNk9l1cudb0fyjYin6jOQRSLYJolgRl4HqToHbDKqzP5q1t4CxlHBK4XyOaqGfnQktih1RyFZs&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1665278092027 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5ace695e-9478-4842-bd73-cfdd366f6994-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg9K2xvIo7JFlBdr5nftha8YxjzZETUd41rMFLuXG9zu6L1aC5FsTqbFpTU0rpduWDNNk9l1cudb0fyjYin6jOQRSLYJolgRl4HqToHbDKqzP5q1t4CxlHBK4XyOaqGfnQktih1RyFZs%26google_hm%3DBFrOaV6UeEhCvXPP3TZvaZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9K2xvIo7JFlBdr5nftha8YxjzZETUd41rMFLuXG9zu6L1aC5FsTqbFpTU0rpduWDNNk9l1cudb0fyjYin6jOQRSLYJolgRl4HqToHbDKqzP5q1t4CxlHBK4XyOaqGfnQktih1RyFZs&google_hm=BFrOaV6UeEhCvXPP3TZvaZQ
Request Chain 241
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPVi-HWeSC2_VoSIV9ub7mM&google_cver=1&google_push=AZmPxg8jfWnky4_p7OCLUul8vV_5-TvJsJis3EbodZRXHeUftVQ8Zjc-88o4GLifG8eYzrUitA0dXybXKKuEvdpJRIIqkz5V2NkIxKVPXDTrMulolLsh2qyXikrkOFVSYGP4k5XDkhLZPWRZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg8jfWnky4_p7OCLUul8vV_5-TvJsJis3EbodZRXHeUftVQ8Zjc-88o4GLifG8eYzrUitA0dXybXKKuEvdpJRIIqkz5V2NkIxKVPXDTrMulolLsh2qyXikrkOFVSYGP4k5XDkhLZPWRZ&google_hm=NzM1ODQxMzE3NjIwNDc0MTIyMw%3D%3D
Request Chain 242
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEBec2t1uXh8cYe_LyQQ7zO4&google_cver=1&google_push=AZmPxg8cKM9gAuEXbTqYVEjkFiwnzReIEoGP30b_uTEk8zdK2uMZVHjZmRoGqgRO53lIp2wMWCZJYtrs6M1JToDr6GPcjqxqK0d8pJpppn-lxZ9NxJ6ctdtm4KjqVgTllaPma8foYiXVoxQZCw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg8cKM9gAuEXbTqYVEjkFiwnzReIEoGP30b_uTEk8zdK2uMZVHjZmRoGqgRO53lIp2wMWCZJYtrs6M1JToDr6GPcjqxqK0d8pJpppn-lxZ9NxJ6ctdtm4KjqVgTllaPma8foYiXVoxQZCw&google_hm=MmQ4MWY0NzItMWIyZS0zMzQ2LWFjZTktZjQ5YWM0Y2M3ZGRk
Request Chain 243
  • https://trace.mediago.io/cs/google?google_gid=CAESEGC6JdxjQ38KROwh0MSted8&google_cver=1&google_push=AZmPxg93DejzzO3MWfb88xWIkezj4EU-RknFaoKlz7AXHlLqb1nd2kbCK4mnRN0LQEDmytt1TlDc_MgueO5ScP_pxXXs7HtXvrBEDtBWoVP2bhXFH_MaYPU0iBelo86AdiqTfAfPCAbYN7ogTQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg93DejzzO3MWfb88xWIkezj4EU-RknFaoKlz7AXHlLqb1nd2kbCK4mnRN0LQEDmytt1TlDc_MgueO5ScP_pxXXs7HtXvrBEDtBWoVP2bhXFH_MaYPU0iBelo86AdiqTfAfPCAbYN7ogTQ&google_hm=fbe06119a01574f424c5f432b14816b6
Request Chain 281
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJIeLINhPxdTL2SyYzoKluU&google_cver=1&google_push=AZmPxg-gPfTpIB1kZS6SWaah7lEJFGf56ZWeqsGBBK3vE9htkuaA1OOfU2licxUJ1-Sy1EOFkcdAweENHH3gmsGHgCL155kvLZxm_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJIeLINhPxdTL2SyYzoKluU&google_push=AZmPxg-gPfTpIB1kZS6SWaah7lEJFGf56ZWeqsGBBK3vE9htkuaA1OOfU2licxUJ1-Sy1EOFkcdAweENHH3gmsGHgCL155kvLZxm_g
Request Chain 282
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AZmPxg9VP-928lZgvXbVb20OaIzZEg3dYAWxIS25L530mWtdXFY4N4zS7vBgDTpq9unpMaLc9hhHRN9SxiNNEUciyDUapuCYFPdi&google_gid=CAESEC4mLQw5zW_t67rRMcJgVOw&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg9VP-928lZgvXbVb20OaIzZEg3dYAWxIS25L530mWtdXFY4N4zS7vBgDTpq9unpMaLc9hhHRN9SxiNNEUciyDUapuCYFPdi&google_gid=CAESEC4mLQw5zW_t67rRMcJgVOw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg9VP-928lZgvXbVb20OaIzZEg3dYAWxIS25L530mWtdXFY4N4zS7vBgDTpq9unpMaLc9hhHRN9SxiNNEUciyDUapuCYFPdi&google_hm=AemGX9a9JrPjks8ADv76KRlbRMA
Request Chain 283
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg_q6Fs451e98BU0aEbkw3y0qHAfqLzeEIVQoa6L4nfPoVRE4-KkDv6rBlCK5Q2XB8HYwjXqhjisLcpoJDm_fF5TYn1TsR2c1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=N2NkN2U2YWMtNWE1Ni00ZjEyLWIwYjctM2E0ZTNjNDIwOTZm&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg_q6Fs451e98BU0aEbkw3y0qHAfqLzeEIVQoa6L4nfPoVRE4-KkDv6rBlCK5Q2XB8HYwjXqhjisLcpoJDm_fF5TYn1TsR2c1w
Request Chain 284
  • https://a.c.appier.net/gcm?google_gid=CAESEPQSNOrA_QTWR6Rum6NCgp8&google_cver=1&google_push=AZmPxg-BZHM1fp610RSr9CTuawN1KuzQZex3v20fTYjI7213sQ10y6YhkeH3Y903RtuKFwrk8u2hcyokWYBQToWhfxck-M0DF9ffaQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TXdJQlNSaDJEamV5TVBiU2pDQkNZdw%3D%3D&google_push=AZmPxg-BZHM1fp610RSr9CTuawN1KuzQZex3v20fTYjI7213sQ10y6YhkeH3Y903RtuKFwrk8u2hcyokWYBQToWhfxck-M0DF9ffaQ
Request Chain 285
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEDnXHi5AZYE6NFwNzi3VqoA&google_cver=1&google_push=AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YFVtoMVhhaAh92ZKthU HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEDnXHi5AZYE6NFwNzi3VqoA&google_cver=1&google_push=AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YFVtoMVhhaAh92ZKthU HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3609a297-6f72-4c9d-8acd-bfe36c2a7849&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523434588417042321&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle_jp%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523434588417042321&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle_jp%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5a8d4a46-e157-4b90-9e52-74558a1cc344&ssp=google_jp&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523434588417042321&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208880804299000392524&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10523434588417042321&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YFVtoMVhhaAh92ZKthU&google_hm=Ngmil29yTJ2Kzb_jbCp4SQ==
Request Chain 286
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELLNxYztBz7FEoYpZrplNfw&google_cver=1&google_push=AZmPxg-YfpX7sjsyk4sUAASOHjm3p-80sfE84Ytya3Q2pkJ88H30VTRNhhRwmBLooghqSAmZpTex7Zr5ScD0D1pdCrDH6UtUT_hf HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-YfpX7sjsyk4sUAASOHjm3p-80sfE84Ytya3Q2pkJ88H30VTRNhhRwmBLooghqSAmZpTex7Zr5ScD0D1pdCrDH6UtUT_hf&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1665278092096 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-YfpX7sjsyk4sUAASOHjm3p-80sfE84Ytya3Q2pkJ88H30VTRNhhRwmBLooghqSAmZpTex7Zr5ScD0D1pdCrDH6UtUT_hf%26google_hm%3DBJiXZt3u3kt7o1raLfaRQEY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-YfpX7sjsyk4sUAASOHjm3p-80sfE84Ytya3Q2pkJ88H30VTRNhhRwmBLooghqSAmZpTex7Zr5ScD0D1pdCrDH6UtUT_hf&google_hm=BJiXZt3u3kt7o1raLfaRQEY
Request Chain 287
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEM2vssfwSc7tHCIQQA1jPu8&google_cver=1&google_push=AZmPxg-WSf2V7Av2u4jTCvGChrewoeNIpP2YoA0EOzDX7kYFU5_eh6WTWU3ET58u1Xceo68oYzrT3bp9M7dsE60yCo386nDLsTEpWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-WSf2V7Av2u4jTCvGChrewoeNIpP2YoA0EOzDX7kYFU5_eh6WTWU3ET58u1Xceo68oYzrT3bp9M7dsE60yCo386nDLsTEpWA&google_hm=WTBJZ2pNQ281dElBQUVmaUhKa0FBQUFB
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA4Mjc5NjkxNjgzNTcxMzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOtMkXS9Vv-6yfm8UAFoJYc&google_cver=1
Request Chain 294
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=61bf4df7-00ca-4364-92e8-6295063ece25
Request Chain 296
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHiLMS5una-lpRoawNohRMQ&google_cver=1&google_push=AZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaRTN67oIiKpaEaoQLh197AqnEFa9awtvHChgRvgTY8o2zrYKJr6Yx9Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaRTN67oIiKpaEaoQLh197AqnEFa9awtvHChgRvgTY8o2zrYKJr6Yx9Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHiLMS5una-lpRoawNohRMQ&google_cver=1&google_push=AZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaRTN67oIiKpaEaoQLh197AqnEFa9awtvHChgRvgTY8o2zrYKJr6Yx9Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaRTN67oIiKpaEaoQLh197AqnEFa9awtvHChgRvgTY8o2zrYKJr6Yx9Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 297
  • https://um.simpli.fi/gp_match?google_gid=CAESEH6rBhVXuFC3RUTjxAb8ezo&google_cver=1&google_push=AZmPxg8QuVza-yH_qtAe-x7d4EKflmOZpXPFTw3vLCnAt1KCWfZ0koVvMaDKKk1ZFfSDobBjkNVquZTpa8niSViXsI7rLwtTbh05JQewGprPgjff5RFDoAiB27MRJQloUWUZbeoLJUyl6mnCJSaP4SG1mSM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DABC430862449EE94380AE57C1C8D5C&google_push=AZmPxg8QuVza-yH_qtAe-x7d4EKflmOZpXPFTw3vLCnAt1KCWfZ0koVvMaDKKk1ZFfSDobBjkNVquZTpa8niSViXsI7rLwtTbh05JQewGprPgjff5RFDoAiB27MRJQloUWUZbeoLJUyl6mnCJSaP4SG1mSM
Request Chain 298
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AZmPxg8vjHlc8Pq6aEtF0QYBVK5AgOIYkb7u-kr5HDy2j1xPoJlon71BKIW79qLZjwQreF18BRSx9g0LG8IITPDwsX-B_jay_Zj3kdTF68vuemSg51NBjJQCMydtIGRWEmlizgrZNbP2J8YFE-ywyXyGvuk&google_gid=CAESEC4mLQw5zW_t67rRMcJgVOw&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg8vjHlc8Pq6aEtF0QYBVK5AgOIYkb7u-kr5HDy2j1xPoJlon71BKIW79qLZjwQreF18BRSx9g0LG8IITPDwsX-B_jay_Zj3kdTF68vuemSg51NBjJQCMydtIGRWEmlizgrZNbP2J8YFE-ywyXyGvuk&google_gid=CAESEC4mLQw5zW_t67rRMcJgVOw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg8vjHlc8Pq6aEtF0QYBVK5AgOIYkb7u-kr5HDy2j1xPoJlon71BKIW79qLZjwQreF18BRSx9g0LG8IITPDwsX-B_jay_Zj3kdTF68vuemSg51NBjJQCMydtIGRWEmlizgrZNbP2J8YFE-ywyXyGvuk&google_hm=ATcgfzD3m7P4ks8ADv_i_bwb78A
Request Chain 299
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg8L7K2lzp_9DGfdYF8Jcyj0_eOBhGLZ-GG6NXoIUgZmOgJESh09YLwROquEbWC4zBJ9sZTOkdFRwjblpQ3mGBYbjmdydk2ZoGiojSnEYZiRq7yXkdBTN_vQxM4pvaG3dZ55I_vJVCtUc_9_-wlb7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NzJlYWIzNjQtOTFkNi00ZGUzLTgzODAtZDdiZDk4YzEwZDZh&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg8L7K2lzp_9DGfdYF8Jcyj0_eOBhGLZ-GG6NXoIUgZmOgJESh09YLwROquEbWC4zBJ9sZTOkdFRwjblpQ3mGBYbjmdydk2ZoGiojSnEYZiRq7yXkdBTN_vQxM4pvaG3dZ55I_vJVCtUc_9_-wlb7Q
Request Chain 300
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECHpz9l65VSuQZgJF6EFTWw&google_cver=1&google_push=AZmPxg83up50c2rQZ4nICatHjU3dvCU6-Fr9-TGCmxAQo1-0vamtaBU0DcszitkB0whQm_bOAbj3Syuezit3Lr-6N28LZo6pYN_8q0eIXDA256FS0s-zlWUkgxs3d4DqmhN5HRA6TbmK7-jpCA6TZQp7U74 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECHpz9l65VSuQZgJF6EFTWw&google_push=AZmPxg83up50c2rQZ4nICatHjU3dvCU6-Fr9-TGCmxAQo1-0vamtaBU0DcszitkB0whQm_bOAbj3Syuezit3Lr-6N28LZo6pYN_8q0eIXDA256FS0s-zlWUkgxs3d4DqmhN5HRA6TbmK7-jpCA6TZQp7U74&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg83up50c2rQZ4nICatHjU3dvCU6-Fr9-TGCmxAQo1-0vamtaBU0DcszitkB0whQm_bOAbj3Syuezit3Lr-6N28LZo6pYN_8q0eIXDA256FS0s-zlWUkgxs3d4DqmhN5HRA6TbmK7-jpCA6TZQp7U74&google_hm=ZmxSY0E2TkFUUGtNTXBIOFVDbV8=
Request Chain 301
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESECqzhdh4rBcebvdH0CYFAXc&google_cver=1&google_push=AZmPxg9GZdcvuC5YSMT2z2XplosJJFeVZyC--OPlsuMj_oWZgQ91QPjlGE19ygoPXwuCRi4a_Hwiwqr2MDFjKOEM2Cs0fwMT4HaeHpp2XYWf88TkADgvW_j2ifFfns8AGJedJXnRTx-a0twZv0KAUCBHQw HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AZmPxg9GZdcvuC5YSMT2z2XplosJJFeVZyC--OPlsuMj_oWZgQ91QPjlGE19ygoPXwuCRi4a_Hwiwqr2MDFjKOEM2Cs0fwMT4HaeHpp2XYWf88TkADgvW_j2ifFfns8AGJedJXnRTx-a0twZv0KAUCBHQw
Request Chain 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDR88Ni3edK0gKzOLNWP25E&google_cver=1&google_push=AZmPxg8sd5C1_hBnTWYr-EV4J0B3GqcXg3zHXE6ZNAvaKXVufbL6gHgSjo5X0tHFKTaBYRiW6vwAwo7plgWbHZfbcpDGoamNTrcRVbUJNPZHbWwxA32Q18-5QDnJo3QLgI1SSRlY6QBHSJqZOv1bojqbuCs HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDR88Ni3edK0gKzOLNWP25E&google_cver=1&google_push=AZmPxg8sd5C1_hBnTWYr-EV4J0B3GqcXg3zHXE6ZNAvaKXVufbL6gHgSjo5X0tHFKTaBYRiW6vwAwo7plgWbHZfbcpDGoamNTrcRVbUJNPZHbWwxA32Q18-5QDnJo3QLgI1SSRlY6QBHSJqZOv1bojqbuCs&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CbVAxc0xwRTJ1RWRBdS5iYk5vZ3hkLkxGNTNLN1MzMH5B&google_push=AZmPxg8sd5C1_hBnTWYr-EV4J0B3GqcXg3zHXE6ZNAvaKXVufbL6gHgSjo5X0tHFKTaBYRiW6vwAwo7plgWbHZfbcpDGoamNTrcRVbUJNPZHbWwxA32Q18-5QDnJo3QLgI1SSRlY6QBHSJqZOv1bojqbuCs
Request Chain 305
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKIj1WBRHNLR0UDndwb3tW8&google_cver=1&google_push=AZmPxg_LuQxrUHsLA7h5WLOT5GrJAQ5vcVKBfnbd2lxTSt4K3HyiMrDiPUSvKXm4Ki4u24s6RZfdiUuwjsbeG_vj9Mdqu_Lpp_xKbTq15xajL6_93Ui_KJ9mXhWwFdFWKHNW9B-oFO5qFu8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzgwNTI2NzE0OTQ1MjY2MDM5Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKIj1WBRHNLR0UDndwb3tW8&google_cver=1
Request Chain 306
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI9Uk3_qnToqwbKbd1q7vDg&google_cver=1&google_push=AZmPxg_u2TMEkSF-tz5njKm36mnz1TU56NJuzdKdW_VsdOVHwBHb8q5A8Ik2z3Tb6CWUIorGz-bWujD-MTi9Ni1tRhP6Nqs3mgYnmEu4IQQBUf1WvxvNRj94KT1g1DZGpc4pvfjzg5dnt1kw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjFiZjRkZjctMDBjYS00MzY0LTkyZTgtNjI5NTA2M2VjZTI1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=61bf4df7-00ca-4364-92e8-6295063ece25
Request Chain 307
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg-WzTYRycTyxmLWyWnYuBMdxZdALOZiaJ7ie40TzYFf5Zk1PS7rPwDCN2Mvpd03AbDsClP9ctzB-vzAO0PCaYLwYXX4qx0aUa2gcSfh7Y-x9LKcqogfQeuAyFQphlNKUcPSh6Mab0UA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZTU2MzMwN2ItNWE1OC00Njc5LWFkNTQtODcwMjExY2JiODg5&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg-WzTYRycTyxmLWyWnYuBMdxZdALOZiaJ7ie40TzYFf5Zk1PS7rPwDCN2Mvpd03AbDsClP9ctzB-vzAO0PCaYLwYXX4qx0aUa2gcSfh7Y-x9LKcqogfQeuAyFQphlNKUcPSh6Mab0UA
Request Chain 308
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEH6tZgG4D77y425wwFk7Myo&c_param1=AZmPxg9Vf47yNDWZaFiXJ_MzGvfnDBR0DgCNr_kRi-PwlNZUuYfZgQv2z7xjNwtzAuHkC1WBKmcU_fgc0X6RpTzxY5SgjlWneEQYrx9GrVcXwYdAisPyzaOMxOs5eleHCrasg43J_eO6L4og&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg9Vf47yNDWZaFiXJ_MzGvfnDBR0DgCNr_kRi-PwlNZUuYfZgQv2z7xjNwtzAuHkC1WBKmcU_fgc0X6RpTzxY5SgjlWneEQYrx9GrVcXwYdAisPyzaOMxOs5eleHCrasg43J_eO6L4og
Request Chain 309
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESENXBDRkTjATqJsE-2cFg_4U&google_cver=1&google_push=AZmPxg-JB1BAbTq3LfWdKobmcD7JYePuZi5J5BrwoA5FvDoq2hFpu-scb3zJwpBYmbNP7g5hv6rVMU6bqK3hZnVM-M6wsmRj4jrzZ-DXJVHQ4h-DNpJ5EDFmkWSfKUDPxmzuQ_Z8c6ZD1M8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-JB1BAbTq3LfWdKobmcD7JYePuZi5J5BrwoA5FvDoq2hFpu-scb3zJwpBYmbNP7g5hv6rVMU6bqK3hZnVM-M6wsmRj4jrzZ-DXJVHQ4h-DNpJ5EDFmkWSfKUDPxmzuQ_Z8c6ZD1M8
Request Chain 310
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBKq6ey08bqFNqP4ei0cuqg&google_cver=1&google_push=AZmPxg9x1DqvjE-BbYvXl-mqht_EY3mWx0NPSz8lKrbh_vyXcGiU5ZMWB9QIj6baM7xh3IBlelxttrPN4CSkxMwRrH6hofiqzVBTR8hjxLZ3wmV-sUXOfOHwwyK42JZUOuDiiL7Viz6cIgDlOQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg9x1DqvjE-BbYvXl-mqht_EY3mWx0NPSz8lKrbh_vyXcGiU5ZMWB9QIj6baM7xh3IBlelxttrPN4CSkxMwRrH6hofiqzVBTR8hjxLZ3wmV-sUXOfOHwwyK42JZUOuDiiL7Viz6cIgDlOQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 311
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFqgB749pnPGDFJz-u1Yea0&google_cver=1&google_push=AZmPxg91r4-EaMq5uSHiOYM0w1YvK1WhP7UcVaTEkmywSah5HzQCeI3qP8yUQ53JPODyXp9AZ3Vfoc3q6F_a1AEVkdjhQJm9rCCRWTkgWCsOKAlwm0lfdRMmKBrtTror-jX707tqekOyREiNvQ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFqgB749pnPGDFJz-u1Yea0&google_push=AZmPxg91r4-EaMq5uSHiOYM0w1YvK1WhP7UcVaTEkmywSah5HzQCeI3qP8yUQ53JPODyXp9AZ3Vfoc3q6F_a1AEVkdjhQJm9rCCRWTkgWCsOKAlwm0lfdRMmKBrtTror-jX707tqekOyREiNvQ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg91r4-EaMq5uSHiOYM0w1YvK1WhP7UcVaTEkmywSah5HzQCeI3qP8yUQ53JPODyXp9AZ3Vfoc3q6F_a1AEVkdjhQJm9rCCRWTkgWCsOKAlwm0lfdRMmKBrtTror-jX707tqekOyREiNvQ&google_hm=QmRuWV9EcTlSVzY1WDhSWkdKZGw= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 343
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 352
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 353
  • https://match.adsrvr.org/track/cmf/openx?oxid=f7d77cba-c77c-7e02-e44d-6bc71ff699d5&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=61bf4df7-00ca-4364-92e8-6295063ece25&ttd_puid=f7d77cba-c77c-7e02-e44d-6bc71ff699d5&gdpr=0&gdpr_consent=
Request Chain 354
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0IgjMCo5tIAAEfiHJkAAAAA
Request Chain 355
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUo1LtDth_I7ks8ADv76KRlbRM8AAAGDuk8ogw
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECy3yDva6rerJkX6xOM1o1U&google_cver=1
Request Chain 365
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 366
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Drkt%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=rkt&refUrl=&vid=52780934493082796916835720000V10&ovsid=1976306189714053534
Request Chain 368
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dapx%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=apx&refUrl=&vid=52780934493082796916835720000V10&ovsid=1343102717477708702
Request Chain 369
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dopx%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=opx&refUrl=&vid=52780934493082796916835720000V10&ovsid=3ffb1525-6c7c-44e2-8702-15a9ad190b09
Request Chain 370
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dmma%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=mma&refUrl=&vid=52780934493082796916835720000V10&ovsid=8f156342-208d-4100-a5a0-a842d4f44073
Request Chain 371
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dr1%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=866930923 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dr1%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DRX-989766dd-eede-4b7b-a35a-da2df6914046-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=r1&refUrl=&vid=52780934493082796916835720000V10&ovsid=RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Request Chain 372
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Ddxu%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Ddxu%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=dxu&refUrl=&vid=52780934493082796916835720000V10&ovsid=93ZPgxDu1OHkU65
Request Chain 374
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3D3609a297-6f72-4c9d-8acd-bfe36c2a7849%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1779e28f67d24de0806c5ae81c36434a&ssp=medianet&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=0&gdpr_consent=&gdpr_pd=1
Request Chain 375
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dzem%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=BdnY_Dq9RW65X8RZGJdl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKCMRXFSX2EOE4VEVZWGVMDQUS2I5FGI3BGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2TENZYGA4TGNBUHEZTAOBSG44TMOJRGY4DGNJXGIYDAMBQKYYTAJTWONUWIPJTGA4DENZZGY4TCNRYGM2TOMRQGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKCMRXFSX2EOE4VEVZWGVMDQUS2I5FGI3BGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2TENZYGA4TGNBUHEZTAOBSG44TMOJRGY4DGNJXGIYDAMBQKYYTAJTWONUWIPJTGA4DENZZGY4TCNRYGM2TOMRQGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=BdnY_Dq9RW65X8RZGJdl&refUrl=&type=zem&vid=52780934493082796916835720000V10&vsid=3082796916835720000V10
Request Chain 376
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3082796916835720000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3082796916835720000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=57d13263-fe60-4cb4-b99e-d2c833acc733&cs=1
Request Chain 384
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=4d71389c-ff80-44ed-b386-731e2c8d9dd8&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3609a297-6f72-4c9d-8acd-bfe36c2a7849&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523434588417042321&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5a8d4a46-e157-4b90-9e52-74558a1cc344&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523434588417042321&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208960804299000392440&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10523434588417042321&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 385
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=4d71389c-ff80-44ed-b386-731e2c8d9dd8 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A&gdpr=0&gdpr_consent=
Request Chain 386
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L90NKTOH-N-8XOP&gdpr=0
Request Chain 388
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dzeta%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=zeta&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b
Request Chain 389
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=smartadserver&uid=7358413176204741223
Request Chain 390
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D4d71389c-ff80-44ed-b386-731e2c8d9dd8%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQyNzZDNTgtQkIzQS00QUFFLTlFNTItRDkxMzUzNTQ1MjRD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
Request Chain 391
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=index_rtb&uid=Y0IgjKcM3bFHDtNdyblpSAAA%264697
Request Chain 392
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=sovrn&uid=FcxKCLZHaGenyQAMR4yF8F1M
Request Chain 393
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=appnexus&uid=1343102717477708702
Request Chain 399
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=61bf4df7-00ca-4364-92e8-6295063ece25&dongle=0cfd
Request Chain 400
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTMwNTkyMDM4NTI1MjkwNjQyNzM3 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGnSUzBMggFVh1G-V6zgnVA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 402
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTMwNTkyMDM4NTI1MjkwNjQyNzM3
Request Chain 403
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=930592038525290642737&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=930592038525290642737&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a469fe10-b7ab-4bd9-b808-f3d5ac877380&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a469fe10-b7ab-4bd9-b808-f3d5ac877380&_noobservation=1&_expected_cookie=3021b2ee3b1de37070d97a8feb69d61a
Request Chain 404
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=930592038525290642737&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3609a297-6f72-4c9d-8acd-bfe36c2a7849&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523434588417042321&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5a8d4a46-e157-4b90-9e52-74558a1cc344&ssp=triplelift&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523434588417042321&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208880804299000392525&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10523434588417042321&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3609a297-6f72-4c9d-8acd-bfe36c2a7849&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 405
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/930592038525290642737?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Y9bOfPpE2oTRoj1lu8YAOvG7J_H05CP8yWOtTlQIDw--~A&dongle=0883
Request Chain 406
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=930592038525290642737 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=930592038525290642737&dcc=t
Request Chain 408
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=BdnY_Dq9RW65X8RZGJdl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IJSG4WK7IRYTSUSXGY2VQOCSLJDUUZDM&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IJSG4WK7IRYTSUSXGY2VQOCSLJDUUZDM HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=BdnY_Dq9RW65X8RZGJdl
Request Chain 443
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI5NTE1NzE4YjEzNjFiOWY4NTk5OGQxZjMxZjFjM2ZkMDk4M2JiNw
Request Chain 444
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mGIbRGr7YjL6Yh01MET5CQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8520224266981524057
Request Chain 445
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwTktUT0gtTi04WE9Q
Request Chain 446
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XuVilFeNQLis3DvRl20hBw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuVilFeNQLis3DvRl20hBw
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC3dKAsn7YCMLWgYL0T9fRk&google_cver=1
Request Chain 448
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=61bf4df7-00ca-4364-92e8-6295063ece25&gdpr=0&gdpr_consent=&expires=30
Request Chain 449
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L90NKTOH-N-8XOP
Request Chain 450
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wjBIUCM7RSegqJDs3Lrchw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wjBIUCM7RSegqJDs3Lrchw
Request Chain 458
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 459
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L90NKTOH-N-8XOP&gdpr=0&us_privacy=1YN-
Request Chain 460
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1343102717477708702
Request Chain 461
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FcxKCRZH8mHGmWr-T0Gs8Bxb
Request Chain 462
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FcxKCLZH-qoiaaLfQuWhuQr_
Request Chain 463
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=7a1a5a8d-f50c-44ee-b2a2-e02ccc94c3e4
Request Chain 464
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-989766dd-eede-4b7b-a35a-da2df6914046-004&rndcb=254106960 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849&google_hm=MzYwOWEyOTctNmY3Mi00YzlkLThhY2QtYmZlMzZjMmE3ODQ5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGI7-2VsbuYmFzLuDJ39czo&google_cver=1&ssp=adconductor&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/3609a297-6f72-4c9d-8acd-bfe36c2a7849?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-989766dd-eede-4b7b-a35a-da2df6914046-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Request Chain 465
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1917759394340541177
Request Chain 467
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F84%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 468
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A
Request Chain 469
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iNzRlYWI1OS0xMWQ1LTNhMTktOGExMS1lNDMwMjI4NjYxNmIqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtYjc0ZWFiNTktMTFkNS0zYTE5LThhMTEtZTQzMDIyODY2MTZiMgEGOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4277%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTnpSbFlXSTFPUzB4TVdRMUxUTmhNVGt0T0dFeE1TMWxORE13TWpJNE5qWXhObUlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqYzBaV0ZpTlRrdE1URmtOUzB6WVRFNUxUaGhNVEV0WlRRek1ESXlPRFkyTVRaaU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/4277?gdpr=0&gdpr_consent=&us_privacy=&A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=zeta&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTnpSbFlXSTFPUzB4TVdRMUxUTmhNVGt0T0dFeE1TMWxORE13TWpJNE5qWXhObUlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqYzBaV0ZpTlRrdE1URmtOUzB6WVRFNUxUaGhNVEV0WlRRek1ESXlPRFkyTVRaaU1nRUdPQUU9JmJ1eWVydWlkPQ%3D%3D&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4277%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTnpSbFlXSTFPUzB4TVdRMUxUTmhNVGt0T0dFeE1TMWxORE13TWpJNE5qWXhObUlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqYzBaV0ZpTlRrdE1URmtOUzB6WVRFNUxUaGhNVEV0WlRRek1ESXlPRFkyTVRaaU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A
Request Chain 471
  • https://c1.adform.net/serving/cookie/match?party=14&cid=54276C58-BB3A-4AAE-9E52-D9135354524C HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54276C58-BB3A-4AAE-9E52-D9135354524C
Request Chain 472
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 473
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 474
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xczncprhyev HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
Request Chain 475
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-bt8Sv24cEHivHpA_-llTP7pK0jisX9O-7qRTtaZ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 478
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=MwIBSRh2DjeyMPbSjCBCYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
Request Chain 480
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1df23e6c7b524d81850fefcb61cc1378 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 481
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-989766dd-eede-4b7b-a35a-da2df6914046-004&rndcb=5655066866 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf3e0ba8-0d85-4fca-a6b8-ef63adc3fda4&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/3609a297-6f72-4c9d-8acd-bfe36c2a7849?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Request Chain 482
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c8c06d9a-476f-11ed-a08b-616fe903e0c0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dpubmatic%26uid%3D54276C58-BB3A-4AAE-9E52-D9135354524C HTTP 302
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Request Chain 483
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:93ZPgxDu1OHkU65&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 484
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0ea93cf1-d4a5-4620-8bae-96b3f76c8cc8-tucta3ba60f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 490
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VCdsWLs6Sq6eUtkTU1RSTA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 491
  • https://idsync.rlcdn.com/420486.gif?partner_uid=54276C58-BB3A-4AAE-9E52-D9135354524C HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDU0Mjc2QzU4LUJCM0EtNEFBRS05RTUyLUQ5MTM1MzU0NTI0QxAAGg0IjsGImgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=4a4e0fb8e48ff456efce85280e4748a53c71907ff7467613828de74a70d16a4b791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0YTRlMGZiOGU0OGZmNDU2ZWZjZTg1MjgwZTQ3NDhhNTNjNzE5MDdmZjc0Njc2MTM4MjhkZTc0YTcwZDE2YTRiNzkxNDI2YjU0MTdkY2UyMRAAGgwIj8GImgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0YTRlMGZiOGU0OGZmNDU2ZWZjZTg1MjgwZTQ3NDhhNTNjNzE5MDdmZjc0Njc2MTM4MjhkZTc0YTcwZDE2YTRiNzkxNDI2YjU0MTdkY2UyMRAAGgwIj8GImgYSBAgCEABCAEoA&google_gid=CAESEKH1bH-TM4rVDqrSbpj66Bo&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0a4da27a-4af5-44da-9662-8fe4e1cfd541
Request Chain 492
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8f156342-208d-4100-a5a0-a842d4f44073
Request Chain 493
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQyNzZDNTgtQkIzQS00QUFFLTlFNTItRDkxMzUzNTQ1MjRD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 494
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 495
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 497
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
Request Chain 498
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1343102717477708702&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 499
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1928316975489506355
Request Chain 500
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54276C58-BB3A-4AAE-9E52-D9135354524C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zax8gLhE2uVCzBAw_vob6C5S143s9zU-~A&gdpr=0&gdpr_consent=
Request Chain 501
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1343102717477708702 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dpubmatic%26uid%3D54276C58-BB3A-4AAE-9E52-D9135354524C HTTP 302
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Request Chain 502
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=bcd302ae-effe-42f0-a8a8-b5e0b1c269e9&expires=1&user_group=5&ssp=pubmatic&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 503
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 504
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1d8f49a994b62281&is_secure=true&networkId=17100&version=1&nuid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrsCTImINogNHVpghAAAAAAA&expiration=1665364495&nuid=54276C58-BB3A-4AAE-9E52-D9135354524C&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dpubmatic%26uid%3D54276C58-BB3A-4AAE-9E52-D9135354524C HTTP 302
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Request Chain 509
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=083b220407cbcd8237011994&gdpr=0&gdpr_consent=
Request Chain 510
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=tDBZdz1IvgYZ&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 511
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
Request Chain 514
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=61bf4df7-00ca-4364-92e8-6295063ece25&expiration=1667870095&gdpr=0&gdpr_consent=
Request Chain 516
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0bwkZmT4_luGLOaxV6qGQ&google_cver=1
Request Chain 518
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0IgjAAAa1-P0gA1
Request Chain 519
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=205e3121-1f76-1d0a-5af422cf
Request Chain 520
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3805267149452660393
Request Chain 521
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1343102717477708702
Request Chain 523
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0bwkZmT4_luGLOaxV6qGQ&google_cver=1
Request Chain 525
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=61bf4df7-00ca-4364-92e8-6295063ece25&expiration=1667870095&gdpr=0&gdpr_consent=
Request Chain 526
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1343102717477708702
Request Chain 527
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=93ZPgxDu1OHkU65
Request Chain 528
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y0IgjKcM3bFHDtNdyblpSAAA%264697?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y0IgjKcM3bFHDtNdyblpSAAA%264697
Request Chain 529
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARIWk7GhEEAAB8RM2XXHg&expiration=1666487696
Request Chain 532
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L90NKTOH-N-8XOP HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L90NKTOH-N-8XOP
Request Chain 533
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1343102717477708702
Request Chain 534
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_8600cde6-81c0-412d-b228-301689ab1948&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=3609a297-6f72-4c9d-8acd-bfe36c2a7849 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=3609a297-6f72-4c9d-8acd-bfe36c2a7849 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=372e2dbd-78e0-42ea-acaf-8d86b1f6df6f&user_group=1&ssp=gumgum2&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=3609a297-6f72-4c9d-8acd-bfe36c2a7849
Request Chain 535
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Rx4loN-v4jSmA9osOtOf6H0jdlcNAC4HGAk8G7FK4Mf7QazAb9qvGh5H5kbMlQ-q%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Rx4loN-v4jSmA9osOtOf6H0jdlcNAC4HGAk8G7FK4Mf7QazAb9qvGh5H5kbMlQ-q%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_8600cde6-81c0-412d-b228-301689ab1948&obuid=ENC(Rx4loN-v4jSmA9osOtOf6H0jdlcNAC4HGAk8G7FK4Mf7QazAb9qvGh5H5kbMlQ-q) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DRx4loN-v4jSmA9osOtOf6H0jdlcNAC4HGAk8G7FK4Mf7QazAb9qvGh5H5kbMlQ-q%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A
Request Chain 536
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=00ead8ca-ef69-4654-8336-7b2ad7a69893
Request Chain 537
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-885ff046-8a38-45ee-783f-ba778214cb78$ip$173.245.209.165
Request Chain 538
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-b0pccehE2pclmwU5RZim_DWrcSrQg.KXib6m~A
Request Chain 539
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=58000345-0cbd-4e2d-acdf-520650a2d443
Request Chain 542
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_8600cde6-81c0-412d-b228-301689ab1948&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=BdnY_Dq9RW65X8RZGJdl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QTENZMV6RDRHFJFONRVLA4FEWSHJJSGYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QTENZMV6RDRHFJFONRVLA4FEWSHJJSGYJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=BdnY_Dq9RW65X8RZGJdl&us_privacy=1---
Request Chain 543
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=04682d8a-a75b-4555-96b0-25c082965be4
Request Chain 544
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-989766dd-eede-4b7b-a35a-da2df6914046-004&rndcb=7394478993 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6285434939126273341&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/3609a297-6f72-4c9d-8acd-bfe36c2a7849?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Request Chain 545
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=I23buj3sz7OE&ev=1&pid=558355
Request Chain 546
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7358413176204741223
Request Chain 548
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
Request Chain 549
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
Request Chain 552
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=61bf4df7-00ca-4364-92e8-6295063ece25
Request Chain 554
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y0IgjMCo5tIAAEfiHJkAAAAA
Request Chain 555
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y0IgjKcM3bFHDtNdyblpSAAA%264697
Request Chain 556
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=bL9lfsPu4pFPUGHCX1t5&pi=gumgum&tc=1
Request Chain 557
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 559
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L90NKTOH-N-8XOP HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L90NKTOH-N-8XOP
Request Chain 562
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L90NKTOH-N-8XOP HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L90NKTOH-N-8XOP
Request Chain 567
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
Request Chain 568
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Request Chain 569
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xczncprhyev
Request Chain 570
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-bt8Sv24cEHivHpA_-llTP7pK0jisX9O-7qRTtaZ
Request Chain 571
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1343102717477708702&gdpr=0&gdpr_consent=
Request Chain 572
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6285434939126273341
Request Chain 575
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent=&ct=y
Request Chain 576
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=54276C58-BB3A-4AAE-9E52-D9135354524C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5a8d4a46-e157-4b90-9e52-74558a1cc344%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=61bf4df7-00ca-4364-92e8-6295063ece25&ttd_puid=5a8d4a46-e157-4b90-9e52-74558a1cc344%2C
Request Chain 577
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54276C58-BB3A-4AAE-9E52-D9135354524C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zax8gLhE2uVCzBAw_vob6C5S143s9zU-~A&gdpr=0&gdpr_consent=
Request Chain 578
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1343102717477708702
Request Chain 579
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf3e0ba8-0d85-4fca-a6b8-ef63adc3fda4&ssp=pubmatic

586 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
www.bg3.co/a/ 		50 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0c6092323e1e22bed8edeba5bb648764a563b0ca81855589a0f19713e0c3bda1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 09 Oct 2022 01:14:44 GMT
ETag
"c7f9-i2Wbw9Uc3lLUnX5Dbg0HVGOp7qo"
Expires
Sun, 09 Oct 2022 02:14:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 09 Oct 2022 01:14:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72501
x-xss-protection
0
server
sffe
etag
"b0a9bc3cc165f0cd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Oct 2022 01:14:45 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
1ece948d98c5e739c54ec068ea618b60e9649127a30091b85ad155b63ce934e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 09 Oct 2022 01:14:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"b2cba6000b3c8a65"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Oct 2022 01:14:45 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 09 Oct 2022 01:14:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7571
x-xss-protection
0
server
sffe
etag
"87d590c66fd5781f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Oct 2022 01:14:45 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 09 Oct 2022 01:14:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31967
x-xss-protection
0
server
sffe
etag
"dfda97fe2a1b5ffc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Oct 2022 01:14:45 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6192
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duAiRRK3WcT1mi32axYleqVSxOPx1ICPwX3tBgOgBRKDokgvHiweH55w4715Yjmg9Q5p0aPxTmBfw7Ngq58H7Yj3Hxea65OFRSG1Jw34SsGt2Nt%2F7rdyBvNrliT90PSMCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
757342e50e17aacf-SYD

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 01:14:45 GMT
content-encoding
br
last-modified
Sat, 08 Oct 2022 06:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=100
x-cf-geodata
AU
content-length
9571
expires
Sun, 09 Oct 2022 02:14:45 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 01:14:45 GMT
content-encoding
br
last-modified
Wed, 05 Oct 2022 09:36:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
x-cf-geodata
AU
content-length
105274
expires
Sun, 09 Oct 2022 02:14:45 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1665278086.dop062.la3.t,1665278086.cds210.la3.hn,1665278086.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
be765c087d963cade7c045b193f0f35a.jpg
static.bg3.co/imgs/202105/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/be765c087d963cade7c045b193f0f35a.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
955c46641de76d88ba7b3813aae1e5be4bcee524431bcef35afccc0881465959

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 06:15:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"BE765C087D963CADE7C045B193F0F35A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KBbl%2Fzll41iQL2M7%2FHVntEn4AzR7VALOdiMEbR8VOiexF%2F8lB8FRx0zVfXNPKxNmQcdZsjUDQGSmMRxhTfLtgT3vQlXQbu9%2BQI1EbLAhN9cJM9Ixa4iOIrNaMoH16U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e739105557-SYD
content-length
48570
expires
Sun, 16 Oct 2022 01:14:46 GMT
d7e386ac28a0201f1092c5d84fb33995.jpg
static.bg3.co/imgs/202105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d7e386ac28a0201f1092c5d84fb33995.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9132c555df9d85c2732a2ca05200138b1e699ce529f654fbf599cb0cd9cd9ab6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 06:15:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D7E386AC28A0201F1092C5D84FB33995"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7r5PLroATHBZEFYK12Gp8QCazVYWwvywh%2Fr7x%2F27SYegBVKHc5MhGDcIdTiu5asQyz9IBsOVIQGPYrvDPQJ2NoCRQvnQTcXP129AANnx2JV4upEr6RqcaZBVv7ufD8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e739115557-SYD
content-length
10808
expires
Sun, 16 Oct 2022 01:14:46 GMT
afccb6e9302e929f321734def9dd713a.jpg
static.bg3.co/imgs/202105/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/afccb6e9302e929f321734def9dd713a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df67f608a9eade0786e14d9561b6977247cd9337fba3a13f030e8dbbef33f99

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 05:58:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"AFCCB6E9302E929F321734DEF9DD713A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvPwvQZsolBgcdlcBA8nxOUBwyBfESTInnKlw34gouHcc2fo7RTTLGN15mnrSfWGJ%2F9VPDBJVx73wcT%2BonsNfPkty6l6XM5BXjs4eKMevJMpe5Ooq9mZFNPLMbf6hUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e7390f5557-SYD
content-length
12972
expires
Sun, 16 Oct 2022 01:14:46 GMT
d0e62951517f520767571a0500d0714a.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d0e62951517f520767571a0500d0714a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e45925128fdbb4a2dfa8c98bcd41c4b74bb54857116418c0812acb736eb79c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 18:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D0E62951517F520767571A0500D0714A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RR11kK0kYmkgCJUY68tz%2BbKcJSs6AmUKfrap4lLuODfeuo5FAuofVh19zDLkyUOE9iZwaLOCbeiPJhNWwlVEDCfDRWT57bfrCUri5hrlYAAw%2BVvI936DElfLFYsFHK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e698ad5557-SYD
content-length
5892
expires
Sun, 16 Oct 2022 01:14:46 GMT
9eb27da643b4b3ee3b31953b3e16c137.jpg
static.bg3.co/imgs/202105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9eb27da643b4b3ee3b31953b3e16c137.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c06d340742b40998baf873920a9320858d40f90427d2d13fd6e742e3c6cf9ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 04:31:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9EB27DA643B4B3EE3B31953B3E16C137"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhXijG7mRto0bL%2BQcU4ocnSG6ysyy3elVxZeZ%2FKyciwJFrt0iE1Qqs2e3KEhdViDzDuy7Y5xn2lq9tE3Vhgy%2BRB%2F3FwHt5wk%2BqiWMTJaVfSv8rST7C9A0GQiuXQEwq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e698ac5557-SYD
content-length
10806
expires
Sun, 16 Oct 2022 01:14:46 GMT
292bac82fd359d2b05c3e47edc127199.jpg
static.bg3.co/imgs/202105/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/292bac82fd359d2b05c3e47edc127199.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bf9bbfbd535de2ff829f7a68d09ffaebb4a55b798be5dbacad43f97f10bd82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 04:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"292BAC82FD359D2B05C3E47EDC127199"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVVyPBW04Qt5IdzJaOjZmtfRZsxk5PoXjS%2F0VuBjZ6RmqOV4GOlOTTg4TdM3S3cF0Ewzxc0VuUmChtOSEoPmEKLMecT1Hlxn35lkINIyXBd70Ot1r6AHvIyLvBST6EA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e698af5557-SYD
content-length
11807
expires
Sun, 16 Oct 2022 01:14:46 GMT
fa095f02c47ecc7707813a95f305b7cf.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/fa095f02c47ecc7707813a95f305b7cf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7da10485b76ec5c1b19e22e31c3143e01d7c99ee9c932fa21ef8e050ee64f25

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 02:31:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"FA095F02C47ECC7707813A95F305B7CF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eDqwgntwzi0NajsXoD83kmBtMvDQYJCKSxXH7RXd6gmDT38Fy4CWIljv93iHtoI8%2B1m2%2B%2BfP5sJ%2ByDCaXr1Wu5Z53ZQ7qAzMUqGpmk48D0gwnktGZB5QBlWaEF%2FVWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e698a95557-SYD
content-length
7452
expires
Sun, 16 Oct 2022 01:14:46 GMT
a92c3126163d3b8c08464ae0ffe8e766.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a92c3126163d3b8c08464ae0ffe8e766.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ddf1e6f545202ed578b181eb2a303228c68c48a0a7821b8654104e156eea684

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 03:59:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"A92C3126163D3B8C08464AE0FFE8E766"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PK0hjELwUEOQEakaPQZjqwBMb%2FXLGPmaalKjnWjd8YVtEWsUOALsWQmW5wR5VYlC38wOmv0rw9iP22TckBQ7kq3p%2Brn%2Bn5ni96rr%2FEMbZr8Se6CPHb1HAE5WUKLwuj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e698a85557-SYD
content-length
4581
expires
Sun, 16 Oct 2022 01:14:46 GMT
1c66c2295c131b38dff9f8b75003a20d.jpg
static.bg3.co/imgs/202105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1c66c2295c131b38dff9f8b75003a20d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d929d609949cc7337b7c2f399fb6d7fc6da48708be063dd3235a1852ed3faf7d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 11:06:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1C66C2295C131B38DFF9F8B75003A20D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYNMxGYgE9sGMgjLnW89lWtW0jGvG0BXRNUn4o34BOqJgC1gfwN90FjbFlW%2BeDg6LYZxANT3pMIz2qaZLiNu9IYhRkocARjsGl9LvHWqOXv8HaZISwOzOG%2BRvKfzhFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e698a45557-SYD
content-length
10857
expires
Sun, 16 Oct 2022 01:14:46 GMT
0b6d70bcb51418f6868daa417c3690a5.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0b6d70bcb51418f6868daa417c3690a5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838babf0a4b44e9f1946e19b5fa0581ea145217014fe1f64ca008f22fcc0ac98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 18:12:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0B6D70BCB51418F6868DAA417C3690A5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fp1CnP8lkZ%2BeZXMaVaTlPEjnw4mYFVtdHH8axhF%2BNNEMfYgIF7xGsf%2BSEaAuvTv%2Bs5m0qrQuscyDewZyAOa3bECZYXOPQ61tKof%2BHAziDbcgs57zux%2B62LU50k6vw1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e698a65557-SYD
content-length
7447
expires
Sun, 16 Oct 2022 01:14:46 GMT
996f87c91da61f72947b99b3c06cbde9.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/996f87c91da61f72947b99b3c06cbde9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505145cf8b28313bc7315667376b3cd57869d1470b83e6c9f78d851a11f7f7f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 09:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"996F87C91DA61F72947B99B3C06CBDE9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLBdrnV8bR3O1yCwe0Z8W%2B6WcMVzTbTp9%2BDZV%2BrD3XGQ4%2F%2BGydVnCHY8hxxFTGWbshNTEkf8zzkVmpXVgXaPygdT3cMqvZP41%2FpaAin7%2B8H%2BJ9afom4WMzpwK68Ttb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e698aa5557-SYD
content-length
8283
expires
Sun, 16 Oct 2022 01:14:46 GMT
f3037cdd5dce20ce212b1e6184005560.jpg
static.bg3.co/imgs/202105/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f3037cdd5dce20ce212b1e6184005560.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee01b6e0700179857d69a2441dfda9544f8b066a461e0b6930bc897593166e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 12:02:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F3037CDD5DCE20CE212B1E6184005560"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZqAFarJanBV27xQa0naoK2rxjkJnmbERUg83NcjIGeVwXpOZriAnevSTbUG6SMzaNwcL%2BWo4HQxHgqGVQaz2zOjBeFN8LilNpL1Uc1MS5cobGqACsOAvyhZKWuN52Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a035557-SYD
content-length
51107
expires
Sun, 16 Oct 2022 01:14:46 GMT
7cc067bb12c1b08b823bd0365430937d.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7cc067bb12c1b08b823bd0365430937d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd8dbc5304e5c37207063ee8bab8aa5233c1aea7a4e4840e08a2067b236c976

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 13:15:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7CC067BB12C1B08B823BD0365430937D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8za4IU%2BgGAMFAaP%2BTAQvv%2FeOjUENzYqrTP7TChGw9Ye8e5aIVgPa8M15FbGCaetwa5utOu6%2FTGc45emnymhG%2BoKQOtafgJ66ooUqippF3XhamuRxJ8jpqeFD89Zw%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a065557-SYD
content-length
8189
expires
Sun, 16 Oct 2022 01:14:46 GMT
eda14450da29ca386488ddfc1bef6498.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/eda14450da29ca386488ddfc1bef6498.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ebef14123ec8a553c9ef5e9632273d5543c08990f3ef6e2ce7fc7e227bf862

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 01:12:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"EDA14450DA29CA386488DDFC1BEF6498"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qk1hTk5ByhJ%2BrTame7Q5w2zcfo1X9AVYj08SJCe2arbaGSGQPaArt06GBbzSHudMKogNU5gvQIevbHPAv8LXQns%2FGBa53NAbS1wofxkbQMKsUMDr%2F4UR7XNnZAtZMsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a075557-SYD
content-length
7049
expires
Sun, 16 Oct 2022 01:14:46 GMT
5d4f56ac88233a9bb94620477f5cadcf.jpg
static.bg3.co/imgs/202105/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5d4f56ac88233a9bb94620477f5cadcf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbf190ea3722c9ed9b3734cba80a76339d01df5785a6dc70982f6be9baf3d94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 21:04:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5D4F56AC88233A9BB94620477F5CADCF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzpvElDOunZd%2FqxlkSmpM5ZwPh2Rn4Sgi5diFWUTMtc862NlNIPNZYIDPCtm0gSwWxcydX6%2FrPjrLxBAtfGivwnIRJ2v4yKmDU9raP2HSKq6XaO7FeBCWd1XlhjdEwk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a085557-SYD
content-length
12267
expires
Sun, 16 Oct 2022 01:14:46 GMT
74fa3fd05780275690916df144235ed4.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/74fa3fd05780275690916df144235ed4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fc50a2bd35ab58ead6139d412d2cb58b3cfb6127d9c7fddb2069c91d7efed03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 07:08:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"74FA3FD05780275690916DF144235ED4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwHrWWvBqahlQl51V%2FZOFequ7b0K%2BHe26YNMznV4JuIesJbPYr2LERYIo8BJzBc%2FQ7Qns7N0gc1EF3Pt0F2Q6YAe%2BRqdY9LrjP7%2FfjmpSgMv0bT9pDRFE8HH8LwTOc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a095557-SYD
content-length
8476
expires
Sun, 16 Oct 2022 01:14:46 GMT
8970e821d8ae5fd05a8cbf37963e2f1c.jpg
static.bg3.co/imgs/202105/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8970e821d8ae5fd05a8cbf37963e2f1c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
437ebf5e26c542101e52ce8d23c76c72117649a7aa42bcd10fa789212a0a65c2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 04:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8970E821D8AE5FD05A8CBF37963E2F1C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybHimCR2EHgdv0Dh5OaBZSNIJj%2FjOsM48%2Bd2AcujHNDjYAnxK%2FEeQ7domyndj5C0s4JONs2j12cHHYLVTRtv9XdR%2B4AJolYV%2FAkzf1JMvJOlPOx75jLJ8J8ZBvDK2W0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a0a5557-SYD
content-length
11971
expires
Sun, 16 Oct 2022 01:14:47 GMT
eb012b74035ccdbfa3dbc98b88bfd6f3.jpg
static.bg3.co/imgs/202105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/eb012b74035ccdbfa3dbc98b88bfd6f3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f089228d986dd77424295860a5f2f543140b01aae8f7a622e06ed0c89bbbf1e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 09:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"EB012B74035CCDBFA3DBC98B88BFD6F3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl%2BTWx19zv%2F8F5urnSLwswGRGVJDxLiEsnVs%2FUAGiRBoVTL1%2F6npaQLnuEj8VBZpb14zIxFs79vjvUsZ%2FAl0w9E1DcRyvUi7Qdf63AG40dNFjd%2FDrqk40EaPKjjjtBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a0c5557-SYD
content-length
10929
expires
Sun, 16 Oct 2022 01:14:46 GMT
1e39cc4a5c21deb4ad1379b6dfb17c23.jpg
static.bg3.co/imgs/202105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1e39cc4a5c21deb4ad1379b6dfb17c23.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145fe8879549e22f9a5a8b4a8852f7760d13ad9813b6a910b0c355aee96f7763

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 12:21:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1E39CC4A5C21DEB4AD1379B6DFB17C23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0gEUnRn%2Bfw%2FVZFJgM39YPUzsMgOyy9KsFgi6L8D4YkcZ0PD9YBLIqqTVCJk6UCatgghPWtBRPSyDxPsqoFEjd7NQwOazLldFmMYIJLVn7p5JDxlzFJbsVoY7wPVK1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a0d5557-SYD
content-length
11100
expires
Sun, 16 Oct 2022 01:14:46 GMT
3315bb5c7b020576ff72ed4a7e27b560.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/3315bb5c7b020576ff72ed4a7e27b560.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ebf83a63480f8da246e436ec95a78fab8a988df015e529da55ae6296ee66023

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 13:07:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3315BB5C7B020576FF72ED4A7E27B560"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgMASb4kD4JypzeL0iShVATAOINN5gStAGV%2Bvg6Idt4mQf95oYm3PytJMfaaRZ3f6VHVXfyw4weleCZne6MNW8MPcxFNGYS4uSqVI%2Fjj7B1nIYaB9o%2BUddvjbT6pp%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a0e5557-SYD
content-length
6966
expires
Sun, 16 Oct 2022 01:14:46 GMT
682841beef3a9d61a7f3cd8778026185.jpg
static.bg3.co/imgs/202105/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/682841beef3a9d61a7f3cd8778026185.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2248d0bd8658f3cb9ed22a07b9310976f0dc2bccf7d364dca316724375cc833d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 23:08:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"682841BEEF3A9D61A7F3CD8778026185"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FTbT6pq5WmPcS%2B4lGdPofuVUaDFPI5WRi063U4U1ttbuahtWEUjAVFhhkVt02iK26SqufoOgQQx6zsX%2Bay4C75Bpr55SSOSXaPPVs473FmqNkENBCq0a5DyicIS3Dc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a0f5557-SYD
content-length
13007
expires
Sun, 16 Oct 2022 01:14:47 GMT
076effb060fe2a59e86edbef96b0dddb.jpg
static.bg3.co/imgs/202105/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/076effb060fe2a59e86edbef96b0dddb.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c100d6f914f7b27023459ae32e30d7f5b34d09f8e7fb62970020e327800505

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 06:09:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"076EFFB060FE2A59E86EDBEF96B0DDDB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIyfbe457%2F4rIU0uDRYFZpK9PyZWrauWoI1msKcDZ12Vvvw4m%2Be6suG%2Fixb9O%2BYOaerHTvQ6S7PEyglvfmzJ1xTpTRoyUrv57u%2F906JIqhsb1EfIGemt4oOVY7wY0VE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a115557-SYD
content-length
78598
expires
Sun, 16 Oct 2022 01:14:46 GMT
989989c66e3e94c2191d6ef99b2dc194.jpg
static.bg3.co/imgs/202105/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/989989c66e3e94c2191d6ef99b2dc194.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96aebc08154040755027b768dc54e3ae51ccbd11c1b49e0e88a0872946a995c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 06:15:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"989989C66E3E94C2191D6EF99B2DC194"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hs8z5qW5hM70PLSB5iQkk04%2BGCIHWOYo%2Faghk4seeztrvXtxv8ZqOt5%2BMSq2IduEonr4IPGlhhym9DUqXzgHPwGyG7rBmeKLsbe9Vv1v0WzFR%2FPc7VnntQCku63lND4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a125557-SYD
content-length
86579
expires
Sun, 16 Oct 2022 01:14:46 GMT
1fd887bcc3d29f8a343c2cd8054e76b7.jpg
static.bg3.co/imgs/202105/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1fd887bcc3d29f8a343c2cd8054e76b7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
684cdd2e58d1670b53903b5502564f5fa9705e6659b6310c0ae0d784e5e281c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 06:09:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1FD887BCC3D29F8A343C2CD8054E76B7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YNkjyH%2BY3SxCNegJS9Xisy6M4AVFHxtFUwAx2kpN9RM2A5k5nUY3DgF8s%2Fo0y12KQY3C6ncdzaNER4T8JUJONISO%2FWM%2FPsKXKnNASlgSHuLew1wBJUnqGEx57Tbkpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a135557-SYD
content-length
11673
expires
Sun, 16 Oct 2022 01:14:46 GMT
71f825280b6b2ee55ce3d48478599176.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/71f825280b6b2ee55ce3d48478599176.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f55ea5ae8c76460290233e1626d060bf7d551dd6ad817fe5212313d4e09df5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 02:37:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"71F825280B6B2EE55CE3D48478599176"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wxW5U%2BCE4vh8fR7hGaqn6fAXSRIVkejPqiXJ6RBOWJr%2B7D1WP2syuYZg8mSRjaxEgok0I7gNL%2FTioouW0cqMza2Vmjxhoh%2F5aW2o6M%2B8fop5A6jSn1a6ULWRuE0Ng8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a145557-SYD
content-length
7507
expires
Sun, 16 Oct 2022 01:14:46 GMT
949d5bb75671a4db0b43fe0ccae3b916.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/949d5bb75671a4db0b43fe0ccae3b916.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50157c7d9815beccdd35fa6b4ef876348722744e445ac0a6a34dfbc322c5fd04

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:29:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"949D5BB75671A4DB0B43FE0CCAE3B916"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LLleFc6EJQmOj9xgmb2nl2dnjTvF1YjbSj5yBdCIBOCxOAQMkEz%2FY3f%2F8RCj8jQCCo5CjoXB1I47vzCFiNo64CY5eBunbievicM%2B%2BzJjC2h%2FlK3E19KA1LCI0PNcKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a155557-SYD
content-length
7559
expires
Sun, 16 Oct 2022 01:14:47 GMT
9bb22908f2a6d5cc7b35594e4bd8e576.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9bb22908f2a6d5cc7b35594e4bd8e576.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f4b3e7430abf148b5ee9cc6e3cca0512b370981a91bb9c214f89f1e74c0efc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 02:51:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9BB22908F2A6D5CC7B35594E4BD8E576"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNew1%2BDRc9y3u3W9xT%2Fg0qWnNKgdH4cTN8MXUOgposq6c%2FXOh%2FPdqnW60OotNmyuV394wfeEhOrPgx5QrHk23py0Vy2lu0YkpCGkCrG4dkEGOzudUnTS4cUQZrWCIWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a165557-SYD
content-length
7014
expires
Sun, 16 Oct 2022 01:14:46 GMT
8c65d9c2b23eeb309d46d51b1667f03e.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8c65d9c2b23eeb309d46d51b1667f03e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7391d48e4a84e5a731d6908ac947fc36db9cf24a134606129d628b1c36cc1b21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 20:31:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8C65D9C2B23EEB309D46D51B1667F03E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA%2B1u77zBTqDREy9Q5nk7bJMVbvDGgz5gNuY7cpzNZPBHPYqGhuxy4FFOqwY3AJuRU4Xy%2Bh5%2B1afl%2FQymc%2FJERYgg%2FluvHzbLXqNeis%2BX4vx%2FH9cpluyFngj4dgjGM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a175557-SYD
content-length
7036
expires
Sun, 16 Oct 2022 01:14:47 GMT
7e6b1aee03da2fa4b85e04aa3ce2361d.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7e6b1aee03da2fa4b85e04aa3ce2361d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194859beed2744c8bb0d8db1678827142c602584061fec1ae6463f9fd4e36139

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 14:09:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7E6B1AEE03DA2FA4B85E04AA3CE2361D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzLsCYlyuFHGa8kMQXNiI1nFShXY9eYk%2F3kENw1nZyglYNr2Wd6GUl0hPx36ANL4gktP2nN4SluaSWMvyDPy8UoFNPHEsYenk4SVLZKvXiPul4XzGQ5aQp1zly2yGYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a185557-SYD
content-length
6755
expires
Sun, 16 Oct 2022 01:14:46 GMT
38da641c912088814dfdbdfd1da65099.jpg
static.bg3.co/imgs/202105/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/38da641c912088814dfdbdfd1da65099.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4057a8847fdb015e51f3c65728663ca0bf4ba97ecf6f5a9ba3912dbc19bf7de5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 01:48:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"38DA641C912088814DFDBDFD1DA65099"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIo5e2%2Bf4QKWCDyinzPJ3NOZuCs8H3DSD4wSbCh7lXGngytbpIqTjkzGUsiLwlhZA8jSxGJuzlyE0z440hQWx7STPICfFI5EH1ND1gd8OxQQEnrzxGTMTwp09LV14jE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a195557-SYD
content-length
9699
expires
Sun, 16 Oct 2022 01:14:46 GMT
54453cf76e575a4ffa441548bce62ba2.jpg
static.bg3.co/imgs/202105/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/54453cf76e575a4ffa441548bce62ba2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0c494d91a99c0c303b335557af0a95cc58790ba4a4ab62339762c3d8357804

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 00:41:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"54453CF76E575A4FFA441548BCE62BA2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUPsWA17cyN3RviboV0bDcXf7YbcpwSFqzyqT3tAGconq31qc7DXdGDRH4GJDdTN%2Bx%2FvCCFhDgGR6tRaH6%2Fsxnynjd4XTCPc7DX23QZ9ZBPEgAOcs3PkjdEh6%2FZo%2Bbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
757342e88a1a5557-SYD
content-length
13244
expires
Sun, 16 Oct 2022 01:14:46 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 08 Oct 2022 06:56:43 GMT
age
65883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2980
x-xss-protection
0
server
sffe
etag
"ac16e77745c88a40"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Oct 2023 06:56:43 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
6e64a4894f14fab865296b82dd97d4d3ea3bcec78b5378d9b9ef57f5515948d8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 07 Oct 2022 02:18:13 GMT
age
168993
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23032
x-xss-protection
0
server
sffe
etag
"17406dee48d4bcdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Oct 2023 02:18:13 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
998 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
64be99cbc239387b3a425f0204d401134bf82c23057da176759f8e3cc790d70f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
549
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 08 Oct 2022 17:54:18 GMT
age
26428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3844
x-xss-protection
0
server
sffe
etag
"02cbbdb857ad171c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Oct 2023 17:54:18 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1665278086.dop062.la3.t,1665278086.cds210.la3.hn,1665278086.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3743
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWJvIez9yijsh2hnv8UENdCYiaFHiomLkNj2MPAnBgonePwAyDv%2BEdTOW%2FnJ97HmgLbZ6ySR752VwUfqHdU0QJUIROq4rvJf3LaNOAnJs%2FgMMvCVZysishYNSpkOX1TXSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
757342e5cedcaacf-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:46 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:46 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.13342762390744456&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.08477506995210282&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B942 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
efcfd60dc4b39228eb1f1ee1f1f61cc31def37590d5af9d355e7a44ae5b59172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38008
x-xss-protection
0
server
cafe
etag
3620094716554323657
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 01:14:46 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a96ad4768f32ec875b5e6d4ff9e5107eb19401974d337d1ff79e8da9f435f446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 06 Oct 2022 14:15:27 GMT
age
212359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10253
x-xss-protection
0
server
sffe
etag
"76108468fe259c2d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Oct 2023 14:15:27 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1665278086626
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 01:14:46 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
accept-ranges
bytes
content-length
631
expires
Sun, 09 Oct 2022 02:14:46 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
c4b064035d7575f4bec0fd5729fa76ed3aa06324415dffb767812d0b815e0b34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 06 Oct 2022 06:08:22 GMT
age
241584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57872
x-xss-protection
0
server
sffe
etag
"9dc55ff1bd63fdb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Oct 2023 06:08:22 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
94168
expires
Mon, 09 Oct 2023 01:14:47 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=10
accept-ranges
bytes
content-length
317
expires
Mon, 09 Oct 2023 01:14:47 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
17440
expires
Sun, 09 Oct 2022 02:14:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
a374dc97c1e28c292d187edd19fcfc3e8fea4618569189db753ba349b5e74c76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27701
x-xss-protection
0
server
sffe
etag
"1358 / 782 of 1000 / last-modified: 1665180320"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Oct 2022 01:14:47 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:47 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjUyNzgwODY5NjUsInBhY2tldElkIjoiMDAwMEE3MDEtNjVjMzEyMWYtODgzMy00YjU2LTk4YjctYWQwMzRiZWJmODZkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poaS1qaS13YW5nLXlvdS1yZW4temhlbmcteGluZy1nYW4td2VpLWxpLXl1LWZlbi14aWUteHVlLWJhaS14aWFvLWR1LWR1Lmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=3655.0999999046326
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:47 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjUyNzgwODY5NjYsInBhY2tldElkIjoiMDAwMEE3MDEtNjVjMzEyMWYtODgzMy00YjU2LTk4YjctYWQwMzRiZWJmODZkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poaS1qaS13YW5nLXlvdS1yZW4temhlbmcteGluZy1nYW4td2VpLWxpLXl1LWZlbi14aWUteHVlLWJhaS14aWFvLWR1LWR1Lmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=3655.7000000476837
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:47 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjUyNzgwODY5NjYsInBhY2tldElkIjoiMDAwMEE3MDEtNjVjMzEyMWYtODgzMy00YjU2LTk4YjctYWQwMzRiZWJmODZkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poaS1qaS13YW5nLXlvdS1yZW4temhlbmcteGluZy1nYW4td2VpLWxpLXl1LWZlbi14aWUteHVlLWJhaS14aWFvLWR1LWR1Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D&c_b=3656.0999999046326
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:47 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjUyNzgwODY5NzEsInBhY2tldElkIjoiMDAwMEE3MDEtNjVjMzEyMWYtODgzMy00YjU2LTk4YjctYWQwMzRiZWJmODZkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poaS1qaS13YW5nLXlvdS1yZW4temhlbmcteGluZy1nYW4td2VpLWxpLXl1LWZlbi14aWUteHVlLWJhaS14aWFvLWR1LWR1Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=3661
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:47 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjUyNzgwODY5NzQsInBhY2tldElkIjoiMDAwMEE3MDEtNjVjMzEyMWYtODgzMy00YjU2LTk4YjctYWQwMzRiZWJmODZkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poaS1qaS13YW5nLXlvdS1yZW4temhlbmcteGluZy1nYW4td2VpLWxpLXl1LWZlbi14aWUteHVlLWJhaS14aWFvLWR1LWR1Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=3664
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:47 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gtag.json
cdn.ampproject.org/rtv/012209142312000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 08 Oct 2022 23:23:17 GMT
age
6690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"4d194710e2f2f90c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Oct 2023 23:23:17 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame DC79 		714 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3123
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
757342ec3f39a868-SYD
content-encoding
br
content-type
text/html
date
Sun, 09 Oct 2022 01:14:47 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQcUY6INh1okZGB3jO67eXpJYa%2F3EipaQoKZn3CRrdXwkYY4hbiQ2A%2F9UFQgTI3JLXP0oCkntyTX2OBTipXnhamrQiYzA9Qd9ElXEeeXtow%2F6TjynwT%2BuQmzhNkYxGwGyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:47 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1761 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
efcfd60dc4b39228eb1f1ee1f1f61cc31def37590d5af9d355e7a44ae5b59172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38008
x-xss-protection
0
server
cafe
etag
3620094716554323657
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 01:14:47 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-38969000451344156367.ampproject.net/2209142312000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-38969000451344156367.ampproject.net/2209142312000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DC79 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
7395c7dee2903d771c03b0f6314437d598be6f0b47cdff942408405a380b1fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27700
x-xss-protection
0
server
sffe
etag
"1358 / 63 of 1000 / last-modified: 1665180292"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Oct 2022 01:14:47 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame FF7A 		714 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3123
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
757342ed0ffaa868-SYD
content-encoding
br
content-type
text/html
date
Sun, 09 Oct 2022 01:14:47 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mI86fay4iq9UkVqW7Yehioo4KeuIP%2F9eLMRYDNyDvpeUXOOt%2BtUUYrJtGc3l27VCvvNxCFEiHfP6IFoCZ1QgPiq9OD%2FM%2FK7KwxamR2NCTgC9x5OcndYvf2g4TX2TldInKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ Frame B942 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
138661cb6f47a3e039f54fea83f8b49f5213dd003dfbc7ff37eebb437bf946b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125830
x-xss-protection
0
server
cafe
etag
336545618076003370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 01:14:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FF7A 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
6876a34a0f87a8f4f2443666164429b3cf8775cbb6593ddb77d47d5a7c398e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27713
x-xss-protection
0
server
sffe
etag
"1358 / 108 of 1000 / last-modified: 1665180320"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Oct 2022 01:14:47 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ Frame 1761 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
3fdfae67dd249fbd0dc8cc6a2a473c5ee9b375b5871219e7eec6584d0b44f267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125830
x-xss-protection
0
server
cafe
etag
13531167547666280352
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 01:14:47 GMT
pubads_impl_2022100301.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 19:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130906
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Oct 2023 19:41:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 09 Oct 2022 01:14:48 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%9B%B4%E6%93%8A%EF%BC%8F%E7%B6%B2%E5%8F%8B%E8%AA%8D%E8%AD%89%E6%80%A7%E6%84%9F%E5%91%B3%E3%80%80%E6%9D%8E%E6%AF%93%E8%8A%AC%E6%B3%84%E9%9B%AA%E7%99%BD%E5%B0%8F%E8%82%9A%E8%82%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-5d8c65x9YwmvNIzm9DSEgA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.23514887864289324&gjid=0.266220242776664&_r=1&a=3918&z=0.23926010976299183&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022100301.js
securepubads.g.doubleclick.net/gpt/ Frame DC79 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 21:31:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130906
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Oct 2023 21:31:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 33F2 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
d6706e8cb73c1a11961e2d4450354cc0b98ed474ddb3bcb799d95a63e44a6485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10993
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:48 GMT
expires
Sun, 09 Oct 2022 01:14:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022100401.js
securepubads.g.doubleclick.net/gpt/ Frame FF7A 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
95dc3fe7bed6cc66d192c34a90ac7912453305c15c62634159227882d6656ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 01:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131625
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 08:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Oct 2023 01:22:09 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221009
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9366751ced845c6d1c245ef69594aeb3eefb211dfe2dbfd534e9b30177f2b45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36790
x-jsd-version
1.0.1487
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"664-px1vyhByb/6FmMBgcz2Yy9Ovr40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKL4sE2FqOZxCSaeunyCHvPc8%2BUQ1molefh%2BoLU1g3H6Z8EWQSjE1Y0tFGHNicq575M%2BRnL7PcH1KUOQmlxAZltYQ2j5D8HtMuDvs7yx3pChUn2jquLZp7M%2BxjI2ZJp9CFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
757342f2fe98aabb-SYD
adreq
ads.servenobid.com/ 		752 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3951
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
06a55574709ebf1fbbb4e954c8e470d019f7e0609e8b8bd18dafedc3fe580c72

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.192.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a34eb61f6cdcd437c60c012a5e2e0f97249b95e58bbf20247bab8c0ad4260578

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
x-prebid
pbs-java/1.101.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.192.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
bfe1d0d2a45c699408e56ef831345707de6db7adb621378b6d750eb7e5a31d7e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
x-prebid
pbs-java/1.101.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.192.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
69b89df633ae453be81b254406ff9e58f28fce45f91e239aa9d54550f6f917cf

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
x-prebid
pbs-java/1.101.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=247b43e3-6efb-41f5-be9b-a32f7bd1aa28%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=785b7d47-978c-4e3a-ade8-110eaea6be55%3Bbda0416f-b71e-41e1-bab7-495cfd28689c%3B4ff1c00d-7da8-4076-beed-e7979ab577ca&l_pb_bid_id=65ef9264c2dc55%3B72821a5183a978%3B8c144296f3922b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.618820616706196
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dc3b071f42eef358b3e175be5ef76a3f4f7e4cf1b68c18f6f587ccbdf7f69f89

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:49 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bg3.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.111.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-111-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
17
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 09 Oct 2022 01:14:49 GMT
prebid
prebid.media.net/rtb/ 		1 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
53430af3498ea60d438bebe026849fb9a5cb02cc7a9dc7d4afec95a89280f1bd

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
518
alt-svc
clear
cygnus
htlb.casalemedia.com/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2223de86bc45a4619%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22304afe7a428e8d7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22330ec7fc5cd2873%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22344deffd9cd991a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22247b43e3-6efb-41f5-be9b-a32f7bd1aa28%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f39fa93ff942e7929d8d7a804a93ba139a3231498b93b579f2e5ffdd182f53e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w9%2BDYbCVnAqThHPzxTRjI8MlqAoCq98l9b5W3o%2FhprXs7bu8mK3FTyURb2p5O%2BproMWWHLEWhKI3SQcTbpC2g2YagtCUDC75wqZVTMoG2Q9K%2BkZr3K4c2bfREG7pVC%2B7GuVcq0w"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
757342f33a17a80d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2223de86bc45a4619%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22330ec7fc5cd2873%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22344deffd9cd991a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22247b43e3-6efb-41f5-be9b-a32f7bd1aa28%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f39fa93ff942e7929d8d7a804a93ba139a3231498b93b579f2e5ffdd182f53e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQX5DyJIdzDPhNvly%2BoxQNpTJGa%2FMBgak6hhJ3A%2BZHDsXVo1%2FlIoeO3DZxDZCXyWC4a6rOBvijtSFNgYZ9HTGjVNOpL1%2Bc6Us%2B3qawqoHFMkwSpyK3jS%2BOh1pgoIWj58aWnEg29%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
757342f33a1aa80d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		486 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3d8db6380346147965fb1ef3753afc9bc56ac59a531d09d88c679e90f1702b36

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
330
content-length
261
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=8596608955
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
arj
adpushup-d.openx.net/w/1.0/ 		173 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c12f1aee-6e1e-4784-9573-4b2e86bb3fc8%2C41b8cf72-00b0-4496-afc8-c42a6b3c7a8e%2C2f014076-f7fb-465a-9d91-22f93fce2c67&nocache=1665278087944&pubcid=247b43e3-6efb-41f5-be9b-a32f7bd1aa28&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ed1953333c77209a15f540742814c057b950471d6794418d59ceab794e4eb900

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=069f0e73-9f2f-4a30-b247-1f6bb5d79661&nocache=1665278087944&pubcid=247b43e3-6efb-41f5-be9b-a32f7bd1aa28&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=00f2ed32-7e71-40c1-908a-a78d79d79144&nocache=1665278087945&pubcid=247b43e3-6efb-41f5-be9b-a32f7bd1aa28&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b47d549b-0c52-4449-a180-7d77a6527b7b&nocache=1665278087945&pubcid=247b43e3-6efb-41f5-be9b-a32f7bd1aa28&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.20.120 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-20-120.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:48 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3185485ca7fbd9534b463b112ff24d324730d16c127107c504afda98c4a7816

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 09 Oct 2022 01:14:48 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
ib.adnxs.com/ut/v3/ 		49 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7353955b50bbd36ef12239abe251ae6cb4ae266528086a080b1376be84899496
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 09 Oct 2022 01:14:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bd54ffb0-11d6-470a-8bf4-9e44aaf5e7c3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
etag
"+b0B6ncQDCugPb96DWf2QA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 16 Oct 2022 01:14:48 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame B942 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
0e76ce1245b9bd761dac71bb4ebeff23997b93bd1643a365117123e2251d6859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame B942 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B942 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B4DD 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
f4fc5c142b4fed8713697b012e25bb2b61fa5e0b5fb4e04af129d21eff151b3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9923
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:48 GMT
expires
Sun, 09 Oct 2022 01:14:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 1761 		379 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
5be61086fbbccbd11b8efd62160fc911948e0a653173a9173e95dfe20b675add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 1761 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1761 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame A4DC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1534
content-length
673
content-type
text/html
date
Sun, 09 Oct 2022 00:49:29 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
x-amz-cf-id
ktn4ijCRtxZiZi1AIDWeS4jtSbS_oq3sDexjDZnqpLiZGObUv0Y8Ag==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:48 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:01:22 GMT
via
1.1 a0111b438d5ff26611042379c81df136.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
uECAged40fUuFf90q2TSoscNrhuwj1yEtBSy1zZs7V0vGV47y98F1Q==
adview
googleads.g.doubleclick.net/pagead/ Frame B4DD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtthyiCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8AFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PM3d6P5FW6O80I8Ohz1UWnmeXI51TKO9EV0A9gCgt_vaTwNKF-G0eABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=y5x157O07qQ&uach_m=[UACH]&cid=CAQSGwDq26N9Bp1gbbuzzXOUwO0GmgAk49lG4-6cRxgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 09 Oct 2022 01:14:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 09 Oct 2022 01:14:49 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame B4DD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k7G-FJzIC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQhyBCY3HO3KzGPTs3hHcQABIAAA&wp=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
172333
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 9DFD 		159 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
01ee79947c46e59a7c1dd3b18fd19b7f4083672d9e2f273bde170ad442ffbe6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=enLujjvxPu_eyx-h4COzn2HurbWcEc6g-EpTkU3h_B4UDIZ_kIEZlmkOmlgNfH5G6PSuNElSG1OEo8dByB03PIXGrB0hbGeC_EjtvqJddiTBGIVQakLv1k_0Za_E5OB3OE71w2wqzsYFDcB9Cw2Kd6yYduAFCMpaYtie7LlPJDrTXWLRAPEHxNP4XyGg9h8RyVkny4HPXDTRwAc26hF5k0htCgma1h-oI1BHtmWb_wr2hNfKw2Adb5H1KOzBVz81BxwYwg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
53459969
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame B4DD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:42:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame B4DD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:46:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4DD 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:50 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 33F2 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvbybiCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT2AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFwnGtYW3RmZhEG99v30j7_EyRsHR7j1_b5GrBfPogKZklJQ-RaIRIAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzIxNjIzMTkzNTcxMzAzOBgA&sigh=yL-HE-lmuCI&uach_m=[UACH]&cid=CAQSGwDq26N9f0qpkJeYh7RnTQvejYk211vXWmDbYhgBIBM&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 09 Oct 2022 01:14:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 09 Oct 2022 01:14:49 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 33F2 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kbG-FMr6RJAD-gFi-C0SAgAAAOoeEzCFSzSxX721iRCHIEJj4hq2TnHIvDoi5iUAEgAA&wp=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
165280
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 93B9 		122 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
9dcb409f281877214737c5e11358fcc19d69cfb8db64b159a8989a2e012de386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=dMDUGzvxPu_eyx-hgAQuiOTgdYrRVj169mADedu0PVeVAn5hdrbqjSRn15G_OFTU_xN2N0lPVCj2Hgddsl47nnPc6jOXS070qeioxrNiTEULAm0Q9pZORExtZwYmXiwMt9ZQQATqY54G59-Ut3SvqWsMqS7T8cr2WaY0LANljldeHshd3vaXd7llO2mlqw5ZpgoMy3sC2uOYGRF1233xCHx5-R5B2EfpYMLj-X3uwwapmYI-NNfvqieWBuU_guN8A1ueSQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
49332863
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 33F2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:42:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 33F2 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:46:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 33F2 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5448258771638595390&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3422&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=586599003918&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&ga_hid=3918&dt=1665278087404&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&bdt=2690&dtd=297&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:50 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame DC79 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1790033573816455&correlator=4503046215426242&eid=31060438%2C31069634&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665278088887&lmt=1644386353&dlt=1665278087148&idt=1721&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=tzrbn7p7xzjc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=551415553.1665278089&ga_sid=1665278089&ga_hid=206800507&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
82ae3c150b510a8d4b482c6f779cc309d97e1f1275c79485053e9c1ad7179ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
989a5fc7e1bc0ab63e333489ed15f375.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 627E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://989a5fc7e1bc0ab63e333489ed15f375.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:49 GMT
expires
Mon, 09 Oct 2023 01:14:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame FF7A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FF7A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FF7A 		492 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=673178389658856&correlator=3449671219478693&eid=31070165%2C44761477%2C31062930&output=ldjh&gdfp_req=1&vrg=2022100401&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665278088930&lmt=1644386353&dlt=1665278087267&idt=1642&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hotwhrt6hf33&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=946622704.1665278089&ga_sid=1665278089&ga_hid=1794566368&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
525490ce8a627997ac24e62ea51e871eaa92042817be39d14a2a16d833a31b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
58ad3e685b1b124c341c48eaab5a3d97.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 543D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ad3e685b1b124c341c48eaab5a3d97.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:49 GMT
expires
Mon, 09 Oct 2023 01:14:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIzMjI2NDRfMTY2NTI3ODA4ODk1NyIsInVzZXJJZCI6Ijc4MzcxMF8xNjY1Mjc4MDg4OTU3Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNDA2NDkxXzE2NjUyNzgwODg5NTciLCJwYWdlUGF0aCI6IiUyRmElMkZ6aGktamktd2FuZy15b3UtcmVuLXpoZW5nLXhpbmctZ2FuLXdlaS1saS15dS1mZW4teGllLXh1ZS1iYWkteGlhby1kdS1kdS5odG1sIiwiaG9zdG5hbWUiOiJ3d3cuYmczLmNvIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZ3d3cuYmczLmNvJTJGYSUyRnpoaS1qaS13YW5nLXlvdS1yZW4temhlbmcteGluZy1nYW4td2VpLWxpLXl1LWZlbi14aWUteHVlLWJhaS14aWFvLWR1LWR1Lmh0bWwiLCJwaGFzZSI6MCwidXNlclR5cGUiOiJORVciLCJwcmV2aWV3VmFyaWF0aW9uIjoibm9QcmV2aWV3UGFnZSIsImV4cGVyaW1lbnRQYWdlIjpmYWxzZSwidGltZXN0YW1wIjoxNjY1Mjc4MDg4OTU4fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvemhpLWppLXdhbmcteW91LXJlbi16aGVuZy14aW5nLWdhbi13ZWktbGkteXUtZmVuLXhpZS14dWUtYmFpLXhpYW8tZHUtZHUuaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvemhpLWppLXdhbmcteW91LXJlbi16aGVuZy14aW5nLWdhbi13ZWktbGkteXUtZmVuLXhpZS14dWUtYmFpLXhpYW8tZHUtZHUuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 01:14:49 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=110, origin; dur=198
content-length
555
expires
Sun, 09 Oct 2022 02:14:49 GMT
pixel
pxl.qccerttest.com/ 		35 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=862188950;fpan=1;fpa=P0-1373673058-1665278089172;pbc=247b43e3-6efb-41f5-be9b-a32f7bd1aa28;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1665278089172;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-58.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 23:21:21 GMT
via
1.1 a0111b438d5ff26611042379c81df136.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P1
age
6809
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
zLmPKmaCHa7HYpBDgA80pxK_7lPNHhQLtAvcMn3SN8UXDXqtiS_7gw==
pixel;r=649680776;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=649680776;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1373673058-1665278089172;pbc=247b43e3-6efb-41f5-be9b-a32f7bd1aa28;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1665278089174;tzo=0;ogl=;ses=96130fe8-aa6b-4518-869a-e5b9a0712ede
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
truncated
/ Frame 33F2 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45ccd162fe5812394d9ca8d3fc676816ca4274df4e06f65eb42062d0e508aac9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4DD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ccf2528c7f3aebe107e3aeeff30abbe16287f81e3709ac3f76e125942a94eaa

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 93B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:49 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 93B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:49 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 93B9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Oct 2023 01:14:49 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A4DC 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
b966aa36c9e5220a83cc8c3021eed093449d6bb531c03df512fbf8adc78cfa68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38007
x-xss-protection
0
server
cafe
etag
1758296067292404817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 01:14:49 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fbadc37227ab5222b0b5206e53be81c1987e4e11aa543f9e4a7f08ffb7e849f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76625
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 09 Oct 2022 01:14:49 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS96aGktamktd2FuZy15b3UtcmVuLXpoZW5nLXhpbmctZ2FuLXdlaS1saS15dS1mZW4teGllLXh1ZS1iYWkteGlhby1kdS1kdS5odG1sIiwidGltZSI6MTY2NTI3ODA4OTQ2OX0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:48 GMT
server
nginx/1.14.0 (Ubuntu)
sodar
pagead2.googlesyndication.com/getconfig/ Frame DC79 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
6a7dbf03ac2c1e2d05f6fc6527cefbf8486f9c52b6a23a6acaec5e8de89eb4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11205
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FF7A 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
0e4caf58d82de351e2f8ca2640ec2db63785759c83ec3f0b9fc201e2cfe2f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11190
x-xss-protection
0
back_button2.svg
static.criteo.net/flash/icon/ Frame 93B9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 04 Oct 2023 01:14:49 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 93B9 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=haD4y9_cuHyeKWahVQcuBtpmtr_46yZaVdnMzqQKLLSb8OseFYdFRp8ZKhTlDGmNGWNXtf_ADdaXxt4Ie5fiQ1JsRo1WiGC7J9CvyW24b46Nw8VIhEYVlQODqjsAWszNlWBclJgaEHoxAyBOmuS4Cg9lUkDTSewpFE6TeOEh9UqV_ZdOtGSyac2P2STpXPb02Q-THrLj68F80hrpIyk--N_CqCPwCHIbGpZJqEEN8_kIAIfEJ10O6nllC3BcqVVVopBwmf-oWtHQNniYHTPRMnuMATaFhLZamaWnB4XCTSd7TriRf9Z4VdMOJBzGcS07UI7PcJkV9ZJzlv0hxUr3ahsLPx44nQ3tdWv0VtiXuUqCFA6epM4WjblZ1TRI5eCA6nMZfEujiQVgxf1Ja_bLe2-kdBHoXgB1to7ndbOngjUEdS68
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3216631
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 93B9 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1390044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RybSr1yjlaEWzaruE110vSMFt6Gmwjm83nV%2BQ%2BmWmLPb3TD%2F%2BFUKlwEYp7n5U6DjQeIeH6dQeti1W38vhXykueNdyXQAk%2BXRMoAVgQuT78HAigtubGYfdg5rmRZ01ZrjQfxd0ttP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
757342fd5aa3aad5-SYD
expires
Fri, 29 Sep 2023 01:14:49 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 93B9 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 93B9 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
animejs.js
static.criteo.net/animejs/ Frame 93B9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ Frame A4DC 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c0598ca749148e02409aad3dbf6ecec47aa29c973b45147b405985700e88ffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125835
x-xss-protection
0
server
cafe
etag
10297730320488312292
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 01:14:49 GMT
all
csm.as.criteo.net/ Frame 93B9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=dMDUGzvxPu_eyx-hgAQuiOTgdYrRVj169mADedu0PVeVAn5hdrbqjSRn15G_OFTU_xN2N0lPVCj2Hgddsl47nnPc6jOXS070qeioxrNiTEULAm0Q9pZORExtZwYmXiwMt9ZQQATqY54G59-Ut3SvqWsMqS7T8cr2WaY0LANljldeHshd3vaXd7llO2mlqw5ZpgoMy3sC2uOYGRF1233xCHx5-R5B2EfpYMLj-X3uwwapmYI-NNfvqieWBuU_guN8A1ueSQ&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 93B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 93B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 93B9 		47 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1286846
expires
Wed, 04 Oct 2023 01:14:50 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9DFD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:49 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9DFD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:49 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9DFD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Oct 2023 01:14:49 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9DFD 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 04 Oct 2023 01:14:49 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9DFD 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=1cgWt8GBCjhaA9lGXFrBt7UpyxtzOmVhXVZ0lZJWazDfZzEA2lL_9TYhxSGRK9ClUvPaaNh3Eom6bmFBQS_c6YRfV9tWp2I5NUO6bEqt4VRLirVH9faUM3hJoAfwBWd-MOKQJaW4aJREkPh9qtCRzjeUkytiElqXkICrKBDjEX93Y_tcIZWRfy6VSpyWa3fJ1yOjpkAStak-8nSrh2eS7pHmqO92nzEMb8kv7HjH3HoqySgaVMaszynmrXko3j6W1HSMrMX35IGSloakv9qDaZsD72zBwumOqOvMDf4JRhcAvBn0sLQkMSQqfrgkgm296-6N2jW6Y9mIgo8UxX1xZUylWsHd9p_e4B1S0skQ5KED0V0YrrfkjkSO3Xpuczn8pLWEyeqkSfMuNf6YUx-OvZDrkS6aa_QUHkBH4Fkpz8iPizyJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1774740
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9DFD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1390044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFuSdjbCRwsVSSM1apmNOs9CH%2FRNl9Fhfpdo8fmxrlLnw00NTwLxpXIIg%2B5tUw1yXAGypg%2FJt57umIta3%2FrcBHGA%2BJ20vwZij9h2WDT4DY1%2BgTK%2F3p0L5fY2RjhbhXv%2BlBvN3jBj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
757342fdaaedaad5-SYD
expires
Fri, 29 Sep 2023 01:14:49 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 9DFD 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 9DFD 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
animejs.js
static.criteo.net/animejs/ Frame 9DFD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
img
pix.as.criteo.net/img/ Frame 9DFD 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=9736&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F2936%2F210730%2Fae7c74bbff6a47faaeb0d1dba10321b8_img_vertical_1.jpg&v=3&w=1200&s=zUR3N4MFkc83fgmD6nxRYPTw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3288212b66509bcca02524204f3d2c8cc0b6a6a83cf3a7ff0a2e28e773d9c5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30122314
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26074
expires
Fri, 22 Sep 2023 16:33:24 GMT
all
csm.as.criteo.net/ Frame 9DFD 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=enLujjvxPu_eyx-h4COzn2HurbWcEc6g-EpTkU3h_B4UDIZ_kIEZlmkOmlgNfH5G6PSuNElSG1OEo8dByB03PIXGrB0hbGeC_EjtvqJddiTBGIVQakLv1k_0Za_E5OB3OE71w2wqzsYFDcB9Cw2Kd6yYduAFCMpaYtie7LlPJDrTXWLRAPEHxNP4XyGg9h8RyVkny4HPXDTRwAc26hF5k0htCgma1h-oI1BHtmWb_wr2hNfKw2Adb5H1KOzBVz81BxwYwg&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9DFD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9DFD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:50 GMT
integrator.js
adservice.google.com.au/adsid/ Frame A4DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A4DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9280 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
54cdca4bc9bfdd425ebdcaf86e9ff17220e0eaa535a8d49451b942af31e70e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
15908
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DC79 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:50 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4039971179715568&correlator=178125658029226&eid=31068501%2C31069635%2C31070046%2C31070138%2C31062930&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D74af53bb2983829%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D75396a58f701166%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D76c0465aacffe4c%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D3fb4140cbb1a4dc4-22ff6e15a7d700df%3AT%3D1665278088%3ART%3D1665278088%3AS%3DALNI_MaLKbiY11s93QLi3_I-KPH7m-Aqig&gpic=UID%3D00000a244eb611e0%3AT%3D1665278088%3ART%3D1665278088%3AS%3DALNI_MbnIl4oBt74ydw8L7H8IuAhIz1IGA&arp=1&abxe=1&dt=1665278090096&lmt=1665278090&dlt=1665278084714&idt=3689&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=2026981476.1665278090&ga_sid=1665278090&ga_hid=3918&ga_fc=false&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
b2c8a768f9122e9c9e3c2a48b97fdbcc05442630b596d3781f5682f707ef0cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25127
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B48 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:50 GMT
expires
Mon, 09 Oct 2023 01:14:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FF7A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100401.js?cb=31070165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:50 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oea50&_p=3918&cid=2026981476.1665278090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665278090&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&dt=%E7%9B%B4%E6%93%8A%EF%BC%8F%E7%B6%B2%E5%8F%8B%E8%AA%8D%E8%AD%89%E6%80%A7%E6%84%9F%E5%91%B3%E3%80%80%E6%9D%8E%E6%AF%93%E8%8A%AC%E6%B3%84%E9%9B%AA%E7%99%BD%E5%B0%8F%E8%82%9A%E8%82%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 93B9 		9 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
75589164e5e2ec0ba396fab17bace54684ea14390ba8dc9821c1105397543815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1277952-

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 1277952-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
8894
expires
Wed, 04 Oct 2023 01:14:50 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E46B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkUzLiiBCY9naBYvcoQPCy5GYC6zX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLYBT9CztTEQZdrzYl9K1Q7oIjMV0OVbFArSbtq49ltBdsMjXs-sIOkVphXRuoXl5Rt3hnKPt8IXmee9hqOQaXYpMoTOyEbdeoDwi89IC23a5wtYbt12AHElZTVFTXMTw2yJ0IkfvlXbIaaSTrJ_xBTfrTEIRLvJZUBPUuIZOwYzeKtG9QxQbQhJjGJg3qq7dVccdvB3lbEAKbJ7piQMB4fo9RwCoNxu08v33OVB6T4nCAE_Nh-COjCABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=AohVsZ4aRik&uach_m=[UACH]&cid=CAQSKQDq26N9a6GdSF2fiuv_HTP5rBw-VuN2oCTeV4wa5We80P6DestxNz8lGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 09 Oct 2022 01:14:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame E46B 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.3274808E-4&viewability=-1&device_id=4&cbdp=0.015&slotVisibility=2&dn=bg3.co&acid=d310505bffad4f2f8f007f5cd0cae2c9&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-c5ddbccdc-lbmqv.SG&ogbdp=0.02&prvReqId=524529265753_1284724374_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1665278090192&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 09 Oct 2022 01:14:51 GMT
log
qsearch-a.akamaihd.net/ Frame E46B 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=0.0&adtyp=0&req_id=Y0IgigACDHMK1RVDcABpvg&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=69.1265&exp=&fdbk_id=&second_bidder=*&search_res=36&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0147&ogcbdp=0.0200&dfpbd=0.0147&server=1&ogerpm_wd_bkt=0-1&model_version=202210082355_generic_adx_1-cid_1&viewability=-0.0100&dmm_r=0.0000&cut=26&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=AU-NSW&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=1.1500&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1665278090192&cc=AU&strg=harmony&ss=&current_hour=0&time_stamp=2022-10-09+01%3A14%3A50&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=default&dc=apac_sg&splid=&dim4=ogerpm_multiplier_used&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=d310505bffad4f2f8f007f5cd0cae2c9&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=2&totalTime=2494630&dmm_m1=2022-10-09+01%3A14%3A50.194678581&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-c5ddbccdc-lbmqv.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-216.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:50 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 09 Oct 2022 01:14:50 GMT
nmedianet.js
contextual.media.net/ Frame E46B 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dffa0ee8fbbf7f2e7cf290ecdafcd68314a2bfc4cad3396e6dc405e362026e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-tx5k
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 09 Oct 2022 01:14:51 GMT
server
Apache
etag
"6934cab770662a1ac1cd7ef3f25b8a1c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-8
timing-allow-origin
*
expires
Sun, 09 Oct 2022 01:19:51 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame E46B 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sun, 09 Oct 2022 01:14:51 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=62664
access-control-allow-credentials
true
content-length
62892
expires
Sun, 09 Oct 2022 18:39:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame E46B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:42:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame E46B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:46:58 GMT
l
www.google.com/ads/measurement/ Frame E46B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsqnO-XzJRbFg4V5u5gtlyBJ579GNfw0B6ycE9jR4OYl26VOZ0q5LlfczwoTfETwSlg4Xc05PLmDvWDb8RS2MUyypB9g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E46B 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F8EE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
194673
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F0E3 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
38b455982c9529891eef3f78c50c6575e2100c2014f298768f09f63a20654d2d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-azns5zJTMUYHzKcPCjgQdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-azns5zJTMUYHzKcPCjgQdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:50 GMT
expires
Sun, 09 Oct 2022 01:14:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3511 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
194673
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 08B4 		783 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
fd99123da767a58349a1917cdbd09a409146c0b924a50d80924f5e724801cb20
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WmJRq55jQ1PmfQw3SF9rjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-WmJRq55jQ1PmfQw3SF9rjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:50 GMT
expires
Sun, 09 Oct 2022 01:14:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C6EE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:50 GMT
expires
Mon, 09 Oct 2023 01:14:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AD60 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:50 GMT
expires
Mon, 09 Oct 2023 01:14:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FF63 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:50 GMT
expires
Mon, 09 Oct 2023 01:14:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame F8EE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 14:38:21 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 3511 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 14:38:21 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:14:51 GMT
all
csm.as.criteo.net/ Frame 9DFD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=enLujjvxPu_eyx-h4COzn2HurbWcEc6g-EpTkU3h_B4UDIZ_kIEZlmkOmlgNfH5G6PSuNElSG1OEo8dByB03PIXGrB0hbGeC_EjtvqJddiTBGIVQakLv1k_0Za_E5OB3OE71w2wqzsYFDcB9Cw2Kd6yYduAFCMpaYtie7LlPJDrTXWLRAPEHxNP4XyGg9h8RyVkny4HPXDTRwAc26hF5k0htCgma1h-oI1BHtmWb_wr2hNfKw2Adb5H1KOzBVz81BxwYwg&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B942 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
2cf89dcbf60aa56ab4e3da25651ce5b6de62dc2e2eef6509acc08633ad42aba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11201
x-xss-protection
0
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 93B9 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=32768-

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 32768-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1254078
expires
Wed, 04 Oct 2023 01:14:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F0E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100301&jk=1790033573816455&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 08B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100401&jk=673178389658856&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:14:51 GMT
generate_204
tpc.googlesyndication.com/ Frame F8EE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6o-VVA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3511 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nmVHWw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 92AD 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNXz0yCVnPlYOCiD8cXIyzihBD-Hi61OD5ws6WUNQ8lCZ3yPmxepMdunXFMDe7a_42Blh_tlxzOfG6AFGSYe8oXsT5nhVA
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C6EE 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVpsdOEuss7ASiBbKS-0kpDAebJQYCkGKV6964iUQKGqrb60qmqUzpHmVKI1zXWNA6vqJDnqCjNJRBqxN-Z_JkkxJ_dg&cry=1&dbm_d=AKAmf-B-CQ0J9qXFUy3k-5N8aIW65WVsLnFiCQWHNzo7nPHT6EXK72otC6M8EO-1nqsx-YZURNoGV9AMREg7jPzPOO54qvwdJbvukBeM4Kfpvh0TCiUT3S1JuzeifdAQd5r1YSgdIl9ib8RefB1oT4gk7_MzjOc8TE9-bcS08UY0HPvIk34d-riPAfhiKnLqn-JLidm5aLgfUuG3fg3hb3VUngGKveCHh_p_dp7Q1QKkfN3UJswjTzf0YVltsySrX3S8AH3Nz7rqI-eVI3vYSAxFeVu0wwQDRDUAcpFFop4Cshbf6_0VxMlOoIEmooOCkjZiyL_qneRhzj9LvxP5XmvWxMRRsfdXslalV1PPI4Lo9ny8bPhVeNyK4QcsW25ZAzSk9GEGSHOtp6B7YZwT6noffsuSA-_UyCC3Vy2a2Q9MLGNYqgRsLsdHnyaflLVGJ9jTKuQ_NwQgqpHYhkqTEjhtQ_Wv0dw2HkKJTZJUm1-BTKuRHHf99EOvC5Ct4Jo7Iv2HthpyXGkQ9_sVbfKy3X9hroYnvvvcl6M7vlOjkghwNunbKGiGDgndxEq6wXiPrs-d6REofQcJLT2LCNrwU0DqrFvo42EaGrLDZXGwep9tXEr1LKYfRep6XyDuaeH65VQqctwOL3OxuvAJ4KhEjzp_S_6WlJjE0Ux4Vp30-sV0wsye_qND01eFxeGkuDysXWO4crw9lRrKP2WYHsLTAZGDTMnU5FdLilXhB0Nhmcm4zmx92JgMEjggsS-WnFteyov_LuzyRpssX4YhVOZ_9FyYd6QEgIRc-bk9VtaZQW_xqqxi97VDWGZbPKBady_XnNpwt2QXKu2VGzDQWjZtfmN5X6WD07qvhdS7KzKTZTiXVLN9msd4Ns-i0QUvubPBhZa-hcn9vuHXKDmN7OSo9NfZ__K0qMyExGq9nsP5-kQBYY0IueDHinKFkAcZ_9ns4xnSYB8rUsOH5HbTMgt-CeiIkjj8EqacFCHX46DQAQKN5qgxALQUkp-8UYubH80CsnVps1QYy7QMZH3BIsl2QvYbO7g99pH_B1t7oPL0JqgrlMMn7KDkpXBQBgJMhTPpE5pc9yWPaP-gZ4pM9WTz0UO7OVfdGSb2LMicbkEKfVVVoIYXBcU437sjc3LFTwkAhVcCJt_0mkWDZjNXFNH3Ej0_TAEdL8R9LWiyXupDZ2ex1IboqwTWswfR4RYbRoMbEgYpzFf0fbw4BIg0Csxqq10sdB-M0woImPE3nw1cAaebrHxbMbCugWibYfpl-N6w3jU7F3YDi1m9VvIJzKOayoKamdGnh8gxCVvJvovNIkPNZgRMiN1w2pHCcUK1EtB4M8Fb36rk-5ehiVYa92hW_v6xP-gl-9PF8oFuWKWAKnrPT7W5eqP2LZ61FgHXTGyEalMdSBKfouHer6XrMazENmlIW41RobrNBN3wTRA22dyndibXK1Ivz3jFkNcxpxAQ4aQjwMhF0XyXNY2-3Fl1envgRHHmlaT1m07pp5Fc5To4-qt6r7ymdgZJ2U5ECJG2uLB91mvRnemcDM4y3OGS_HKUeZc9v0D7-RAuN4-1_o9KsMJ0tuJUvYdomBhyuhySgs4Yrpc-mDIV8dWePAzFeB7PXJafl9xCcJQcx_RmLQ6voGYxpH8njtLtV2RvvymZ7KWy0XwTfSylrctnOQT39n5of7nJYq0ibUtiFvcv2d6MV0ddo5sx9rDGN26x8HzwTZnWFTqM6sc3Kwn0nnZpILPeV1BPhf3b9MwQ1mghojuOmGwigvC0VDN_DNXPPccIaB5zdEzSQwTyDD55TGjAO6dN0UhwV7o8FEtFaCOPOrFSPUAABUrFDqr6zmhaUs-73LZmAkeQ3-o80qC0R1yJhoxo1BFG6lAymBaBqVmvDh1dtmcyqN8_5cCSwZ2Uo31lIuHq8hWDa425EOCvoDBv4lbU0iZtnwA_bcbvdm2Mgz2mhNmfFmfN1e2wDLas4KIVSL_6QX2NYL1OKtwb2Yrqi6odkF9Jl_wGZmvG-m9iXl6gCikp-Nb-v7sm1cYaBC1Gp2KUXpG4BgFv9wxX2-B_W0pZ0quuRHWVz4s03L5LYaCKSWLxxwKx0uK9j2-uX1zRI2vg2ZMTf5m1Bg9Bs5Os_gyGEZPKkzvqQgm8OcM-G3ipu40-ZFRYOtGOdSo-qxEi3bFonrFD5nrhG-qY-w24UlXYt1eJWhfzg-xsCsCDEFLf-FSwYFR2_B4tg1OPMpTW0J483fwJJ044nPvGn_qy46wb6x1Y29w5hlPJmuDcRT23WyHf6-uLxgbKBYJeXkUTVRIDv0kTzpL8QmMCYc_fckRa_dpoaQnhC7Y7v5QhUTQBWbVxyiEDomIYDL3ChXsu2gG0_S7XxkWBh7fLaF8j9dW1ViNHtvSZgAcWnuO0eMvO6TTIah8mr_FS8gTLdi-mltPnadx8QtP-Obq5bhjtBEsqKZkKRQeFsPaUIo2YwvXD1faPkGg8Nh5vi1hEgOKtr5r8EStK_kiVpoJIFrj7mhlEG86BnjqjE1j58aGyepG9mT0J55QcrBeIxxONlmm9GU7x09YibDZf8bw3DBpyUYzC4lDD6MSAbuqt-ZqMOsJHS5P2GQgF0Yap1UZl52Q92MDc4426OUokfU2sg-fJ27VPfmDqSc4wZVLezruU_Ke5ZVAvWQ5sXVpCPyVCLQtE-E35lyyWsb_44FtMUXyoRB7W6bfwe4n6_TVOrEIypPychNNd6kEDGpEUcfHmPc3MO7bgk0qxqSWnGNFkv0MJuEP9LISethDtsocAOGQ2jlWTptn4rGCCZpNM4f2ypY_xA3fmSseP_CV75JSFabd5xyk4KqZVgS-rSTfOABIV62ruRyLMvf7i8Z2CdHMq2gt1kbxu9Wm57qn-ts_ApJiX6clDDO2xr9wwtg9uDpLBXffu0QoA-BNiYiLU09H5Z0e9AiniQ1KU69rxbOSIZQPRB9rGJQXckL6ljUdOWB5BdWYyilLoexgaaex0LNubZa9VLRbWRz5pGNv-IYt2I2bXTpZBXN6Ky7cbNddPwtl5cKt3Khs1G_1ASSxth8xi1Lb5tCpRKqHPqBJma68IxLPuGCHrEmCNAe7eM7xbBOZF7gGARUJzoOdCWqj-K2c4zcG8B_9wAIGpcQF6rX9W8vqVAKggddFljKLuwq1UsXYFEIcf3nwIeGFpXMAn0TTWHm03xRQAqxPqPeh7jOKjTOAgBfZsAeWg-q4F1w_VyVwAkbfvdfFJWg5DFEotOLEiMVTILGIxcnxkyQRwrpcVumv-R2n1Rl6n1BqAguqg3A4CV2VykU-iBF7OfavaG2lV6X8uXQiOhgpJApX-5-MDTyC-tYkOkyT2dzJMpOgIx1P_bJZ5UpK0yF-cX6tR5FRTIgt4584Wg_8NLIHxiIOoswz0QF8X3RJoTzWOGJgAOLErru9vJ9SNBjnb80rys8AwID6pDVKw73onfvZBbP9c-fisN1MoXedx79pt5A&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
4b4ae7de8e8b84f4487d52b4409c94cc829e65769c7cf2356cc276e6c37778ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C6EE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmfGe2jFGAr8zo3PsEQZ8AD_tV9dry4VJEvSJa1mmL3x1_8AdxRsRNfW5U-4zW8lrUsYg6-Got98ZDazbIyUsSHvLvL1VYrIWpP6IMB1OItyAN95I
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C6EE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:42:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C6EE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:46:58 GMT
l
www.google.com/ads/measurement/ Frame C6EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpD-5PQh31bc1EUUuvlps568TbKXzhf88B0tfk2lu7z_MS1_8LHZGo7f74qOH2mTFKjjLo3h9x9Z6YG_cjvrAk72AZkA
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C6EE 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:51 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 84DE 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNWVvPXcf0HuD18lkp1HnlQ7kVazz2VBbYoynywZb2uSKErXmsTRQIuaPdJRd3yEnI6-9DbJVqLVdN_YKI7aSrivE4xqnA
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame AD60 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4oMqT-DXBQqFuQHmfkmplTjLuc29HKL5ec5Fnp4IBF6fuR7HOlerRgX3R673hwwFmWB7eEU4YZx1FGz10r_UkMEPo2w&cry=1&dbm_d=AKAmf-BTZZLAWsrGJ4ZtZGgMPdgIZBSmSTxE95LTOUmV_9TPDK3UHGWhpC-5X_dYx81hKlDIH5eEuKCYhrC1ZkCpFxHQK5jljGzLnmpDVEWx5i6fL7epNOdvwBraRyFsFjW6n7jkjhGBilyeQrGTrj157P6oP_dYjlmcDNr9eiu8zFS4JwokwNTBQwKfr-F5CXsahS5gzSHw14WjHuz-C1tNCaMqPq57OUqS-lXMsr7vQgbzFEVhDYhpQm2APqgeN4YT0zd2pYU4OcV9aDqtPNgiakUbpsrgoLr6bKbdYkui_3ILcEKO2DHjyiM613M1Hd7G0Bi7Vw_tc2wKm5pYQCfuGwCe9JyGctrpPcyzr6Q8nad3pCpxUiU0ChFTzRxyIqG36VUyNQlClVWmoyZ38iqXFtUrkznqa50euLUE0ZXl2WygG0ypCo1FMCVLN7Tz8QjegzsB90W6hTT88UgWMrj0yBBJ_OYktV3CMSvHjZwe2ts53tHBFLW3OnwZq1MuKDngo1OY04FI3mspJnmSu9YuPezuZP2xKsGgLDkkGTBkNCOLj9LErZ2gNo66kFuy58rvHKdISh0yVCqhGhrBGQGqwH_4ApVzy5vJoqz4c2lKeGfsLkg5KL4ZdnaolyOQ8pvMa9kRqWBbMmi6EXE_n7XKA4gCOI9Yr0FE92fMgkUPwmAaiY6B3SvFWHKvLo5zIr480Ech_2ltCFOQHRgsn2x7MMgahLRo-W9nCMgp0D9N5ik2KYA_hc6qL6_MaRug15vufAwzQ4fpbBYBYK39rfP6dkxurO_kHDmmDX9ujyytMo5vYPXamkuX0ld49btptXyDperHTe3Xmv7ob9FyzJOXQrvIhrNlMlfujF5v0xGJXjUCwoomME-R0ePtww1L9b5gauymWrPyyhon5WFaUjaO2_yEF4JKmIOQ9-TPzAzb2ZKAWyUoZQtKCr6M_U0XnPZiwsH_MgIzfSeAJbdGo2yhRhKhTvwrFOq9xkqj0_X7dszos-PXtLiWFdAp4wczwTNf6uT7raA3UFLPEamLC_NhySv-OaXPPJf038n4VxHVORTm9cgqoRur0V23Xsk-Q8-XoB2v3f5nq5JTpnQb44XhFAV3W2YlUlSelwv0yHKy4AaL-Q2cXUfg_vslfunITCmMsahbtM1PK6OzDOLHOcsZF7pgHvaVRyiY61-jYqCwNP6YZOuQolhRPdXjcjFPGFAGbRiPxIxfNkC3b6JtldHKt1FFCNQnxtaIvTjH9iymccTRqj1dOB22Tna71O9QGVshzOFuB2bu7g21zWW4EnTuxxBNb0nad5fOLdJgukcMOl-B0l7igFWcLG3hXTm2QYHOGZhlQXT5fxBUNaOidh29mUXss2wuTw3VPZc7k2w60HNF_I_vSGOGvC0_UZY49wdksKXhP3OMgZoXpB3pEQMncRbt5MKW_srMZBH6FoyxzXeHX-mucL6Cycq0FApDV7kJbE5jJWiBW0vK84jAV-HSS8QnPgTmfbzLI26JSdwetXjN-3NCLvjMvKbY2Sxrb8QQT-U0eEmLF1FD8NB8y68ajBv3T63ypQqMMnbzqP5ym0TddBuyg3d2MZtbjKb74Zp-gnh8xxxTQLIB4wgUU75aVqAPYLSNmd8IOzyf077EGIF6P3yf2HY28RywoqQwk79NgyofUC76ANdhf7FwaHCqv0SFzLQ8cFN3eOE7_TjFA_aCdUfJcNGGSgAqBxU5mBBzO-kf4xyBiEo2lBZT2l4M-BhpLSpO9yXsI-TAL2Fnpa5GfYXK41hnl8foBBu13P7L0772S-Me_S5ueZj2DtJysZkDxE-LSlsfWnwCxMPBVIFtX_hEq-8DQt_Gz1DkCYXKOY6rqEkc5EkPmLbjWuxCICPYwp0RiQKXxQRy8TVBbImqZ3av9DN61JDsFWcddunFdxAc-V8AvliD1qkc9lWJr1z-SUWoxOxXIU7pIEyTVwuo3FT_G-zt3zhD5t4uM6QfeMX0F_gxH7Hek3VyI04k0yojBRfpDjfop7md_alHhjKeAkuFd7ZHQucNA1q6yh6k6eDFohjrNUPPYQUouQxsDVSmgqhVQCrHXbne3lz3BwB5rnseJv-72IUp5G3b-sCvCEC1KwY5-6iVYhBG0AU1GggKKPC2U4THTbPwVy1NssLWyaYCcubmewKcCcEPREnagpeGu0jR-TXL1UZ9a71omHmHWRn7z3056dqr-6mT_WrELXScrJtvuH9WWCnq463RnKkUDONiliRxvotRWt3w7ArzP6LP5iHFTf1KrhLOOnYH2BcWghkaLVmSHNGm3PKHhSNY-121skmQnBXmqFP7qXkI7UcWNpojG10Kyrv-kIbFCcapADot0zXwRj9t8HRTW4U1OfQR56dlKp7BShyg0tGKVWEhgMaOr6TyBvVSCrdtS0470RqSdPgkib734BaZ_0wPVjtGCz3gICEmlYQ39vFDZYrluEG2qyPcCOM17AGwm2Qrsq_i3Xjkjadb9YHihXTSFdC1QwKg8jBScbSqrp124R6unBJztks-PLrJsrrAIcRk3fhtdhxGFKERYHwjH2sNKKmXrIBr1emTQY-2TROc8rDoEiHVEdo-VvvZuyPn7mzcaUewepe3SxJZMm1kiD6GbGOLQOQgZXNOcdhvyP4zezvW2YuqtoqYDwdmkYYlG6aF-2tFgeHg2OKzNil5QVWxs9hMDrUrMuEEVBSZxGVMBlDtA7NaszzHdAUetFERNHvb6K-Dr1Pi5Wd0Kp7jc2ymHKKrffp-bob_VBnrr61D7QdpTp54BIkh5XqGEe9c6rN0mcG6CIFWujwbimm-5BlR8K8BWWgbcVg55QADck1ZODhVo09IlZKI_PxaI7L9mkBIerY5Y_cHNgSJu0ZIyVPDHGhcRDnIarvdN0pqR32VhqgZmiEZUw5OUrgMkL2UlRcFa3YEoi3BE2DhGPAXrh6JD0yeZybLvyw-NNUW9_Hu2ICkdjYBwQNKCJiSl4YX1d5ZsriJLQN3Ift67MOECckq3jAhHmvBCersULfyEzySi2uDsjuKiuOLPk06yHxQ4w5tiLdr5o3MqlssVLAtbKFL--HIJ62xcji89h7g6qGuRtncYccBwEEkTJGCRJTJU9SKivp4C-PHR8SgTKJaBJRkT487KEdDJWZGlmex2rbQgXr1MlxlH1Snq-CZOEjg0uK6Z7LmHZWPFCoo0_AWprXFZr0aI0qhQPY3pkVzxw7lHEr0-OUzgDm1Mi0cRjpaS1TDsUTYFUmoiBkusxqgTu2YS5a5sInHByMrfpvas0DInV72bPdJgD6pH4N6d5nMpE58TP77fTZSDKzHTPUyAJjd_JHAqq-AuZuZiN8Uj8bj0d__xGk_ptZh_5R9bc_RlzjYgri-l5CiAy4QToF4HPvfzl08MqZs8cnXh01l2RNamfCZOdXwYzskRdkngwUvRZPiR02Vau-3jzW9UiJVkO-UhjaSt65zy3PZRBO4FOOhZdclQA&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
be44fc8bb694bd4f59c58e54f0f1c04aeb9ddbd646238c7bc4454e17db900f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34463
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD60 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dqf6ynCfTvLFu16zwrMijHdMGjP-fKoyRrFpapRzz_1dTg3huc5_LlRpk2QFZbHbZhpRB0tDjtu3ydGEkwybn12wkbDVaPZgmjPVhd8AnouVBPuQE
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame AD60 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:42:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame AD60 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:46:58 GMT
l
www.google.com/ads/measurement/ Frame AD60 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQL8oS8F48KbzB-kwIGkIeVamYUp9DpX-_g2Coyztemr0kdyvsgL9LK0mklSJ7OlECFiJsXGydB1-fi9_ttM-7sGBeDrA
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD60 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B942 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FF63 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjB2AiiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSYAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjBFww0RP7FBCs8gvy1UPJ3ZdGRFAtnxOY6VWfupqn04sy8qTVfAHgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=wn3oQGsVjKE&uach_m=[UACH]&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame FF63 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kLG-FM7xBnjYBGL4LRICAAAA-ONZtFtuTcMQiSBCYwK-DFo79718fiVnABIAAA&wp=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
184606
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 479C 		153 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
97de526ba903534563fc50d8c2ed2ae945d9951d7f5a90e9f43f669e91cf3fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=GQYTQzvxPu_eyx-hraXoszj9NFu1baiWMk2SGJxfRA5-eh9ZfBPZZ-NaLUiE8IjldEZdxiSRf-eV02W8D8U5iSMR5SS2_9dyHUBR7Opid0-YsjI9-lLetqhiRUQGwIHpmEeT7loU2OIxSATJz2XtuSIN6dEWtfH3t6sjY7JvWIotFVmDRJ5MufJyyhCYzl5Zsg7uQwpgOaJP7KiCrx-WSGWdVRDq8CZej-zJWu89MgMAWprfB2z3b8BuQmokRs171EV-TxrPFrAP4jqE"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60988772
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame FF63 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:42:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B534 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29928
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 16:56:03 GMT
etag
48472445140208031
expires
Sun, 09 Oct 2022 16:56:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame FF63 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:46:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FF63 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 21:32:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF63 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:51 GMT
rum
dsum-sec.casalemedia.com/ Frame 92AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNXz0yCVnPlYOCiD8cXIyzihBD-Hi61OD5ws6WUNQ8lCZ3yPmxepMdunXFMDe7a_42Blh_tlxzOfG6AFGSYe8oXsT5nhVA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 92AD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0IgjA3FVQgNYOglXcA.SwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNXz0yCVnPlYOCiD8cXIyzihBD-Hi61OD5ws6WUNQ8lCZ3yPmxepMdunXFMDe7a_42Blh_tlxzOfG6AFGSYe8oXsT5nhVA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENo-IqJ3KF-g0dPSv5y_UMA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 92AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIF8FocUVbHpE5-GzEQnukk&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIF8FocUVbHpE5-GzEQnukk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNXz0yCVnPlYOCiD8cXIyzihBD-Hi61OD5ws6WUNQ8lCZ3yPmxepMdunXFMDe7a_42Blh_tlxzOfG6AFGSYe8oXsT5nhVA
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:51 GMT
AN-X-Request-Uuid
9d3ac31e-cfc7-4af1-9991-61c7205517f7
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIF8FocUVbHpE5-GzEQnukk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MzEwMjcxNzQ3NzcwODcwMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MzEwMjcxNzQ3NzcwODcwMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNXz0yCVnPlYOCiD8cXIyzihBD-Hi61OD5ws6WUNQ8lCZ3yPmxepMdunXFMDe7a_42Blh_tlxzOfG6AFGSYe8oXsT5nhVA
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:51 GMT
AN-X-Request-Uuid
49154242-efa1-4558-ad22-b462de2589a9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MzEwMjcxNzQ3NzcwODcwMg%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 84DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECy3yDva6rerJkX6xOM1o1U&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECy3yDva6rerJkX6xOM1o1U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNWVvPXcf0HuD18lkp1HnlQ7kVazz2VBbYoynywZb2uSKErXmsTRQIuaPdJRd3yEnI6-9DbJVqLVdN_YKI7aSrivE4xqnA
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECy3yDva6rerJkX6xOM1o1U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84DE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJiOGFmNzAtMGUwYi0yMGE2LWYxYWQtMzE3ZWQ1MTQ1N2I1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJiOGFmNzAtMGUwYi0yMGE2LWYxYWQtMzE3ZWQ1MTQ1N2I1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNWVvPXcf0HuD18lkp1HnlQ7kVazz2VBbYoynywZb2uSKErXmsTRQIuaPdJRd3yEnI6-9DbJVqLVdN_YKI7aSrivE4xqnA
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJiOGFmNzAtMGUwYi0yMGE2LWYxYWQtMzE3ZWQ1MTQ1N2I1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 84DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGfJuSc5n0WuvIqJQq2bB4o&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGfJuSc5n0WuvIqJQq2bB4o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNWVvPXcf0HuD18lkp1HnlQ7kVazz2VBbYoynywZb2uSKErXmsTRQIuaPdJRd3yEnI6-9DbJVqLVdN_YKI7aSrivE4xqnA
Protocol
H2
Server
23.9.178.47 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-178-47.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 09 Oct 2022 01:14:52 GMT
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEGfJuSc5n0WuvIqJQq2bB4o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84DE
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YTQ5MWRmZmEtNzJjYi00NmJhLWFhZjQtN2QwZDlmNGE0ZmNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YTQ5MWRmZmEtNzJjYi00NmJhLWFhZjQtN2QwZDlmNGE0ZmNl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj9GhDb1sYBGNa1vNQBMAE&v=APEucNWVvPXcf0HuD18lkp1HnlQ7kVazz2VBbYoynywZb2uSKErXmsTRQIuaPdJRd3yEnI6-9DbJVqLVdN_YKI7aSrivE4xqnA
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YTQ5MWRmZmEtNzJjYi00NmJhLWFhZjQtN2QwZDlmNGE0ZmNl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 09 Oct 2022 01:14:52 GMT
dpixel
cms.quantserve.com/ Frame B534 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDi6Hjs5WAC7MKwnTRYN6dc&google_cver=1&google_push=AZmPxg_R0fr_bhXC9Xmejkmr21FrSQGYKG4Qty2kLv1lB2tLzDdnanCRUUfrYUzHDy2IT4DuNf7GE9-qJKxHWlVilg3BNdM0uPZoEJhNoahaNXf4T0llpp8oj00gUhRVQxvSHMm0sk2ol4sB
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B534
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI9Uk3_qnToqwbKbd1q7vDg&google_cver=1&google_push=AZmPxg8bTtgVIODTj3CaRi-lvn3pBUU1TaBbSAgzwl6A8YOibcooUywntrXTgjhFIDA0fVYJYf7ipzDrZyRYcSvvWP...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEI9Uk3_qnToqwbKbd1q7vDg&google_cver=1&google_push=AZmPxg8bTtgVIODTj3CaRi-lvn3pBUU1TaBbSAgzwl6A8YOibcooUywntrXTgjhFIDA0fVYJYf7ipzDrZyRYcSvvWP...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjFiZjRkZjctMDBjYS00MzY0LTkyZTgtNjI5NTA2M2VjZTI1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=61bf4df7-00ca-4364-92e8-6295063ece25
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjFiZjRkZjctMDBjYS00MzY0LTkyZTgtNjI5NTA2M2VjZTI1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=61bf4df7-00ca-4364-92e8-6295063ece25
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjFiZjRkZjctMDBjYS00MzY0LTkyZTgtNjI5NTA2M2VjZTI1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=61bf4df7-00ca-4364-92e8-6295063ece25
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame B534
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VCdsWLs6Sq6eUtkTU1RSTA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VCdsWLs6Sq6eUtkTU1RSTA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg89_6Z2B1GuOq1Ulqm5AQSob2VP203G3nzxBEuYeobH2zzxG9BuLSzY0rV21RViS2XLGtxdNL_neMWfvvXg7efqwG2_zNOD5lcj3dMTRtDednF7Mg0K-BMtXmJUYTmMDsiC0z4800JW
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VCdsWLs6Sq6eUtkTU1RSTA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg89_6Z2B1GuOq1Ulqm5AQSob2VP203G3nzxBEuYeobH2zzxG9BuLSzY0rV21RViS2XLGtxdNL_neMWfvvXg7efqwG2_zNOD5lcj3dMTRtDednF7Mg0K-BMtXmJUYTmMDsiC0z4800JW
date
Sun, 09 Oct 2022 01:14:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B534
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg9K2xvIo7JFlBdr5nftha8YxjzZETUd41rMFLuXG9zu6L1aC5FsTqbFpTU0rpduWDNNk9l1cudb0fyjYin6jOQRSLYJolgRl4HqToHbDKqzP5q1t4CxlHBK4XyOaqG...
  • https://sync.targeting.unrulymedia.com/csync/RX-5ace695e-9478-4842-bd73-cfdd366f6994-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg9K2xvIo7JFlBdr5nfth...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9K2xvIo7JFlBdr5nftha8YxjzZETUd41rMFLuXG9zu6L1aC5FsTqbFpTU0rpduWDNNk9l1cudb0fyjYin6jOQRSLYJolgRl4HqToHbDKqzP5q1t4CxlHBK4XyOaqGfnQkt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9K2xvIo7JFlBdr5nftha8YxjzZETUd41rMFLuXG9zu6L1aC5FsTqbFpTU0rpduWDNNk9l1cudb0fyjYin6jOQRSLYJolgRl4HqToHbDKqzP5q1t4CxlHBK4XyOaqGfnQktih1RyFZs&google_hm=BFrOaV6UeEhCvXPP3TZvaZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9K2xvIo7JFlBdr5nftha8YxjzZETUd41rMFLuXG9zu6L1aC5FsTqbFpTU0rpduWDNNk9l1cudb0fyjYin6jOQRSLYJolgRl4HqToHbDKqzP5q1t4CxlHBK4XyOaqGfnQktih1RyFZs&google_hm=BFrOaV6UeEhCvXPP3TZvaZQ
date
Sun, 09 Oct 2022 01:14:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5ace695e94784842bd73cfdd366f6994004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame B534
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPVi-HWeSC2_VoSIV9ub7mM&google_cver=1&google_push=AZmPxg8jfWnky4_p7OCLUul8vV_5-TvJsJis3EbodZRXHeUftVQ8Zjc-88o4GLifG8eYzrUitA0dXy...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg8jfWnky4_p7OCLUul8vV_5-TvJsJis3EbodZRXHeUftVQ8Zjc-88o4GLifG8eYzrUitA0dXybXKKuEvdpJRIIqkz5V2NkIxKVPXDTrMulolLsh2qyXi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg8jfWnky4_p7OCLUul8vV_5-TvJsJis3EbodZRXHeUftVQ8Zjc-88o4GLifG8eYzrUitA0dXybXKKuEvdpJRIIqkz5V2NkIxKVPXDTrMulolLsh2qyXikrkOFVSYGP4k5XDkhLZPWRZ&google_hm=NzM1ODQxMzE3NjIwNDc0MTIyMw%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg8jfWnky4_p7OCLUul8vV_5-TvJsJis3EbodZRXHeUftVQ8Zjc-88o4GLifG8eYzrUitA0dXybXKKuEvdpJRIIqkz5V2NkIxKVPXDTrMulolLsh2qyXikrkOFVSYGP4k5XDkhLZPWRZ&google_hm=NzM1ODQxMzE3NjIwNDc0MTIyMw%3D%3D
date
Sun, 09 Oct 2022 01:14:52 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame B534
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEBec2t1uXh8cYe_LyQQ7zO4&google_cver=1&google_push=AZmPxg8cKM9gAuEXbTqYVEjkFiwnzReIEoGP30b_uTEk8zdK2uMZVHjZmRoGqgRO53lIp2wMWCZJYtrs6M1JToD...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg8cKM9gAuEXbTqYVEjkFiwnzReIEoGP30b_uTEk8zdK2uMZVHjZmRoGqgRO53lIp2wMWCZJYtrs6M1JToDr6GPcjqxqK0d8pJpppn-lxZ9NxJ6ctdt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg8cKM9gAuEXbTqYVEjkFiwnzReIEoGP30b_uTEk8zdK2uMZVHjZmRoGqgRO53lIp2wMWCZJYtrs6M1JToDr6GPcjqxqK0d8pJpppn-lxZ9NxJ6ctdtm4KjqVgTllaPma8foYiXVoxQZCw&google_hm=MmQ4MWY0NzItMWIyZS0zMzQ2LWFjZTktZjQ5YWM0Y2M3ZGRk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg8cKM9gAuEXbTqYVEjkFiwnzReIEoGP30b_uTEk8zdK2uMZVHjZmRoGqgRO53lIp2wMWCZJYtrs6M1JToDr6GPcjqxqK0d8pJpppn-lxZ9NxJ6ctdtm4KjqVgTllaPma8foYiXVoxQZCw&google_hm=MmQ4MWY0NzItMWIyZS0zMzQ2LWFjZTktZjQ5YWM0Y2M3ZGRk
date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame B534
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEGC6JdxjQ38KROwh0MSted8&google_cver=1&google_push=AZmPxg93DejzzO3MWfb88xWIkezj4EU-RknFaoKlz7AXHlLqb1nd2kbCK4mnRN0LQEDmytt1TlDc_MgueO5ScP_pxXXs7HtXv...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg93DejzzO3MWfb88xWIkezj4EU-RknFaoKlz7AXHlLqb1nd2kbCK4mnRN0LQEDmytt1TlDc_MgueO5ScP_pxXXs7HtXvrBEDtBWoVP2bhXFH_MaYPU0iBelo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg93DejzzO3MWfb88xWIkezj4EU-RknFaoKlz7AXHlLqb1nd2kbCK4mnRN0LQEDmytt1TlDc_MgueO5ScP_pxXXs7HtXvrBEDtBWoVP2bhXFH_MaYPU0iBelo86AdiqTfAfPCAbYN7ogTQ&google_hm=fbe06119a01574f424c5f432b14816b6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg93DejzzO3MWfb88xWIkezj4EU-RknFaoKlz7AXHlLqb1nd2kbCK4mnRN0LQEDmytt1TlDc_MgueO5ScP_pxXXs7HtXvrBEDtBWoVP2bhXFH_MaYPU0iBelo86AdiqTfAfPCAbYN7ogTQ&google_hm=fbe06119a01574f424c5f432b14816b6
date
Sun, 09 Oct 2022 01:14:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame B534 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LiVHFLpfzAZd9WUfSj8ZnC7cKxXRJPKVjB1Yi2G_c0H8RgwCR7u694z-3PHnPvZaawpUErxVw
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 479C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:51 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 479C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 479C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Oct 2023 01:14:51 GMT
truncated
/ Frame FF63 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3533b67f9822cf16f189a477c233d443fc3acc54148bdda092f56b39302a83ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
back_button2.svg
static.criteo.net/flash/icon/ Frame 479C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 04 Oct 2023 01:14:51 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 479C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=rmR1YOj4Mib_ocuQNjG5KtEf8VI-n6oOqP56idMUI0xnIYqCyjFj3zTHDrbAMoYHP5GtvIRvXeu2sN3Dznn3Kh9nFVVWX4arWpwM5A2riq_GVErHNnoFVp9mF1LFWsFdMPXKP7wnlV3ZTgIABOspdkjN1AFEdW24AyDkq9HWtHyAn-BCuOQ9Y79tZ1Txu5HPKAnZTckLhCqf6IlCpNr3aqAnK0Utlc-S36Z0Ohn6MehzrnncISRT_OPJygLeKM9fXsnqyHbU15wn5SdUI7qTMCITwCDUgTBVjqiTiweClQpVJVHqJiTmP4k0eJMbxWAsX6s9h9hXcrwCe-Zu4rhYYDdmQ6RTWuyGTOiCTzVbBGIqJ2rvo8UUIIlwq8vdo17_mAkur3-u1kmEGKxUuAeRH_AAH7uHfxcmnsTDY1FfYVMLhsPA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1766734
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 479C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1387597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPFdb1%2FRhEL%2FDIZtsXd7MqJgfsmu4oMt0AmSydzyAL9zc1ye3%2FkBJ3PR1KNAsdDDTUDJxm5QS6Gn%2BixptutZvzxYFfK0GAcX%2FD%2B3lmmLCd9beNQ2Tey2M4cI093613LeY%2FCVZT3O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
757343099e7da864-SYD
expires
Fri, 29 Sep 2023 01:14:51 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 479C 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:51 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 479C 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 343C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
194674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BD55 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
304134c72504df6cfdc764011215da488737b1991b1991ed8fd159912310aa22
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O_MaI_mO7FmpkJ6imezPuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-O_MaI_mO7FmpkJ6imezPuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:51 GMT
expires
Sun, 09 Oct 2022 01:14:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame 479C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:51 GMT
all
csm.as.criteo.net/ Frame 479C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=GQYTQzvxPu_eyx-hraXoszj9NFu1baiWMk2SGJxfRA5-eh9ZfBPZZ-NaLUiE8IjldEZdxiSRf-eV02W8D8U5iSMR5SS2_9dyHUBR7Opid0-YsjI9-lLetqhiRUQGwIHpmEeT7loU2OIxSATJz2XtuSIN6dEWtfH3t6sjY7JvWIotFVmDRJ5MufJyyhCYzl5Zsg7uQwpgOaJP7KiCrx-WSGWdVRDq8CZej-zJWu89MgMAWprfB2z3b8BuQmokRs171EV-TxrPFrAP4jqE&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 479C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 479C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 01:14:51 GMT
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 479C 		214 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 09 Oct 2022 01:14:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1286846
expires
Wed, 04 Oct 2023 01:14:51 GMT
smtr
contextual.media.net/ Frame E46B 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=HARMONY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1665278091171671372&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&itid=17&bae=B44zgxq4ae&bcpf=8fOnRrolnfOur8B44zgxq4ae&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p1873865016t202210090114&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc5aecadf87a8a77c98ae712c04c1895f95ab929c7aac22b7fda0fc1388c1065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-sc-w
22-q83j
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-dnpk
timing-allow-origin
*
content-length
33461
expires
Sun, 09 Oct 2022 01:14:52 GMT
bping.php
lg3.media.net/ Frame E46B 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=518&&vgd_cdv=809&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1665278091171671372&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886781036&r=1665278091709&requrl=https%3A%2F%2Fwww.bg3.co&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1665278091129727235&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p1873865016t202210090114&vgd_pgids=1&vgd_uspa=0&hvsid=00001665278091707029185683571123&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 09 Oct 2022 01:14:51 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=65627
content-length
15
checksync.php
contextual.media.net/ Frame 6E18 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82c6eee34be1adcfc7cc2b4e626c9916d4d9bcd353bcecb64587638867aee3d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9409
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 01:14:51 GMT
expires
Tue, 11 Oct 2022 01:14:51 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame E46B 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4477&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Y0IgigACDHMK1RVDcABpvg&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.3274808E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=04943111&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=20.0&adj0=0.0&tmax=300&s_ip=74.125.190.17&adj2=0.0&adj1=0.0&feedback_id=Y0IgigACDHMK1RVDcABpvg&adtypes=0&mx_aabpc=0&reqid=Y0IgigACDHMK1RVDcABpvg&sc=AU-NSW&sd=1&mowxReqId=d310505bffad4f2f8f007f5cd0cae2c9_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1665278090192&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-357234536-42-7&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=d310505bffad4f2f8f007f5cd0cae2c9&actltime=27&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.015&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&suid=CAESEPt0gFsR3tH7AspzY-rf4x0&chnl=HARMONY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1665278690446&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.015&pvdTmax=238&ltime=26.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=524529265753_1284724374_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=47&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-595f68d68b-r4txj&currsrc_date=2022-10-07+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-09+01%3A14%3A50&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_PnWZqf0GBejb3gRwemhA6T2raJxjVfUvrRNKm3tjTbMFkpULV8EctQjx-v_A-zTnLxH&dmm_ogerpm=false&csip=rtb-common-istio-c5ddbccdc-lbmqv.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D210~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022100820~iurl_b%3D24588.15~url_tkc%3D1~std%3D~last%3D~vis_url_b%3D0.13~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D105%2C105~et%3D7~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100820~vis_b%3D238.01~url_b%3D0.04~url_tvi%3D1360~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw40ilS4XmKOThv1~btd%3D248904454597467090618112388573377336512820089344257888641605480051810964349095521882116~d2p_l%3D70~3pcf%3D2.73~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.83~ogd2p_b%3D0.69~vurl_b%3D0.24~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D52~vurl_l%3D50~CI%3D2749~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D4.11~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.39~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.015%7Edmm%3Dharmony%7Esuid%3DCAESEPt0gFsR3tH7AspzY-rf4x0%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.3274808E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D238&utime=1517&sf=0&cpr=0.46409015113006014
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 09 Oct 2022 01:14:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 09 Oct 2022 07:14:51 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C6EE 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Origin
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 17:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Oct 2022 17:08:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame C6EE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVpsdOEuss7ASiBbKS-0kpDAebJQYCkGKV6964iUQKGqrb60qmqUzpHmVKI1zXWNA6vqJDnqCjNJRBqxN-Z_JkkxJ_dg&cry=1&dbm_d=AKAmf-B-CQ0J9qXFUy3k-5N8aIW65WVsLnFiCQWHNzo7nPHT6EXK72otC6M8EO-1nqsx-YZURNoGV9AMREg7jPzPOO54qvwdJbvukBeM4Kfpvh0TCiUT3S1JuzeifdAQd5r1YSgdIl9ib8RefB1oT4gk7_MzjOc8TE9-bcS08UY0HPvIk34d-riPAfhiKnLqn-JLidm5aLgfUuG3fg3hb3VUngGKveCHh_p_dp7Q1QKkfN3UJswjTzf0YVltsySrX3S8AH3Nz7rqI-eVI3vYSAxFeVu0wwQDRDUAcpFFop4Cshbf6_0VxMlOoIEmooOCkjZiyL_qneRhzj9LvxP5XmvWxMRRsfdXslalV1PPI4Lo9ny8bPhVeNyK4QcsW25ZAzSk9GEGSHOtp6B7YZwT6noffsuSA-_UyCC3Vy2a2Q9MLGNYqgRsLsdHnyaflLVGJ9jTKuQ_NwQgqpHYhkqTEjhtQ_Wv0dw2HkKJTZJUm1-BTKuRHHf99EOvC5Ct4Jo7Iv2HthpyXGkQ9_sVbfKy3X9hroYnvvvcl6M7vlOjkghwNunbKGiGDgndxEq6wXiPrs-d6REofQcJLT2LCNrwU0DqrFvo42EaGrLDZXGwep9tXEr1LKYfRep6XyDuaeH65VQqctwOL3OxuvAJ4KhEjzp_S_6WlJjE0Ux4Vp30-sV0wsye_qND01eFxeGkuDysXWO4crw9lRrKP2WYHsLTAZGDTMnU5FdLilXhB0Nhmcm4zmx92JgMEjggsS-WnFteyov_LuzyRpssX4YhVOZ_9FyYd6QEgIRc-bk9VtaZQW_xqqxi97VDWGZbPKBady_XnNpwt2QXKu2VGzDQWjZtfmN5X6WD07qvhdS7KzKTZTiXVLN9msd4Ns-i0QUvubPBhZa-hcn9vuHXKDmN7OSo9NfZ__K0qMyExGq9nsP5-kQBYY0IueDHinKFkAcZ_9ns4xnSYB8rUsOH5HbTMgt-CeiIkjj8EqacFCHX46DQAQKN5qgxALQUkp-8UYubH80CsnVps1QYy7QMZH3BIsl2QvYbO7g99pH_B1t7oPL0JqgrlMMn7KDkpXBQBgJMhTPpE5pc9yWPaP-gZ4pM9WTz0UO7OVfdGSb2LMicbkEKfVVVoIYXBcU437sjc3LFTwkAhVcCJt_0mkWDZjNXFNH3Ej0_TAEdL8R9LWiyXupDZ2ex1IboqwTWswfR4RYbRoMbEgYpzFf0fbw4BIg0Csxqq10sdB-M0woImPE3nw1cAaebrHxbMbCugWibYfpl-N6w3jU7F3YDi1m9VvIJzKOayoKamdGnh8gxCVvJvovNIkPNZgRMiN1w2pHCcUK1EtB4M8Fb36rk-5ehiVYa92hW_v6xP-gl-9PF8oFuWKWAKnrPT7W5eqP2LZ61FgHXTGyEalMdSBKfouHer6XrMazENmlIW41RobrNBN3wTRA22dyndibXK1Ivz3jFkNcxpxAQ4aQjwMhF0XyXNY2-3Fl1envgRHHmlaT1m07pp5Fc5To4-qt6r7ymdgZJ2U5ECJG2uLB91mvRnemcDM4y3OGS_HKUeZc9v0D7-RAuN4-1_o9KsMJ0tuJUvYdomBhyuhySgs4Yrpc-mDIV8dWePAzFeB7PXJafl9xCcJQcx_RmLQ6voGYxpH8njtLtV2RvvymZ7KWy0XwTfSylrctnOQT39n5of7nJYq0ibUtiFvcv2d6MV0ddo5sx9rDGN26x8HzwTZnWFTqM6sc3Kwn0nnZpILPeV1BPhf3b9MwQ1mghojuOmGwigvC0VDN_DNXPPccIaB5zdEzSQwTyDD55TGjAO6dN0UhwV7o8FEtFaCOPOrFSPUAABUrFDqr6zmhaUs-73LZmAkeQ3-o80qC0R1yJhoxo1BFG6lAymBaBqVmvDh1dtmcyqN8_5cCSwZ2Uo31lIuHq8hWDa425EOCvoDBv4lbU0iZtnwA_bcbvdm2Mgz2mhNmfFmfN1e2wDLas4KIVSL_6QX2NYL1OKtwb2Yrqi6odkF9Jl_wGZmvG-m9iXl6gCikp-Nb-v7sm1cYaBC1Gp2KUXpG4BgFv9wxX2-B_W0pZ0quuRHWVz4s03L5LYaCKSWLxxwKx0uK9j2-uX1zRI2vg2ZMTf5m1Bg9Bs5Os_gyGEZPKkzvqQgm8OcM-G3ipu40-ZFRYOtGOdSo-qxEi3bFonrFD5nrhG-qY-w24UlXYt1eJWhfzg-xsCsCDEFLf-FSwYFR2_B4tg1OPMpTW0J483fwJJ044nPvGn_qy46wb6x1Y29w5hlPJmuDcRT23WyHf6-uLxgbKBYJeXkUTVRIDv0kTzpL8QmMCYc_fckRa_dpoaQnhC7Y7v5QhUTQBWbVxyiEDomIYDL3ChXsu2gG0_S7XxkWBh7fLaF8j9dW1ViNHtvSZgAcWnuO0eMvO6TTIah8mr_FS8gTLdi-mltPnadx8QtP-Obq5bhjtBEsqKZkKRQeFsPaUIo2YwvXD1faPkGg8Nh5vi1hEgOKtr5r8EStK_kiVpoJIFrj7mhlEG86BnjqjE1j58aGyepG9mT0J55QcrBeIxxONlmm9GU7x09YibDZf8bw3DBpyUYzC4lDD6MSAbuqt-ZqMOsJHS5P2GQgF0Yap1UZl52Q92MDc4426OUokfU2sg-fJ27VPfmDqSc4wZVLezruU_Ke5ZVAvWQ5sXVpCPyVCLQtE-E35lyyWsb_44FtMUXyoRB7W6bfwe4n6_TVOrEIypPychNNd6kEDGpEUcfHmPc3MO7bgk0qxqSWnGNFkv0MJuEP9LISethDtsocAOGQ2jlWTptn4rGCCZpNM4f2ypY_xA3fmSseP_CV75JSFabd5xyk4KqZVgS-rSTfOABIV62ruRyLMvf7i8Z2CdHMq2gt1kbxu9Wm57qn-ts_ApJiX6clDDO2xr9wwtg9uDpLBXffu0QoA-BNiYiLU09H5Z0e9AiniQ1KU69rxbOSIZQPRB9rGJQXckL6ljUdOWB5BdWYyilLoexgaaex0LNubZa9VLRbWRz5pGNv-IYt2I2bXTpZBXN6Ky7cbNddPwtl5cKt3Khs1G_1ASSxth8xi1Lb5tCpRKqHPqBJma68IxLPuGCHrEmCNAe7eM7xbBOZF7gGARUJzoOdCWqj-K2c4zcG8B_9wAIGpcQF6rX9W8vqVAKggddFljKLuwq1UsXYFEIcf3nwIeGFpXMAn0TTWHm03xRQAqxPqPeh7jOKjTOAgBfZsAeWg-q4F1w_VyVwAkbfvdfFJWg5DFEotOLEiMVTILGIxcnxkyQRwrpcVumv-R2n1Rl6n1BqAguqg3A4CV2VykU-iBF7OfavaG2lV6X8uXQiOhgpJApX-5-MDTyC-tYkOkyT2dzJMpOgIx1P_bJZ5UpK0yF-cX6tR5FRTIgt4584Wg_8NLIHxiIOoswz0QF8X3RJoTzWOGJgAOLErru9vJ9SNBjnb80rys8AwID6pDVKw73onfvZBbP9c-fisN1MoXedx79pt5A&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4027
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:07:44 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame C6EE 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVpsdOEuss7ASiBbKS-0kpDAebJQYCkGKV6964iUQKGqrb60qmqUzpHmVKI1zXWNA6vqJDnqCjNJRBqxN-Z_JkkxJ_dg&cry=1&dbm_d=AKAmf-B-CQ0J9qXFUy3k-5N8aIW65WVsLnFiCQWHNzo7nPHT6EXK72otC6M8EO-1nqsx-YZURNoGV9AMREg7jPzPOO54qvwdJbvukBeM4Kfpvh0TCiUT3S1JuzeifdAQd5r1YSgdIl9ib8RefB1oT4gk7_MzjOc8TE9-bcS08UY0HPvIk34d-riPAfhiKnLqn-JLidm5aLgfUuG3fg3hb3VUngGKveCHh_p_dp7Q1QKkfN3UJswjTzf0YVltsySrX3S8AH3Nz7rqI-eVI3vYSAxFeVu0wwQDRDUAcpFFop4Cshbf6_0VxMlOoIEmooOCkjZiyL_qneRhzj9LvxP5XmvWxMRRsfdXslalV1PPI4Lo9ny8bPhVeNyK4QcsW25ZAzSk9GEGSHOtp6B7YZwT6noffsuSA-_UyCC3Vy2a2Q9MLGNYqgRsLsdHnyaflLVGJ9jTKuQ_NwQgqpHYhkqTEjhtQ_Wv0dw2HkKJTZJUm1-BTKuRHHf99EOvC5Ct4Jo7Iv2HthpyXGkQ9_sVbfKy3X9hroYnvvvcl6M7vlOjkghwNunbKGiGDgndxEq6wXiPrs-d6REofQcJLT2LCNrwU0DqrFvo42EaGrLDZXGwep9tXEr1LKYfRep6XyDuaeH65VQqctwOL3OxuvAJ4KhEjzp_S_6WlJjE0Ux4Vp30-sV0wsye_qND01eFxeGkuDysXWO4crw9lRrKP2WYHsLTAZGDTMnU5FdLilXhB0Nhmcm4zmx92JgMEjggsS-WnFteyov_LuzyRpssX4YhVOZ_9FyYd6QEgIRc-bk9VtaZQW_xqqxi97VDWGZbPKBady_XnNpwt2QXKu2VGzDQWjZtfmN5X6WD07qvhdS7KzKTZTiXVLN9msd4Ns-i0QUvubPBhZa-hcn9vuHXKDmN7OSo9NfZ__K0qMyExGq9nsP5-kQBYY0IueDHinKFkAcZ_9ns4xnSYB8rUsOH5HbTMgt-CeiIkjj8EqacFCHX46DQAQKN5qgxALQUkp-8UYubH80CsnVps1QYy7QMZH3BIsl2QvYbO7g99pH_B1t7oPL0JqgrlMMn7KDkpXBQBgJMhTPpE5pc9yWPaP-gZ4pM9WTz0UO7OVfdGSb2LMicbkEKfVVVoIYXBcU437sjc3LFTwkAhVcCJt_0mkWDZjNXFNH3Ej0_TAEdL8R9LWiyXupDZ2ex1IboqwTWswfR4RYbRoMbEgYpzFf0fbw4BIg0Csxqq10sdB-M0woImPE3nw1cAaebrHxbMbCugWibYfpl-N6w3jU7F3YDi1m9VvIJzKOayoKamdGnh8gxCVvJvovNIkPNZgRMiN1w2pHCcUK1EtB4M8Fb36rk-5ehiVYa92hW_v6xP-gl-9PF8oFuWKWAKnrPT7W5eqP2LZ61FgHXTGyEalMdSBKfouHer6XrMazENmlIW41RobrNBN3wTRA22dyndibXK1Ivz3jFkNcxpxAQ4aQjwMhF0XyXNY2-3Fl1envgRHHmlaT1m07pp5Fc5To4-qt6r7ymdgZJ2U5ECJG2uLB91mvRnemcDM4y3OGS_HKUeZc9v0D7-RAuN4-1_o9KsMJ0tuJUvYdomBhyuhySgs4Yrpc-mDIV8dWePAzFeB7PXJafl9xCcJQcx_RmLQ6voGYxpH8njtLtV2RvvymZ7KWy0XwTfSylrctnOQT39n5of7nJYq0ibUtiFvcv2d6MV0ddo5sx9rDGN26x8HzwTZnWFTqM6sc3Kwn0nnZpILPeV1BPhf3b9MwQ1mghojuOmGwigvC0VDN_DNXPPccIaB5zdEzSQwTyDD55TGjAO6dN0UhwV7o8FEtFaCOPOrFSPUAABUrFDqr6zmhaUs-73LZmAkeQ3-o80qC0R1yJhoxo1BFG6lAymBaBqVmvDh1dtmcyqN8_5cCSwZ2Uo31lIuHq8hWDa425EOCvoDBv4lbU0iZtnwA_bcbvdm2Mgz2mhNmfFmfN1e2wDLas4KIVSL_6QX2NYL1OKtwb2Yrqi6odkF9Jl_wGZmvG-m9iXl6gCikp-Nb-v7sm1cYaBC1Gp2KUXpG4BgFv9wxX2-B_W0pZ0quuRHWVz4s03L5LYaCKSWLxxwKx0uK9j2-uX1zRI2vg2ZMTf5m1Bg9Bs5Os_gyGEZPKkzvqQgm8OcM-G3ipu40-ZFRYOtGOdSo-qxEi3bFonrFD5nrhG-qY-w24UlXYt1eJWhfzg-xsCsCDEFLf-FSwYFR2_B4tg1OPMpTW0J483fwJJ044nPvGn_qy46wb6x1Y29w5hlPJmuDcRT23WyHf6-uLxgbKBYJeXkUTVRIDv0kTzpL8QmMCYc_fckRa_dpoaQnhC7Y7v5QhUTQBWbVxyiEDomIYDL3ChXsu2gG0_S7XxkWBh7fLaF8j9dW1ViNHtvSZgAcWnuO0eMvO6TTIah8mr_FS8gTLdi-mltPnadx8QtP-Obq5bhjtBEsqKZkKRQeFsPaUIo2YwvXD1faPkGg8Nh5vi1hEgOKtr5r8EStK_kiVpoJIFrj7mhlEG86BnjqjE1j58aGyepG9mT0J55QcrBeIxxONlmm9GU7x09YibDZf8bw3DBpyUYzC4lDD6MSAbuqt-ZqMOsJHS5P2GQgF0Yap1UZl52Q92MDc4426OUokfU2sg-fJ27VPfmDqSc4wZVLezruU_Ke5ZVAvWQ5sXVpCPyVCLQtE-E35lyyWsb_44FtMUXyoRB7W6bfwe4n6_TVOrEIypPychNNd6kEDGpEUcfHmPc3MO7bgk0qxqSWnGNFkv0MJuEP9LISethDtsocAOGQ2jlWTptn4rGCCZpNM4f2ypY_xA3fmSseP_CV75JSFabd5xyk4KqZVgS-rSTfOABIV62ruRyLMvf7i8Z2CdHMq2gt1kbxu9Wm57qn-ts_ApJiX6clDDO2xr9wwtg9uDpLBXffu0QoA-BNiYiLU09H5Z0e9AiniQ1KU69rxbOSIZQPRB9rGJQXckL6ljUdOWB5BdWYyilLoexgaaex0LNubZa9VLRbWRz5pGNv-IYt2I2bXTpZBXN6Ky7cbNddPwtl5cKt3Khs1G_1ASSxth8xi1Lb5tCpRKqHPqBJma68IxLPuGCHrEmCNAe7eM7xbBOZF7gGARUJzoOdCWqj-K2c4zcG8B_9wAIGpcQF6rX9W8vqVAKggddFljKLuwq1UsXYFEIcf3nwIeGFpXMAn0TTWHm03xRQAqxPqPeh7jOKjTOAgBfZsAeWg-q4F1w_VyVwAkbfvdfFJWg5DFEotOLEiMVTILGIxcnxkyQRwrpcVumv-R2n1Rl6n1BqAguqg3A4CV2VykU-iBF7OfavaG2lV6X8uXQiOhgpJApX-5-MDTyC-tYkOkyT2dzJMpOgIx1P_bJZ5UpK0yF-cX6tR5FRTIgt4584Wg_8NLIHxiIOoswz0QF8X3RJoTzWOGJgAOLErru9vJ9SNBjnb80rys8AwID6pDVKw73onfvZBbP9c-fisN1MoXedx79pt5A&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
3600d5d161593a066ed57bfa0f44230fd55d0fbf709e0517c7a30e69b4eef59b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11696
x-xss-protection
0
server
cafe
etag
3440521625644817407
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 01:13:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DC79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100301&jk=1790033573816455&bg=!CAulC0_NAAYQgTJdMIE7ACkAdvg8WqYDiDeBJuB5b6wpiwUror0UICucwe384xMpKIc92cBKuw7fYwIAAADKUgAAAAJoAQcKABphp7N7A_BtvM5tdr7xgYtne5bq_XewW2MB0pkCpHtKvzh3ODoTIqI-gQHwSwjMrzstDZ0ywveoBDa_Gc6jNdYAsqyMDRiFqp0UwOtw3X6ML02ginRZ2vEzKeN-jFti_YBtmIZREiyYk9-oIv80EYWe7xzyQkal2DYVHrk_HWJL-Zc7_dPUSkyQImKe5Defk6uAH1OnwRGUWepmsDCG37afwjZeelbX0w6IHsdOuoHZytksXWmTeD5uLFc5W4tPQmYGwVdy9uIwyOoryD2sRJsatr-Vt1J2Yr7zcy8O3PSfs33cEkusrUiFalyezF6RqqbyNEETPsRpC_Rh0Xl8WJCYqH008_-wd9gDZTaPLZnOK8VVTB8Mmqm4d5B4B3pw2uNccrnye5i7Ev2fWHSr3S-GPEMCL60iIXLuQEfTTtRiUnPYkBe-GE61ugZP0tpLKBGSGRgwzMtifUfRCX60-GHN5zHpkSaWAu8fRabNmDKH25ooF0rHQ4-mWaIbj0uaHHcZqdAUr2TPsWhUBQqwTH4r83GWYkjvwI4d0Zb4dm5eg7Y4qVLyXTg-qVVKgff1LuOu_ZKVjcmOX4GHHnsf_Io1qqV7i8ikNDWDgE44UGy7MWrzjIWR1IIFfzv1FYF0XfaGYHm9I_iGM9PNtXlcHjSrc5oeFJzl3Og2hNjK4UJpzWcueRessubMjpSSzYDfKdEe2ntUnLy2vcD84fM0APWD86VcVRYKABnPD-abKeMgX-LWOYT948G8SuLYnGhwg1ukvKq0EFXgXi-R1I1YaAqih6HjmPwWcLFyOr0zFpbMFmnQn0Ek7BVQ1CUCtU36_W42laW7X9OhiVEPXhe6VPTuYO06smgrFcmnJaFfMm9325Mot3H-d9F6u0956yyXHG96pyRm0LZvAJ5MNutB2MewU98fTjgqHnLs6stcbtBL35Y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0B59 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29928
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 16:56:03 GMT
etag
48472445140208031
expires
Sun, 09 Oct 2022 16:56:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E46B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
618e39b7308fcec6b86510fbcf1830dada5a4c2b1eaca2846fc79084823b7540

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame AD60 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Origin
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 17:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Oct 2022 17:08:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame AD60 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4oMqT-DXBQqFuQHmfkmplTjLuc29HKL5ec5Fnp4IBF6fuR7HOlerRgX3R673hwwFmWB7eEU4YZx1FGz10r_UkMEPo2w&cry=1&dbm_d=AKAmf-BTZZLAWsrGJ4ZtZGgMPdgIZBSmSTxE95LTOUmV_9TPDK3UHGWhpC-5X_dYx81hKlDIH5eEuKCYhrC1ZkCpFxHQK5jljGzLnmpDVEWx5i6fL7epNOdvwBraRyFsFjW6n7jkjhGBilyeQrGTrj157P6oP_dYjlmcDNr9eiu8zFS4JwokwNTBQwKfr-F5CXsahS5gzSHw14WjHuz-C1tNCaMqPq57OUqS-lXMsr7vQgbzFEVhDYhpQm2APqgeN4YT0zd2pYU4OcV9aDqtPNgiakUbpsrgoLr6bKbdYkui_3ILcEKO2DHjyiM613M1Hd7G0Bi7Vw_tc2wKm5pYQCfuGwCe9JyGctrpPcyzr6Q8nad3pCpxUiU0ChFTzRxyIqG36VUyNQlClVWmoyZ38iqXFtUrkznqa50euLUE0ZXl2WygG0ypCo1FMCVLN7Tz8QjegzsB90W6hTT88UgWMrj0yBBJ_OYktV3CMSvHjZwe2ts53tHBFLW3OnwZq1MuKDngo1OY04FI3mspJnmSu9YuPezuZP2xKsGgLDkkGTBkNCOLj9LErZ2gNo66kFuy58rvHKdISh0yVCqhGhrBGQGqwH_4ApVzy5vJoqz4c2lKeGfsLkg5KL4ZdnaolyOQ8pvMa9kRqWBbMmi6EXE_n7XKA4gCOI9Yr0FE92fMgkUPwmAaiY6B3SvFWHKvLo5zIr480Ech_2ltCFOQHRgsn2x7MMgahLRo-W9nCMgp0D9N5ik2KYA_hc6qL6_MaRug15vufAwzQ4fpbBYBYK39rfP6dkxurO_kHDmmDX9ujyytMo5vYPXamkuX0ld49btptXyDperHTe3Xmv7ob9FyzJOXQrvIhrNlMlfujF5v0xGJXjUCwoomME-R0ePtww1L9b5gauymWrPyyhon5WFaUjaO2_yEF4JKmIOQ9-TPzAzb2ZKAWyUoZQtKCr6M_U0XnPZiwsH_MgIzfSeAJbdGo2yhRhKhTvwrFOq9xkqj0_X7dszos-PXtLiWFdAp4wczwTNf6uT7raA3UFLPEamLC_NhySv-OaXPPJf038n4VxHVORTm9cgqoRur0V23Xsk-Q8-XoB2v3f5nq5JTpnQb44XhFAV3W2YlUlSelwv0yHKy4AaL-Q2cXUfg_vslfunITCmMsahbtM1PK6OzDOLHOcsZF7pgHvaVRyiY61-jYqCwNP6YZOuQolhRPdXjcjFPGFAGbRiPxIxfNkC3b6JtldHKt1FFCNQnxtaIvTjH9iymccTRqj1dOB22Tna71O9QGVshzOFuB2bu7g21zWW4EnTuxxBNb0nad5fOLdJgukcMOl-B0l7igFWcLG3hXTm2QYHOGZhlQXT5fxBUNaOidh29mUXss2wuTw3VPZc7k2w60HNF_I_vSGOGvC0_UZY49wdksKXhP3OMgZoXpB3pEQMncRbt5MKW_srMZBH6FoyxzXeHX-mucL6Cycq0FApDV7kJbE5jJWiBW0vK84jAV-HSS8QnPgTmfbzLI26JSdwetXjN-3NCLvjMvKbY2Sxrb8QQT-U0eEmLF1FD8NB8y68ajBv3T63ypQqMMnbzqP5ym0TddBuyg3d2MZtbjKb74Zp-gnh8xxxTQLIB4wgUU75aVqAPYLSNmd8IOzyf077EGIF6P3yf2HY28RywoqQwk79NgyofUC76ANdhf7FwaHCqv0SFzLQ8cFN3eOE7_TjFA_aCdUfJcNGGSgAqBxU5mBBzO-kf4xyBiEo2lBZT2l4M-BhpLSpO9yXsI-TAL2Fnpa5GfYXK41hnl8foBBu13P7L0772S-Me_S5ueZj2DtJysZkDxE-LSlsfWnwCxMPBVIFtX_hEq-8DQt_Gz1DkCYXKOY6rqEkc5EkPmLbjWuxCICPYwp0RiQKXxQRy8TVBbImqZ3av9DN61JDsFWcddunFdxAc-V8AvliD1qkc9lWJr1z-SUWoxOxXIU7pIEyTVwuo3FT_G-zt3zhD5t4uM6QfeMX0F_gxH7Hek3VyI04k0yojBRfpDjfop7md_alHhjKeAkuFd7ZHQucNA1q6yh6k6eDFohjrNUPPYQUouQxsDVSmgqhVQCrHXbne3lz3BwB5rnseJv-72IUp5G3b-sCvCEC1KwY5-6iVYhBG0AU1GggKKPC2U4THTbPwVy1NssLWyaYCcubmewKcCcEPREnagpeGu0jR-TXL1UZ9a71omHmHWRn7z3056dqr-6mT_WrELXScrJtvuH9WWCnq463RnKkUDONiliRxvotRWt3w7ArzP6LP5iHFTf1KrhLOOnYH2BcWghkaLVmSHNGm3PKHhSNY-121skmQnBXmqFP7qXkI7UcWNpojG10Kyrv-kIbFCcapADot0zXwRj9t8HRTW4U1OfQR56dlKp7BShyg0tGKVWEhgMaOr6TyBvVSCrdtS0470RqSdPgkib734BaZ_0wPVjtGCz3gICEmlYQ39vFDZYrluEG2qyPcCOM17AGwm2Qrsq_i3Xjkjadb9YHihXTSFdC1QwKg8jBScbSqrp124R6unBJztks-PLrJsrrAIcRk3fhtdhxGFKERYHwjH2sNKKmXrIBr1emTQY-2TROc8rDoEiHVEdo-VvvZuyPn7mzcaUewepe3SxJZMm1kiD6GbGOLQOQgZXNOcdhvyP4zezvW2YuqtoqYDwdmkYYlG6aF-2tFgeHg2OKzNil5QVWxs9hMDrUrMuEEVBSZxGVMBlDtA7NaszzHdAUetFERNHvb6K-Dr1Pi5Wd0Kp7jc2ymHKKrffp-bob_VBnrr61D7QdpTp54BIkh5XqGEe9c6rN0mcG6CIFWujwbimm-5BlR8K8BWWgbcVg55QADck1ZODhVo09IlZKI_PxaI7L9mkBIerY5Y_cHNgSJu0ZIyVPDHGhcRDnIarvdN0pqR32VhqgZmiEZUw5OUrgMkL2UlRcFa3YEoi3BE2DhGPAXrh6JD0yeZybLvyw-NNUW9_Hu2ICkdjYBwQNKCJiSl4YX1d5ZsriJLQN3Ift67MOECckq3jAhHmvBCersULfyEzySi2uDsjuKiuOLPk06yHxQ4w5tiLdr5o3MqlssVLAtbKFL--HIJ62xcji89h7g6qGuRtncYccBwEEkTJGCRJTJU9SKivp4C-PHR8SgTKJaBJRkT487KEdDJWZGlmex2rbQgXr1MlxlH1Snq-CZOEjg0uK6Z7LmHZWPFCoo0_AWprXFZr0aI0qhQPY3pkVzxw7lHEr0-OUzgDm1Mi0cRjpaS1TDsUTYFUmoiBkusxqgTu2YS5a5sInHByMrfpvas0DInV72bPdJgD6pH4N6d5nMpE58TP77fTZSDKzHTPUyAJjd_JHAqq-AuZuZiN8Uj8bj0d__xGk_ptZh_5R9bc_RlzjYgri-l5CiAy4QToF4HPvfzl08MqZs8cnXh01l2RNamfCZOdXwYzskRdkngwUvRZPiR02Vau-3jzW9UiJVkO-UhjaSt65zy3PZRBO4FOOhZdclQA&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4027
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 00:07:44 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame AD60 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4oMqT-DXBQqFuQHmfkmplTjLuc29HKL5ec5Fnp4IBF6fuR7HOlerRgX3R673hwwFmWB7eEU4YZx1FGz10r_UkMEPo2w&cry=1&dbm_d=AKAmf-BTZZLAWsrGJ4ZtZGgMPdgIZBSmSTxE95LTOUmV_9TPDK3UHGWhpC-5X_dYx81hKlDIH5eEuKCYhrC1ZkCpFxHQK5jljGzLnmpDVEWx5i6fL7epNOdvwBraRyFsFjW6n7jkjhGBilyeQrGTrj157P6oP_dYjlmcDNr9eiu8zFS4JwokwNTBQwKfr-F5CXsahS5gzSHw14WjHuz-C1tNCaMqPq57OUqS-lXMsr7vQgbzFEVhDYhpQm2APqgeN4YT0zd2pYU4OcV9aDqtPNgiakUbpsrgoLr6bKbdYkui_3ILcEKO2DHjyiM613M1Hd7G0Bi7Vw_tc2wKm5pYQCfuGwCe9JyGctrpPcyzr6Q8nad3pCpxUiU0ChFTzRxyIqG36VUyNQlClVWmoyZ38iqXFtUrkznqa50euLUE0ZXl2WygG0ypCo1FMCVLN7Tz8QjegzsB90W6hTT88UgWMrj0yBBJ_OYktV3CMSvHjZwe2ts53tHBFLW3OnwZq1MuKDngo1OY04FI3mspJnmSu9YuPezuZP2xKsGgLDkkGTBkNCOLj9LErZ2gNo66kFuy58rvHKdISh0yVCqhGhrBGQGqwH_4ApVzy5vJoqz4c2lKeGfsLkg5KL4ZdnaolyOQ8pvMa9kRqWBbMmi6EXE_n7XKA4gCOI9Yr0FE92fMgkUPwmAaiY6B3SvFWHKvLo5zIr480Ech_2ltCFOQHRgsn2x7MMgahLRo-W9nCMgp0D9N5ik2KYA_hc6qL6_MaRug15vufAwzQ4fpbBYBYK39rfP6dkxurO_kHDmmDX9ujyytMo5vYPXamkuX0ld49btptXyDperHTe3Xmv7ob9FyzJOXQrvIhrNlMlfujF5v0xGJXjUCwoomME-R0ePtww1L9b5gauymWrPyyhon5WFaUjaO2_yEF4JKmIOQ9-TPzAzb2ZKAWyUoZQtKCr6M_U0XnPZiwsH_MgIzfSeAJbdGo2yhRhKhTvwrFOq9xkqj0_X7dszos-PXtLiWFdAp4wczwTNf6uT7raA3UFLPEamLC_NhySv-OaXPPJf038n4VxHVORTm9cgqoRur0V23Xsk-Q8-XoB2v3f5nq5JTpnQb44XhFAV3W2YlUlSelwv0yHKy4AaL-Q2cXUfg_vslfunITCmMsahbtM1PK6OzDOLHOcsZF7pgHvaVRyiY61-jYqCwNP6YZOuQolhRPdXjcjFPGFAGbRiPxIxfNkC3b6JtldHKt1FFCNQnxtaIvTjH9iymccTRqj1dOB22Tna71O9QGVshzOFuB2bu7g21zWW4EnTuxxBNb0nad5fOLdJgukcMOl-B0l7igFWcLG3hXTm2QYHOGZhlQXT5fxBUNaOidh29mUXss2wuTw3VPZc7k2w60HNF_I_vSGOGvC0_UZY49wdksKXhP3OMgZoXpB3pEQMncRbt5MKW_srMZBH6FoyxzXeHX-mucL6Cycq0FApDV7kJbE5jJWiBW0vK84jAV-HSS8QnPgTmfbzLI26JSdwetXjN-3NCLvjMvKbY2Sxrb8QQT-U0eEmLF1FD8NB8y68ajBv3T63ypQqMMnbzqP5ym0TddBuyg3d2MZtbjKb74Zp-gnh8xxxTQLIB4wgUU75aVqAPYLSNmd8IOzyf077EGIF6P3yf2HY28RywoqQwk79NgyofUC76ANdhf7FwaHCqv0SFzLQ8cFN3eOE7_TjFA_aCdUfJcNGGSgAqBxU5mBBzO-kf4xyBiEo2lBZT2l4M-BhpLSpO9yXsI-TAL2Fnpa5GfYXK41hnl8foBBu13P7L0772S-Me_S5ueZj2DtJysZkDxE-LSlsfWnwCxMPBVIFtX_hEq-8DQt_Gz1DkCYXKOY6rqEkc5EkPmLbjWuxCICPYwp0RiQKXxQRy8TVBbImqZ3av9DN61JDsFWcddunFdxAc-V8AvliD1qkc9lWJr1z-SUWoxOxXIU7pIEyTVwuo3FT_G-zt3zhD5t4uM6QfeMX0F_gxH7Hek3VyI04k0yojBRfpDjfop7md_alHhjKeAkuFd7ZHQucNA1q6yh6k6eDFohjrNUPPYQUouQxsDVSmgqhVQCrHXbne3lz3BwB5rnseJv-72IUp5G3b-sCvCEC1KwY5-6iVYhBG0AU1GggKKPC2U4THTbPwVy1NssLWyaYCcubmewKcCcEPREnagpeGu0jR-TXL1UZ9a71omHmHWRn7z3056dqr-6mT_WrELXScrJtvuH9WWCnq463RnKkUDONiliRxvotRWt3w7ArzP6LP5iHFTf1KrhLOOnYH2BcWghkaLVmSHNGm3PKHhSNY-121skmQnBXmqFP7qXkI7UcWNpojG10Kyrv-kIbFCcapADot0zXwRj9t8HRTW4U1OfQR56dlKp7BShyg0tGKVWEhgMaOr6TyBvVSCrdtS0470RqSdPgkib734BaZ_0wPVjtGCz3gICEmlYQ39vFDZYrluEG2qyPcCOM17AGwm2Qrsq_i3Xjkjadb9YHihXTSFdC1QwKg8jBScbSqrp124R6unBJztks-PLrJsrrAIcRk3fhtdhxGFKERYHwjH2sNKKmXrIBr1emTQY-2TROc8rDoEiHVEdo-VvvZuyPn7mzcaUewepe3SxJZMm1kiD6GbGOLQOQgZXNOcdhvyP4zezvW2YuqtoqYDwdmkYYlG6aF-2tFgeHg2OKzNil5QVWxs9hMDrUrMuEEVBSZxGVMBlDtA7NaszzHdAUetFERNHvb6K-Dr1Pi5Wd0Kp7jc2ymHKKrffp-bob_VBnrr61D7QdpTp54BIkh5XqGEe9c6rN0mcG6CIFWujwbimm-5BlR8K8BWWgbcVg55QADck1ZODhVo09IlZKI_PxaI7L9mkBIerY5Y_cHNgSJu0ZIyVPDHGhcRDnIarvdN0pqR32VhqgZmiEZUw5OUrgMkL2UlRcFa3YEoi3BE2DhGPAXrh6JD0yeZybLvyw-NNUW9_Hu2ICkdjYBwQNKCJiSl4YX1d5ZsriJLQN3Ift67MOECckq3jAhHmvBCersULfyEzySi2uDsjuKiuOLPk06yHxQ4w5tiLdr5o3MqlssVLAtbKFL--HIJ62xcji89h7g6qGuRtncYccBwEEkTJGCRJTJU9SKivp4C-PHR8SgTKJaBJRkT487KEdDJWZGlmex2rbQgXr1MlxlH1Snq-CZOEjg0uK6Z7LmHZWPFCoo0_AWprXFZr0aI0qhQPY3pkVzxw7lHEr0-OUzgDm1Mi0cRjpaS1TDsUTYFUmoiBkusxqgTu2YS5a5sInHByMrfpvas0DInV72bPdJgD6pH4N6d5nMpE58TP77fTZSDKzHTPUyAJjd_JHAqq-AuZuZiN8Uj8bj0d__xGk_ptZh_5R9bc_RlzjYgri-l5CiAy4QToF4HPvfzl08MqZs8cnXh01l2RNamfCZOdXwYzskRdkngwUvRZPiR02Vau-3jzW9UiJVkO-UhjaSt65zy3PZRBO4FOOhZdclQA&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
3600d5d161593a066ed57bfa0f44230fd55d0fbf709e0517c7a30e69b4eef59b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11696
x-xss-protection
0
server
cafe
etag
3440521625644817407
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 01:13:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FF7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100401&jk=673178389658856&bg=!FxSlFFDNAAYQgTJdMIE7ACkAdvg8Wt8NSvSK34M51VUW4BrvYLkaXtzLuxVGsViXSy2aIiV1h5LzhwIAAACoUgAAAAJoAQcKABfUUpQ4SgxDllu_Um3G6dp88_WzATrTsJkCvAPixoQ1uMPshk9tGC_GovcC9a5CAScohYz4sHfijMecRY-1sNrA52qglcJum_MIe2AYUGXO1yssY3OILKrktuW3tEFHTE1lWcpbD0WOxWHI2K2ts3MpZ3R1VJf4QLI59TsGoM5ekjNwtL0bYIN_2iIM_G4LwNJS0TufC5wdMi2TsQTTiF28D0K9_OPNeFp7sBwc5G_28JLEV0lmxmRAhsrQ7oAiLY-A5XVtLQqUbZCjugGTluAOksqbkjIs3JKQNXxAryBaqAGvmRAfL9hINsGjrnjDmAWfANNuHrae4IRah_ElcnKcgYdTBogJNPHS0_RHSTeELexB9oTEhsZ0pV8gP5rRDs47jOyztSUSyjI7gILMmR12bl_IkbtSMWZbCoBV2i7FkaX1vAqu3mOC5dfGP5I0oi2nF7fpV0WGeMxDLlHuDae84UzYGH3efYsr_WP4-hr-UNPQEgTxY2Nj3R_MBeEYidzSYUbJ6Yqukw82Bnki3oRUfZS6g9uaF1WN8OteXSLhArNJGaPyErNu8pWZO8q2hptNWqy-yqw9Ylpgh5AbbOVxMs2G71oYyHMJ6QFuoNMOkWHYqHR9P3836x_GvPweLfflXOlkLTx8f9-hYl4923U0Id_0JSpHiV0Ao2jG0xkVJPQN2ulJFfewGstaTq-hCpIszh3o4EVqmWWhPzrgHfcrnpSR401GC-lK0eiJiyXUW7rxOth95-YNEwF5blKrCobsa4tlVsE6K8VKpTD1dAaAwQUnmev40CE4JOeqIocn8aShQyPeBqCUuycP2jRIN8XS12k34l7xsLQPFrQAVBTTkUgUAPZF7txNfbe81pHLcEYnQ9hc_czV0Bk5wtHLMxkRV9-rDLF5L-coTfBc85C4IBNAXizcvP12ghjvm74Qd7rqQPkYQm4-1VMNiRt_yIukM193D18
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame B4DD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHiJdR9HailqcSSzH6SPpOXQ-XC6mP6ug5rlfzA6VtmHSpFp1fP4Cys1HkyiESEYBYI-OzOD50f1BdyaBnTo1HAtoO&sig=Cg0ArKJSzF0NYR9XH5oyEAE&id=lidar2&mcvt=1009&p=0,0,280,336&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665278088250&rpt=2577&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 343C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 14:38:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BD55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=3284416035897806&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C6EE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 00:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 00:29:27 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6603 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 16:56:03 GMT
etag
48472445140208031
expires
Sun, 09 Oct 2022 16:56:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C6EE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a19f9b3f4238147bf9ab4a97f2dceed1c08087aa1aa6f7678bf7c5b9c091de74

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0B59
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJIeLINhPxdTL2SyYzoKluU&google_push=AZmPxg-gPfTpIB1kZS6SWaah7lEJFGf56ZWeqsGBBK3vE9htkuaA1OOfU2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJIeLINhPxdTL2SyYzoKluU&google_push=AZmPxg-gPfTpIB1kZS6SWaah7lEJFGf56ZWeqsGBBK3vE9htkuaA1OOfU2licxUJ1-Sy1EOFkcdAweENHH3gmsGHgCL155kvLZxm_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10122-SYD
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1665278092.251190,VS0,VE213
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJIeLINhPxdTL2SyYzoKluU&google_push=AZmPxg-gPfTpIB1kZS6SWaah7lEJFGf56ZWeqsGBBK3vE9htkuaA1OOfU2licxUJ1-Sy1EOFkcdAweENHH3gmsGHgCL155kvLZxm_g
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0B59
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AZmPxg9VP-928lZgvXbVb20OaIzZEg3dYAWxIS25L530mWtdXFY4N4zS7vBgDTpq9unpMaLc9hhHRN9SxiNNEUciyDUapuCYFPdi&google_gid=CAESEC4mLQw5zW_t67rRMcJgVOw&google...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg9VP-928lZgvXbVb20OaIzZEg3dYAWxIS25L530mWtdXFY4N4zS7vBgDTpq9unpMaLc9hhHRN9SxiNNEUciyDUapuCYFPdi&google_gid=CAESEC4mLQw5zW_t67rRMcJgVO...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg9VP-928lZgvXbVb20OaIzZEg3dYAWxIS25L530mWtdXFY4N4zS7vBgDTpq9unpMaLc9hhHRN9SxiNNEUciyDUapuCYFPdi&google_hm=AemGX9a9JrPjks8ADv76KR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg9VP-928lZgvXbVb20OaIzZEg3dYAWxIS25L530mWtdXFY4N4zS7vBgDTpq9unpMaLc9hhHRN9SxiNNEUciyDUapuCYFPdi&google_hm=AemGX9a9JrPjks8ADv76KRlbRMA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
via
1.1 17fb84bf4d70f7e6db47eb138f34fc8a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg9VP-928lZgvXbVb20OaIzZEg3dYAWxIS25L530mWtdXFY4N4zS7vBgDTpq9unpMaLc9hhHRN9SxiNNEUciyDUapuCYFPdi&google_hm=AemGX9a9JrPjks8ADv76KRlbRMA
cache-control
no-cache
content-length
0
x-amz-cf-id
UZ9vZ1s-FI36WzuOZS6rU8bRN5fGifCGmu_ExezSuyVRKMxvI0XSfQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0B59
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=N2NkN2U2YWMtNWE1Ni00ZjEyLWIwYjctM2E0ZTNjNDIwOTZm&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg_q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=N2NkN2U2YWMtNWE1Ni00ZjEyLWIwYjctM2E0ZTNjNDIwOTZm&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg_q6Fs451e98BU0aEbkw3y0qHAfqLzeEIVQoa6L4nfPoVRE4-KkDv6rBlCK5Q2XB8HYwjXqhjisLcpoJDm_fF5TYn1TsR2c1w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=N2NkN2U2YWMtNWE1Ni00ZjEyLWIwYjctM2E0ZTNjNDIwOTZm&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg_q6Fs451e98BU0aEbkw3y0qHAfqLzeEIVQoa6L4nfPoVRE4-KkDv6rBlCK5Q2XB8HYwjXqhjisLcpoJDm_fF5TYn1TsR2c1w
date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0B59
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEPQSNOrA_QTWR6Rum6NCgp8&google_cver=1&google_push=AZmPxg-BZHM1fp610RSr9CTuawN1KuzQZex3v20fTYjI7213sQ10y6YhkeH3Y903RtuKFwrk8u2hcyokWYBQToWhfxck-M0DF9ffaQ
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TXdJQlNSaDJEamV5TVBiU2pDQkNZdw%3D%3D&google_push=AZmPxg-BZHM1fp610RSr9CTuawN1KuzQZex3v20fTYjI7213sQ10y6YhkeH3Y903RtuKFwrk8u2hcyokWYBQT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TXdJQlNSaDJEamV5TVBiU2pDQkNZdw%3D%3D&google_push=AZmPxg-BZHM1fp610RSr9CTuawN1KuzQZex3v20fTYjI7213sQ10y6YhkeH3Y903RtuKFwrk8u2hcyokWYBQToWhfxck-M0DF9ffaQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TXdJQlNSaDJEamV5TVBiU2pDQkNZdw%3D%3D&google_push=AZmPxg-BZHM1fp610RSr9CTuawN1KuzQZex3v20fTYjI7213sQ10y6YhkeH3Y903RtuKFwrk8u2hcyokWYBQToWhfxck-M0DF9ffaQ
date
Sun, 09 Oct 2022 01:14:52 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
245
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 0B59
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEDnXHi5AZYE6NFwNzi3VqoA&google_cver=1&google_push=AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YFVtoMVh...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEDnXHi5AZYE6NFwNzi3VqoA&google_cver=1&google_push=AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YF...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3609a297-6f72-4c9d-8acd-bfe36c2a7849&ssp=google_jp&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523434588417042321&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523434588417042321&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5a8d4a46-e157-4b90-9e52-74558a1cc344&ssp=google_jp&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523434588417042321&ssp=google_jp&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208880804299000392524&ssp=google_jp&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10523434588417042321&ssp=google_jp&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YFVtoMVhhaAh92ZKthU&google_hm=Ngmil29yTJ2Kzb...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YFVtoMVhhaAh92ZKthU&google_hm=Ngmil29yTJ2Kzb_jbCp4SQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YFVtoMVhhaAh92ZKthU&google_hm=Ngmil29yTJ2Kzb_jbCp4SQ==
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0B59
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-YfpX7sjsyk4sUAASOHjm3p-80sfE84Ytya3Q2pkJ88H30VTRNhhRwmBLooghqSAmZpTex7Zr5ScD0D1pdCrDH6UtUT_hf&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-YfpX7sjsyk4sUAASOH...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-YfpX7sjsyk4sUAASOHjm3p-80sfE84Ytya3Q2pkJ88H30VTRNhhRwmBLooghqSAmZpTex7Zr5ScD0D1pdCrDH6UtUT_hf&google_hm=BJiXZt3u3kt7o1raLfaRQEY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-YfpX7sjsyk4sUAASOHjm3p-80sfE84Ytya3Q2pkJ88H30VTRNhhRwmBLooghqSAmZpTex7Zr5ScD0D1pdCrDH6UtUT_hf&google_hm=BJiXZt3u3kt7o1raLfaRQEY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-YfpX7sjsyk4sUAASOHjm3p-80sfE84Ytya3Q2pkJ88H30VTRNhhRwmBLooghqSAmZpTex7Zr5ScD0D1pdCrDH6UtUT_hf&google_hm=BJiXZt3u3kt7o1raLfaRQEY
date
Sun, 09 Oct 2022 01:14:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX989766ddeede4b7ba35ada2df6914046004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 0B59
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEM2vssfwSc7tHCIQQA1jPu8&google_cver=1&google_push=AZmPxg-WSf2V7Av2u4jTCvGChrewoeNIpP2YoA0EOzDX7kYFU5_eh6WTWU3ET58u1Xceo68oYzrT3...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-WSf2V7Av2u4jTCvGChrewoeNIpP2YoA0EOzDX7kYFU5_eh6WTWU3ET58u1Xceo68oYzrT3bp9M7dsE60yCo386nDLsTEpWA&google_hm=WTBJZ2pNQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-WSf2V7Av2u4jTCvGChrewoeNIpP2YoA0EOzDX7kYFU5_eh6WTWU3ET58u1Xceo68oYzrT3bp9M7dsE60yCo386nDLsTEpWA&google_hm=WTBJZ2pNQ281dElBQUVmaUhKa0FBQUFB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
35
Date
Sun, 09 Oct 2022 01:14:52 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEM2vssfwSc7tHCIQQA1jPu8&google_cver=1&google_push=AZmPxg-WSf2V7Av2u4jTCvGChrewoeNIpP2YoA0EOzDX7kYFU5_eh6WTWU3ET58u1Xceo68oYzrT3bp9M7dsE60yCo386nDLsTEpWA","cluster_id":35,"gdpr":false,"ipv4":"173.245.209.165","key":"Y0IgjMCo5tIAAEfiHJkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40123"}
X-SO-Key
Y0IgjMCo5tIAAEfiHJkAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40123
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-WSf2V7Av2u4jTCvGChrewoeNIpP2YoA0EOzDX7kYFU5_eh6WTWU3ET58u1Xceo68oYzrT3bp9M7dsE60yCo386nDLsTEpWA&google_hm=WTBJZ2pNQ281dElBQUVmaUhKa0FBQUFB
Cache-Control
private
X-SO-HostName
a-ad40123.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
a-tgng40014.dc2p.scaleout.jp
X-SO-IP
173.245.209.165
attr
cm.g.doubleclick.net/pixel/ Frame 0B59 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvMqCLfvrQR6RU34ECin-ubbe2iyDElRdIN484W-4xsrRz1-urWXtlymWN1HHQuitkeO8C
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278089672&bpp=11&bdt=228&idt=298&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=6494685431542&frm=8&ife=1&pv=2&ga_vid=1697942206.1665278090&ga_sid=1665278090&ga_hid=823118088&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44768832%2C44769306%2C44773613%2C44770880&oid=2&pvsid=1819693795624103&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.q1ezlvt9aiv2&fsb=1&dtd=312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AD60 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 00:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 00:29:27 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 55C0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 16:56:03 GMT
etag
48472445140208031
expires
Sun, 09 Oct 2022 16:56:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AD60 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6079a57832f25b765c362aeb838fcfa30ff7fcec1386b385fa43ff473e18f5a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 479C 		9 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
75589164e5e2ec0ba396fab17bace54684ea14390ba8dc9821c1105397543815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1277952-

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 1277952-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
8894
expires
Wed, 04 Oct 2023 01:14:52 GMT
cksync
cs.media.net/ Frame 6E18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA4Mjc5NjkxNjgzNTcxMzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOtMkXS9Vv-6yfm8UAFoJYc&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOtMkXS9Vv-6yfm8UAFoJYc&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:52 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOtMkXS9Vv-6yfm8UAFoJYc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 6E18
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=61bf4df7-00ca-4364-92e8-6295063ece25
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=61bf4df7-00ca-4364-92e8-6295063ece25
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:52 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=61bf4df7-00ca-4364-92e8-6295063ece25
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A687 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
163456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Oct 2022 03:50:36 GMT
expires
Sat, 07 Oct 2023 03:50:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame 6603
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHiLMS5una-lpRoawNohRMQ&google_cver=1&google_push=AZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaR...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHiLMS5una-lpRoawNohRMQ&google_cver=1&google_push=AZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNkn...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHiLMS5una-lpRoawNohRMQ&google_cver=1&google_push=AZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaRTN67oIiKpaEaoQLh197AqnEFa9awtvHChgRvgTY8o2zrYKJr6Yx9Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaRTN67oIiKpaEaoQLh197AqnEFa9awtvHChgRvgTY8o2zrYKJr6Yx9Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7573430f5c93a8be-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
701
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHiLMS5una-lpRoawNohRMQ&google_cver=1&google_push=AZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaRTN67oIiKpaEaoQLh197AqnEFa9awtvHChgRvgTY8o2zrYKJr6Yx9Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8OvlkIZVW9tu_4AMprnYayJaitkg9uEA8hwEGWadQnQLK-nOdxldrjSzAoQVW1_UqpMUmCzs15IG56JZJK2bMtk4twNknaRTN67oIiKpaEaoQLh197AqnEFa9awtvHChgRvgTY8o2zrYKJr6Yx9Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7573430d9b8aa8be-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6603
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEH6rBhVXuFC3RUTjxAb8ezo&google_cver=1&google_push=AZmPxg8QuVza-yH_qtAe-x7d4EKflmOZpXPFTw3vLCnAt1KCWfZ0koVvMaDKKk1ZFfSDobBjkNVquZTpa8niSViXsI7rLwtTbh05JQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DABC430862449EE94380AE57C1C8D5C&google_push=AZmPxg8QuVza-yH_qtAe-x7d4EKflmOZpXPFTw3vLCnAt1KCWfZ0koVvMaDKKk1ZFfSDobBjkNVquZTpa8niSVi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DABC430862449EE94380AE57C1C8D5C&google_push=AZmPxg8QuVza-yH_qtAe-x7d4EKflmOZpXPFTw3vLCnAt1KCWfZ0koVvMaDKKk1ZFfSDobBjkNVquZTpa8niSViXsI7rLwtTbh05JQewGprPgjff5RFDoAiB27MRJQloUWUZbeoLJUyl6mnCJSaP4SG1mSM
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DABC430862449EE94380AE57C1C8D5C&google_push=AZmPxg8QuVza-yH_qtAe-x7d4EKflmOZpXPFTw3vLCnAt1KCWfZ0koVvMaDKKk1ZFfSDobBjkNVquZTpa8niSViXsI7rLwtTbh05JQewGprPgjff5RFDoAiB27MRJQloUWUZbeoLJUyl6mnCJSaP4SG1mSM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 08 Oct 2022 01:14:52 GMT
pixel
cm.g.doubleclick.net/ Frame 6603
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AZmPxg8vjHlc8Pq6aEtF0QYBVK5AgOIYkb7u-kr5HDy2j1xPoJlon71BKIW79qLZjwQreF18BRSx9g0LG8IITPDwsX-B_jay_Zj3kdTF68vuemSg51NBjJQCMydtIGRWEmlizgrZNbP2J8YFE-...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg8vjHlc8Pq6aEtF0QYBVK5AgOIYkb7u-kr5HDy2j1xPoJlon71BKIW79qLZjwQreF18BRSx9g0LG8IITPDwsX-B_jay_Zj3kdTF68vuemSg51NBjJQCMydtIGRWEmlizgrZNb...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg8vjHlc8Pq6aEtF0QYBVK5AgOIYkb7u-kr5HDy2j1xPoJlon71BKIW79qLZjwQreF18BRSx9g0LG8IITPDwsX-B_jay_Zj3kdTF68vuemSg51NBjJQCMydtIGRWEmliz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg8vjHlc8Pq6aEtF0QYBVK5AgOIYkb7u-kr5HDy2j1xPoJlon71BKIW79qLZjwQreF18BRSx9g0LG8IITPDwsX-B_jay_Zj3kdTF68vuemSg51NBjJQCMydtIGRWEmlizgrZNbP2J8YFE-ywyXyGvuk&google_hm=ATcgfzD3m7P4ks8ADv_i_bwb78A
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
via
1.1 17fb84bf4d70f7e6db47eb138f34fc8a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg8vjHlc8Pq6aEtF0QYBVK5AgOIYkb7u-kr5HDy2j1xPoJlon71BKIW79qLZjwQreF18BRSx9g0LG8IITPDwsX-B_jay_Zj3kdTF68vuemSg51NBjJQCMydtIGRWEmlizgrZNbP2J8YFE-ywyXyGvuk&google_hm=ATcgfzD3m7P4ks8ADv_i_bwb78A
cache-control
no-cache
content-length
0
x-amz-cf-id
F4uTb45qPF1SqaMB7aH5aRMBYwD25BDEJNCytvG1J_ElWgjUyxTMXA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6603
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NzJlYWIzNjQtOTFkNi00ZGUzLTgzODAtZDdiZDk4YzEwZDZh&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg8L...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NzJlYWIzNjQtOTFkNi00ZGUzLTgzODAtZDdiZDk4YzEwZDZh&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg8L7K2lzp_9DGfdYF8Jcyj0_eOBhGLZ-GG6NXoIUgZmOgJESh09YLwROquEbWC4zBJ9sZTOkdFRwjblpQ3mGBYbjmdydk2ZoGiojSnEYZiRq7yXkdBTN_vQxM4pvaG3dZ55I_vJVCtUc_9_-wlb7Q
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NzJlYWIzNjQtOTFkNi00ZGUzLTgzODAtZDdiZDk4YzEwZDZh&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg8L7K2lzp_9DGfdYF8Jcyj0_eOBhGLZ-GG6NXoIUgZmOgJESh09YLwROquEbWC4zBJ9sZTOkdFRwjblpQ3mGBYbjmdydk2ZoGiojSnEYZiRq7yXkdBTN_vQxM4pvaG3dZ55I_vJVCtUc_9_-wlb7Q
date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6603
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECHpz9l65VSuQZgJF6EFTWw&google_cver=1&google_push=AZmPxg83up50c2rQZ4nICatHjU3dvCU6-Fr9-TGCmxAQo1-0vamtaBU0DcszitkB0whQm_bOAbj3Syuezit3L...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECHpz9l65VSuQZgJF6EFTWw&google_push=AZmPxg83up50c2rQZ4nICatHjU3dvCU6-Fr9-TGCmxAQo1-0vamtaBU0DcszitkB0whQm_bOAbj3Syuezit3L...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg83up50c2rQZ4nICatHjU3dvCU6-Fr9-TGCmxAQo1-0vamtaBU0DcszitkB0whQm_bOAbj3Syuezit3Lr-6N28LZo6pYN_8q0eIXDA256FS0s-zlWUkgxs3d4DqmhN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg83up50c2rQZ4nICatHjU3dvCU6-Fr9-TGCmxAQo1-0vamtaBU0DcszitkB0whQm_bOAbj3Syuezit3Lr-6N28LZo6pYN_8q0eIXDA256FS0s-zlWUkgxs3d4DqmhN5HRA6TbmK7-jpCA6TZQp7U74&google_hm=ZmxSY0E2TkFUUGtNTXBIOFVDbV8=
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg83up50c2rQZ4nICatHjU3dvCU6-Fr9-TGCmxAQo1-0vamtaBU0DcszitkB0whQm_bOAbj3Syuezit3Lr-6N28LZo6pYN_8q0eIXDA256FS0s-zlWUkgxs3d4DqmhN5HRA6TbmK7-jpCA6TZQp7U74&google_hm=ZmxSY0E2TkFUUGtNTXBIOFVDbV8=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6603
Redirect Chain
  • https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESECqzhdh4rBcebvdH0CYFAXc&google_cver=1&google_push=AZmPxg9GZdcvuC5YSMT2z2XplosJJFeVZyC--OPlsuMj_oWZgQ91QPjlGE19ygoPXwuCRi4a_Hwiwqr2MDFjK...
  • https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AZmPxg9GZdcvuC5YSMT2z2XplosJJFeVZyC--OPlsuMj_oWZgQ91QPjlGE19ygoPXwuCRi4a_Hwiwqr2MDFjKOEM2Cs0fwMT4HaeHpp2XYWf88...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AZmPxg9GZdcvuC5YSMT2z2XplosJJFeVZyC--OPlsuMj_oWZgQ91QPjlGE19ygoPXwuCRi4a_Hwiwqr2MDFjKOEM2Cs0fwMT4HaeHpp2XYWf88TkADgvW_j2ifFfns8AGJedJXnRTx-a0twZv0KAUCBHQw
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AZmPxg9GZdcvuC5YSMT2z2XplosJJFeVZyC--OPlsuMj_oWZgQ91QPjlGE19ygoPXwuCRi4a_Hwiwqr2MDFjKOEM2Cs0fwMT4HaeHpp2XYWf88TkADgvW_j2ifFfns8AGJedJXnRTx-a0twZv0KAUCBHQw
Date
Sun, 09 Oct 2022 01:14:52 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6603
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDR88Ni3edK0gKzOLNWP25E&google_cver=1&google_push=AZmPxg8sd5C1_hBnTWYr-EV4J0B3GqcXg3zHXE6ZNAvaKXVufbL6gHgSjo5X0tHFKTaBYRiW6v...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDR88Ni3edK0gKzOLNWP25E&google_cver=1&google_push=AZmPxg8sd5C1_hBnTWYr-EV4J0B3GqcXg3zHXE6ZNAvaKXVufbL6gHgSjo5X0tHFKTaBYRiW6v...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CbVAxc0xwRTJ1RWRBdS5iYk5vZ3hkLkxGNTNLN1MzMH5B&google_push=AZmPxg8sd5C1_hBnTWYr-EV4J0B3GqcXg3zHXE6ZNAvaKXVufbL6gHgSj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CbVAxc0xwRTJ1RWRBdS5iYk5vZ3hkLkxGNTNLN1MzMH5B&google_push=AZmPxg8sd5C1_hBnTWYr-EV4J0B3GqcXg3zHXE6ZNAvaKXVufbL6gHgSjo5X0tHFKTaBYRiW6vwAwo7plgWbHZfbcpDGoamNTrcRVbUJNPZHbWwxA32Q18-5QDnJo3QLgI1SSRlY6QBHSJqZOv1bojqbuCs
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CbVAxc0xwRTJ1RWRBdS5iYk5vZ3hkLkxGNTNLN1MzMH5B&google_push=AZmPxg8sd5C1_hBnTWYr-EV4J0B3GqcXg3zHXE6ZNAvaKXVufbL6gHgSjo5X0tHFKTaBYRiW6vwAwo7plgWbHZfbcpDGoamNTrcRVbUJNPZHbWwxA32Q18-5QDnJo3QLgI1SSRlY6QBHSJqZOv1bojqbuCs
date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 6603 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ij_ZTir-SRYuBRcU7OcyvrNVV_2qiXJ7DVwyJp5opya_BAdfertlij9NU7bItt7460Rdipng
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 343C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SYKMoA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 55C0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKIj1WBRHNLR0UDndwb3tW8&google_cver=1&google_push=AZmPxg_LuQxrUHsLA7h5WLOT5GrJAQ5vcVKBfnbd2lxTSt4K3HyiMrDiPUSvKXm4Ki4u24s6RZfdiUuwjsbeG_vj9Mdqu_Lpp_xKb...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzgwNTI2NzE0OTQ1MjY2MDM5Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKIj1WBRHNLR0UDndwb3tW8&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKIj1WBRHNLR0UDndwb3tW8&google_cver=1
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKIj1WBRHNLR0UDndwb3tW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 55C0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI9Uk3_qnToqwbKbd1q7vDg&google_cver=1&google_push=AZmPxg_u2TMEkSF-tz5njKm36mnz1TU56NJuzdKdW_VsdOVHwBHb8q5A8Ik2z3Tb6CWUIorGz-bWujD-MTi9Ni1tRh...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjFiZjRkZjctMDBjYS00MzY0LTkyZTgtNjI5NTA2M2VjZTI1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=61bf4df7-00ca-4364-92e8-6295063ece25
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjFiZjRkZjctMDBjYS00MzY0LTkyZTgtNjI5NTA2M2VjZTI1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=61bf4df7-00ca-4364-92e8-6295063ece25
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NjFiZjRkZjctMDBjYS00MzY0LTkyZTgtNjI5NTA2M2VjZTI1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=61bf4df7-00ca-4364-92e8-6295063ece25
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 55C0
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZTU2MzMwN2ItNWE1OC00Njc5LWFkNTQtODcwMjExY2JiODg5&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg-W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZTU2MzMwN2ItNWE1OC00Njc5LWFkNTQtODcwMjExY2JiODg5&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg-WzTYRycTyxmLWyWnYuBMdxZdALOZiaJ7ie40TzYFf5Zk1PS7rPwDCN2Mvpd03AbDsClP9ctzB-vzAO0PCaYLwYXX4qx0aUa2gcSfh7Y-x9LKcqogfQeuAyFQphlNKUcPSh6Mab0UA
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZTU2MzMwN2ItNWE1OC00Njc5LWFkNTQtODcwMjExY2JiODg5&google_gid=CAESEGBPcnMZl4qjkm3EN4PvuJM&google_cver=1&google_push=AZmPxg-WzTYRycTyxmLWyWnYuBMdxZdALOZiaJ7ie40TzYFf5Zk1PS7rPwDCN2Mvpd03AbDsClP9ctzB-vzAO0PCaYLwYXX4qx0aUa2gcSfh7Y-x9LKcqogfQeuAyFQphlNKUcPSh6Mab0UA
date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 55C0
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEH6tZgG4D77y425wwFk7Myo&c_param1=AZmPxg9Vf47yNDWZaFiXJ_MzGvfnDBR0DgCNr_kRi-PwlNZUuYfZgQv2z7xjNwtzAuHkC1WBKmcU_fgc0X6RpTzxY5SgjlWneEQYrx9GrVcXwYdAisP...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg9Vf47yNDWZaFiXJ_MzGvfnDBR0DgCNr_kRi-PwlNZUuYfZgQv2z7xjNwtzAuHkC1WBKmcU_fgc0X6RpTzxY5SgjlWneEQYrx9GrVcXwYdAisPyzaOMxOs5eleHCrasg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg9Vf47yNDWZaFiXJ_MzGvfnDBR0DgCNr_kRi-PwlNZUuYfZgQv2z7xjNwtzAuHkC1WBKmcU_fgc0X6RpTzxY5SgjlWneEQYrx9GrVcXwYdAisPyzaOMxOs5eleHCrasg43J_eO6L4og
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg9Vf47yNDWZaFiXJ_MzGvfnDBR0DgCNr_kRi-PwlNZUuYfZgQv2z7xjNwtzAuHkC1WBKmcU_fgc0X6RpTzxY5SgjlWneEQYrx9GrVcXwYdAisPyzaOMxOs5eleHCrasg43J_eO6L4og
date
Sun, 09 Oct 2022 01:14:53 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 55C0
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESENXBDRkTjATqJsE-2cFg_4U&google_cver=1&google_push=AZmPxg-JB1BAbTq3LfWdKobmcD7JYePuZi5J5BrwoA5FvDoq2hFpu-scb3zJwpBYmbNP7g5hv6rVMU6bqK3hZnVM-M6w...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-JB1BAbTq3LfWdKobmcD7JYePuZi5J5BrwoA5FvDoq2hFpu-scb3zJwpBYmbNP7g5hv6rVMU6bqK3hZnVM-M6wsmRj4jrzZ-DXJVHQ4h-DNpJ5EDFmkW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-JB1BAbTq3LfWdKobmcD7JYePuZi5J5BrwoA5FvDoq2hFpu-scb3zJwpBYmbNP7g5hv6rVMU6bqK3hZnVM-M6wsmRj4jrzZ-DXJVHQ4h-DNpJ5EDFmkWSfKUDPxmzuQ_Z8c6ZD1M8
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-JB1BAbTq3LfWdKobmcD7JYePuZi5J5BrwoA5FvDoq2hFpu-scb3zJwpBYmbNP7g5hv6rVMU6bqK3hZnVM-M6wsmRj4jrzZ-DXJVHQ4h-DNpJ5EDFmkWSfKUDPxmzuQ_Z8c6ZD1M8
date
Sun, 09 Oct 2022 01:14:53 GMT
server
nginx
/
onetag-sys.com/match/ Frame 55C0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBKq6ey08bqFNqP4ei0cuqg&google_cver=1&google_push=AZmPxg9x1DqvjE-BbYvXl-mqht_EY3mWx0NPSz8lKrbh_vyXcGiU5ZMWB9QIj6baM7xh3IBlelxttrPN4CS...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg9x1DqvjE-BbYvXl-mqht_EY3mWx0NPSz8lKrbh_vyXcGiU5ZMWB9QIj6baM7xh3IBlelxttrPN4CSkxMwRrH6hofiqzVBTR8hjxLZ3wmV-sUXOfOHw...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
b1sync.zemanta.com/usersync/googleadx/ Frame 55C0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFqgB749pnPGDFJz-u1Yea0&google_cver=1&google_push=AZmPxg91r4-EaMq5uSHiOYM0w1YvK1WhP7UcVaTEkmywSah5HzQCeI3qP8yUQ53JPODyXp9AZ3Vfoc3q6F_a1...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFqgB749pnPGDFJz-u1Yea0&google_push=AZmPxg91r4-EaMq5uSHiOYM0w1YvK1WhP7UcVaTEkmywSah5HzQCeI3qP8yUQ53JPODyXp9AZ3Vfoc3q6F_a1...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg91r4-EaMq5uSHiOYM0w1YvK1WhP7UcVaTEkmywSah5HzQCeI3qP8yUQ53JPODyXp9AZ3Vfoc3q6F_a1AEVkdjhQJm9rCCRWTkgWCsOKAlwm0lfdRMmKBrtTror-jX...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
50.31.142.255 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:53 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 55C0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Id291WZ4tBs07Wuu0ryDudRxUCWwdmLppZmddsDCsuxzeG3kGskG6ojIw10Mq4W0NDG3P1Cm0
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1DED 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
163456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Oct 2022 03:50:36 GMT
expires
Sat, 07 Oct 2023 03:50:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 479C 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
45d8f3e86c7c244412117a69f561227a3aa1eea68242e9667109673eabfc5131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=131072-

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 131072-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1155774
expires
Wed, 04 Oct 2023 01:14:52 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame A687 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 14:38:21 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 1DED 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 14:38:21 GMT
truncated
/ Frame 0CCD 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0CCD 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0CCD 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 0CCD 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5221&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7Q9Z0BkjV9cEEGxG-McGDmX9UACL3lYBDxZfAiulOtRFd_5bs5PybKkkjZ0VQIChsfJF_sSH0xrkbuBsxr9Um4PvVe4nauHHNz&cme=-dSdTmLEixZCKWJAdmVZ2p2CggsjmhYfsxkKWp2eSgfnDcfNCNGPVljHLyGPbn0aSs2CGCwyr-AgNuf6tLPJHHl6MCl_jpTI43kMzfjJ4Uj8vCWAgeRKTOOZWLtvXi2SUZMxV0JFMr3R2wdWXsiYE-6FrGRFDweHncWbSAjDQx68UZRTmU7hTjfYygLfkVChj7lMIABGJO8CjGiAsdv7Tw%3D%3D%7C%7CYneT2kY-0RfOcTD9cRN7upqIQ-f4xfE61s4Q_jH1SwRbQH6RG2QghyNRCFHOFl3IPq2v39Ar-C4lw7zWKxYLSkzEjsMpQqPM-gxJOmE8MQynZn-_Y9huZt716dmgTKhRo2AQ6RddGXQONDr7iaWXA2zEjRSgFGERjQL7BRMOZlJN0Uo9giDbcRnIwqstbUBvi-dVkFgvQW4-3YV5B_A5uUz542gDBsiM%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785182&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=329544111&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.24%7C62%3D0.83%7C12%3D3.10%7C60%3D1.68%7C10%3D5.69%7C63%3D0.28%7C1%3D1.67%7Cps%3D0.964%7C3%3D0.56%7C4%3D3.62&ktd[]=1126174801920256&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=30111142&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.81%7C62%3D1.01%7C12%3D1.56%7C60%3D0.43%7C10%3D5.69%7C63%3D0.28%7C1%3D1.27%7Cps%3D0.964%7C3%3D0.16%7C4%3D4.00&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=48970281&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.24%7C62%3D1.44%7C12%3D0.26%7C60%3D0.36%7C10%3D5.69%7C63%3D0.28%7C1%3D0.28%7Cps%3D0.964%7C3%3D0.31%7C4%3D4.17&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+High+Return+Investments&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=326649050&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.24%7C62%3D0.83%7C12%3D0.87%7C60%3D0.26%7C10%3D5.69%7C63%3D0.28%7C1%3D0.26%7Cps%3D0.964%7C3%3D0.56%7C4%3D4.15&ktd[]=1126174801920256&ktrkt[]=Best+High+Return+Investments&kwd[]=Trendy+Clothes+for+Older+Women&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=329861602&kbc2[]=1%3D0.97%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.84%7C62%3D0.52%7C12%3D0.98%7C60%3D0.97%7C10%3D5.69%7C63%3D0.28%7Cps%3D0.526%7C3%3D0.30%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Trendy+Clothes+for+Older+Women&cid=8CUABW64L&vi=1665278091171671372&tdAdd[]=ib%3D0&vsid=3082796916835720&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=809&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785182&vgd_nrrv=17795&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1665278091129727235&sttm=1665278091707&upk=1665278092.3017&hvsid=00001665278091707029185683571123&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3082796916835720&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvfu9~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ffu99Wf9~8xLjMGvfHXWW.uX~xLjM7UNvu~Q7Ov~j1Q7v~e8QMxLjMGv9.uA~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vu9X%2Cu9X~J7vh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffu99Wf9~e8QMGvfAW.9u~xLjMGv9.9H~xLjM7e8vuAF9~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBH98jbHtYCa_weu~G7OvfHWi9HHXHXihHFh9i9FuWuufAWWXhAAhhAAFXufWf99WiAHHfXhWWWFHuF9XHW99XuWu9iFHAHi9iXXfuWWfuuF~OfEMjvh9~AENkvf.hA~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.WA~myOfEMGv9.Fi~exLjMGv9.fH~QQvIK~x8Bvou~NJv9~LEQMGvXf~exLjMjvX9~%3DVvfhHi~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvH.uu~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.Ai~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9uX~OYYvw1LYmz5~Qx8Ov%3DK4b4079ysQDA7qhKQEl3oLkH-9~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvOJk1xj7~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.AfhHW9W4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfAW&vgd_optout=0&vgd_cfud=220331&vgd_scsver=328&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001665278091707029185683571123&subBdr=186&bdrid=313&rc=0&rand=1665278092548&acid=d310505bffad4f2f8f007f5cd0cae2c9&matm=1665278092548&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2076&vgd_rtime=2070&vgd_etm=12&vgd_l1hcsd=Otx5k%7C6666&vgd_l1ch=1&vgd_lhl=2738&vgd_pgid=p1873865016t202210090114&vgd_adprefflag=11&vgd_csip=rtb-common-istio-c5ddbccdc-lbmqv.SG&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 09 Oct 2022 01:14:52 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=51172
content-length
15
sodar
pagead2.googlesyndication.com/getconfig/ Frame A4DC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
aee5cde58dfbff3cd4ce29957163c5f3bf72c4a029ba60c8df85ddbe38fff964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11186
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1761 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
bda144b5eb24fa42c74fc47ca2cc1ba786abc2c536fd5141516a25bf000d5ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11325
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FF63 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3UvGuGzcdYcGVxI-1Vhu9DmQPGswEB8DWSmXB1KEHxOL9VTkHdMIu0Id-Iy_7dWa5lNVQH0wNsEuYt2prhhGQur9i&sig=Cg0ArKJSzEmdFoA-VAOBEAE&cid=CAASFeRo1ojPB1q3A1u4MvRWWZr9qLd9Bw&id=lidar2&mcvt=1022&p=300,5,900,125&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665278090780&rpt=831&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		102 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e1727f88fa7368c67a436f6d522b9cf405f1db823e618f57e04a4a13e72d6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
89670
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21050
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 00:20:23 GMT
expires
Sun, 08 Oct 2023 00:20:23 GMT
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C6EE 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1Hg_gR-rj_GL4lX2ynK54rAjGb8bm6-fA3PYOMhOuQyC9A10jZuYFLb799_2dnVYNFs_hxZ_QheHw8Kx6yaqlYC9LrNhiK4_rF3Vdvi42i37ChgjsE2QG2l_Uf0ITPUNdYWV1wwimkr4VwYRT3kdnJQbElLJbIhNJ9371twHFaQQr0RXV_E7gMhViokujM2FBgcy69pEnypOzHOTZIsF8v7zNgG-yi23tQwaAZE3spC5a74xNWjpU4NT7I3LqZt0uDA5pt8KLjO9hBgZ5vylmssc2i8SzKSAPbJvv_EpFnTh3nOGlKnf6fu1NHfixpdcUBxZp3k8YU4TClwupSp1mnGuoCUeDbE-2wEW-xPmNVSIYLmFjeFzt2hRDv0-W8rf_EVxiY-5KypN5Fw6_MvifJjpeWCTCeaOQKvEdDX9U6qgL72IAM6KyFHx4aJp07-17AONq3YWyZPk6MlPgKUjQDBcMle5fioO-ZBvHYdls8S_kbZK0UG6ZxUEws4HmZRN7_asyQepqH9IcbfqrJSvpNUkIdOPtJc468fp-O_Mmr9c7yRalF-xpi4bncFMqRHFZmwnbmLc9XEuO2RqSfl308Cf4Pja7a5mrlsU1gGAvtP2md_pcm8ATrJtZtSuN8jjQ-a2gg1fe04E_6XuUAEp1-iSYiu_jj52NXNwHnc0_3g4bqEDgTQQmm40_cF0oreCevTwF3UWILsttDcn7muv-UAo04iMcMPO6uHyM4Bnvk2bZpcxWm2JVxEGHLa0eBTr3sFQMMa6g65zmjh4meImVhPtuOx8gL5JCS1BXfS9ded8Xun9ePpUCqAqKcD9GVOjI36J0xB5-0EL16x-CHlrWwHXTg6piOaSbZuLIotrbqgAdxCEp_PmhQRzOjzg1udCxLpVixb1ot__LTdjVe5Lpg_qPE1u1NPqvMO0N7kYI_I2XFpxKnSPO6oXFppI5WMsoc_Z54Y8hMSxoIpbEfUOVy7klBXDO2zgQom09_jGMR5dOzFPO8lYKlwDlYpr6a19Bc5IIRfWxO_DttaElVD4FbU_q7By7h8TD23Sc3AoH0RE-aEq_3pkMGjDtgtvYQia6ja_-92XSOX72vf3htQwwAWofAy0aBXKbhr0QZ_0aDSdltfp5MTRmKHPhPUZaTicdivrLAJkDU8An-wvboWmA64CtjHDFQP2N9mHCGJSE8Pqa50OEDxCnIpiHTxiLPYNXZRnrdUErKz4X2gULzzPYDqAs9-R7i2iFjR4sGJpxkmFez9Q&sai=AMfl-YR_wjI7PrRJPm8MCqoEDXYk-HQn7vRrvRXJcxW19iauj-xoafmfwV7OCUDFrFEXEv_pN7cIFL1JRkwlgwLHT2YQF_mHsLETKht0vhdRcldDJD5N0MYoEQq7-yHyVPsm2qcdqcu2cWFXMe0n-7Oml4JWEjJgIfamflJr-5HRJTFl73RFyliuFvzfQD8pDkwQ6FRt5MTNdaJsIiCM7YImGccFVymLOMj3V2muo-HcYDuMDL1KJlpdic1cDL6izd5V6e8M5EI_5n8&sig=Cg0ArKJSzGcM6Lk3yNFzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=969&cbvp=1&cstd=965&cisv=r20221003.22224&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 09 Oct 2022 01:14:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
all
csm.as.criteo.net/ Frame 479C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=GQYTQzvxPu_eyx-hraXoszj9NFu1baiWMk2SGJxfRA5-eh9ZfBPZZ-NaLUiE8IjldEZdxiSRf-eV02W8D8U5iSMR5SS2_9dyHUBR7Opid0-YsjI9-lLetqhiRUQGwIHpmEeT7loU2OIxSATJz2XtuSIN6dEWtfH3t6sjY7JvWIotFVmDRJ5MufJyyhCYzl5Zsg7uQwpgOaJP7KiCrx-WSGWdVRDq8CZej-zJWu89MgMAWprfB2z3b8BuQmokRs171EV-TxrPFrAP4jqE&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
index.html
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		102 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e1727f88fa7368c67a436f6d522b9cf405f1db823e618f57e04a4a13e72d6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
89670
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21050
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 00:20:23 GMT
expires
Sun, 08 Oct 2023 00:20:23 GMT
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AD60 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPHQ-5DxBno8oSGQtvGD_YUgpLxyQZQrNrZmdWXPKz0huVwxFb_4XPmS93PJgMX6r6ytAw6dFFZCQkwi_A5nsWB2nKM0LSuiQ7ODf2J6elwDuHOQ-45zt_MN2nGVExlK-xtKHmIAQya4WFQNG0FqrEYEc2pgxKBaEDC2gsFBsLL21SKEmYdJx9W8F3HCesO-BA51JLTFLyNlCZqXs1TttOmQWJT_iMaxXWOojRUsEYhTf6zU6gz7NMxH2w-S4HdbA5k3nQsyQThAJEOFG6-35D48ba3mMlhBsPqnODMilf1QjOdaH2G9_oMTB8ZyMlT-22iMgLXppmqCWspSOu6Nj7rWpsqIhjUdZZ85mcP9UA3c_D28lgQKRTXh4_AGWw4psMi8zV8m3nIOeXkbeLBxYmNJFuHky9lyOq1Km99u2RxYzSjLHQJx6GVKzddnwq6kWLoghhcou6rZAOXd0rYQBLwUKkAlgPScrLs-G20g95kiDlZvTHotg9ySNTkGFaX9vHH9PH9RmS3mQgiEs23vTiZ3bmDMCC8wiQ6ukyuqMYHUI6kELHezUxdI5KheHiv3snyCX0juYyskP2VnEsGJiib0cKnPcixWe0MAlQWOcC4hizRUinLaWZvvvoCPhgMlasFpcQ84C-AS5y8KDgzTCBUK9y6xGRifPLCknIQt0g7-GLjMP1VEIFWbQ-BtKIwoM3fTytBLBVuSnAN5sqNHpNnFgVuAOvuA8PV0oZDisx4Tn07tyCxy7xQqNENVfcVbBGNo-ZlD12ZTB_a12AQtfZcd03vZiBz32KGYVgShvy068ynHIc3IFrAhrOAHUgJlQK-ZwonErrjF324v0p8o1o9kXRi9kDb7qG3AltO9okCuHBfN4btIgJoXVLOVLhioHZjyh_2Nt1BCjAe2UyMa-1JFt93CLwivzEQxM3zRWLNnCJM4K47bPScrOtJrl4BGSy9wsxnItH_PXZMwxOcxEc5BtzscDusUZ7jtFpynzneKbpJFZ2JaegErXFoUcy6uwRuaIdTwXjPCRf7M5_ZLl8hgufsMZkBdrWXmmkfJBANzs4IOd1DZNZdhZQfLQEZ8ZGDmxfTT0R0VsAJUwCjVB0YZRUsogCf5FI7BZElmE4zebrTVkr4a_0Nquccum8LURS2GtpMgaz2byDFLvc6eDqBQTZkEstRxXKs4zOk1cDd0eDRxS6w-1AldELlW8-ndlGP8bJmMTuqDWLMIxx7dTmA1X3r_J2B6TcEc_yAVXkHSd8G4pXPA&sai=AMfl-YQlMp4nGqbXbQrjVbX7_HoVvsQTCrQNY8Q8ffBLMxVaeluLfJkLNL8bggN7WwDSZu8uBDe2eLH7uB8yg7FG766zUnJGgCrxKwHmIUSuTEC_irpvCLTPzRO-uoNEOmNITi_00Hmdfr4Y2utVp274Ai9CiB85mJWd8D6dVfEksSZGZsamxLRyiNOF0jmqO-yY7BuOlLY52uqUd9TH-f79FBafMEtXHLlhTBRBNSYAY8dDghWEXGw9vG8WuJaGAW0XpZhARaamyII&sig=Cg0ArKJSzOJKK1TU7fruEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=919&cbvp=1&cstd=916&cisv=r20221003.75384&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 09 Oct 2022 01:14:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B942 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=3284416035897806&bg=!PD-lP3vNAAYQgTJdMIE7ACkAdvg8Wiamw7TVf8eP_jPIRYUL8oHV093vSYEl7zIM3Hy6lZ9_iN-PlgIAAABxUgAAAARoAQcKAIX2CJS5QoHmEeXUR-BCwS8mEte0k9dSnUqAKJ7j90IciBA0ir4VgeOeq5evWFoCK5nlm7dVolTCMI7lpImlQKvpY7s9ZTu9Y7fzNp1OKxHQ1Ukoiu4UQHVjIV9_bq5BrBX3lRfkGkL2eewclYxSthF-pOgBBCuJ_TX0VkKuCWJH3dC1Y0SEmQLHFCpRACO52dHiuOoZOZqMUcM17Nkrj4CCehG5zCm2u2QcRpicF0lfpZ3LTdVY4LXMmNhnNrgSXi7UCQu4kx_IOg37Qr-Xv-f7s8ZeWjJoQWd5dz0Z6MS0kbfhqiosnJaz9mlBNcL06uYIxNac9wO79NJ6_qRCBoZ6c1JPm1DoWcZXkoOlB3xSWqdWPPtgA71ksQ3OUXhZSwQaomiTBbTSzr4PkEVfo3R1HFUVktNON3AYGFcE9cdEcNJ1XqVS8wZSbbalRd1nnTzLg0BEmwk31CCl70lo2s4LaU_2of325JeOl1LtmahtGy6C2Oz0Q33lu7Yr1dPhxz3SG7JDhzAkny_5GIEwbkr1z5e-tHh-z9MIx98CNA3p04G89VESEypfRAPX5ZVrXf8JN3QcnOV1he_kmaUI_c7BTAZkzs6QH8qboWannuyei8cYsyNfKGNrFQqblix9kR5xPRW9k3jnIEnBWTJPtP_foxhmEii2yPKfmCj3IlgyYYPX0ZTs8op8JfQNplFkxxXAvB7Slag9ZF_6x6voB6uxHQHeiZ6IVpm0qEnn1nzLfekdHDcmT5X6l1VLSU98MzPE1M78P2ZBQ22Gos_XeKYgDLl2WvSPUhdc0WGKdvBQpMJcr5PG1CKgq5HQYI_TzqFFj78b0ASPcGJWYs9wpgJG7UkwCvZyZ4uQSbpP1F-l9FDkDYMpq3RyaEH_0zdG0YqSpbqG2_OsKSBSqtfcfebvs0bDi_Ljlssmrvl_Q9DZmY4bJJTe7KzhdnlNrXhLj3-SQHNxSZ6ds5etkq5RQcUUrFdcC0KK5S0MhWX_6Qdt6jeUTqhbitZFQzsWZhLZ7WFsJubjhSKC5b-3rOW1I2FYJtOdPyF54prQ1fOCwaUAp8ebG7bmz2sKswii7HRaTvGHwsGDWVfX83CCrgnq5YnBjgV3mbB-RTz5BoQpAF3f
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A4DC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A687 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ6iiiyBCY5S5GNOv1AbBqYOoDQAAAAA4AeAEAg&bg=!Z2SlZCDNAAYQgTJdMIE7ACkAdvg8WtcRuQZHTGIZllDOwgxlBEF-Tq7yPykdCp2gCCOCL2_M5tOmigIAAAC_UgAAAAJoAQcKACU2D7VuMudABv0IIkvTyJpbV_Wl0D_tExrb9Onl_CBommXk3_SjmQL_zslyXtPfd0lPi2PsgCG9NrsQhdem_sUWHtitbKY_lgkLkciCiEGMhqEFz46xoB9WVnWiSXtlZY0zdqLvLFHVFqIRQnTV8N4qkddyHg-XdE5aALJiGGct4FuhBC3xquGeBlouayMhOoO0IkLA-K6YtRQuAZI79qCmZg4T95plL-JoQjz6DLr1HpmWW3QWmE1R0i29aC8fVEvIhdnTxr9aW67nuFBc7IoW_6f0uWYRdw0X3Q1OsYXuoc978RFZemMArb0lWxZhGx_yKSelzQ5Kxk42eGjfspxeU0i7RbRPTxkduPd2r8Q2ZZPIfKt9A3LgjSHoa-V_K9RVazHehRB9BAO62obqUvC4NmaFsOesOXCeC5JWB0IAtXSGz4Pc5y5eOP6qvF4NrBlDdfHgoVjljGf2fm1iLJGBhVNM_MG2LlXlYJ-pcXI6rQkGctIMVmD8WBYUZ9zpMkCM7oioTqIi6EF9_2P7z32kO99R8kkG79Tqoq6z8so8QVjRHfiBqR1t3fYOOacRf3rsuGSBkLg45obulBfcJR9OlXHdMd_UmvZ57KImgZGJ7Ej1FtzXmZgL20GvNnES5GVenQAlB6JQW0Dn7tT0Ua_Uz3eWs8d4wUTXqo0of926yk7yddJMvTD8eNmVnQrZaS8fbErKGBWAQTNa_2QEt4laSnNjyrNTbz1UY_aDv4yKcG0iQnrVxxh6GsY3cEawK0tvUXng5rdoZEWcd9zLar818LbRQSIy5uCYDiEGvsZS1tvnJLJaS_xa3tpt5NudjmZoJTGSywm9AvKBFITuSyGYIFBrODSe69XRypfOiSvqQN3Hq3b-KaqOxAVnp7dImy_fuys6310fAeTJLGEiQGYxllcNqv0gjn8SIndoA6sKrcqeKLGhOm4eerroq7JSxusNMaDsXP-fef7uUyZiJpAYfeEgzsMQHRpqVh-Vk_8nPL8_prc8kj5i6Hm2pNg3T_4du-1OGSrgIT9WP_gl6MQ9lY11t7_olf9-dwlcTO3BK5-SpZhaBvY
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1761 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 01:14:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bgl-2iyBCY-bSGcSJ1Aa5ybTYAgAAAAA4AeAEAg&bg=!jo2ljcnNAAYQgTJdMIE7ACkAdvg8WplEal4vqHqQe1eOBXQ6UdNtlKamJxOdtluBeH6AcY9H61A05AIAAACqUgAAAAJoAQcKADUPeVnA_uyWPlxUHP1i42rTXpyz5aSTXxRWCuiNBNz2vKI1zkYIqSq2Ie_5oPLe0Uh_XvV5TZkC5izm7F2xdPsboaCjj-aV-2SSyetopiLdNKRMNwYoE8mv9n93nv-LCT62i_S9dsaHD8uWR83ihHt_69vyWBASZF_UCT4yW5eFHZZcwWPdDeGp_902kBylXIa9iJxARFpPUOMJnEONH3e1SUYjPzLqNFxRC27AwvEru2S05l0Bjx2gwYp87Jb_3FT5E8v_LS_BIzniCatZJLtFVBEfk3f9S_PlAfHz5NDQcIE9o0s_zCqFRZ3iP1XLNXtzac5X5PdMWZOZ59bLl-H2a63pHO9YTsrDCbkG97EOYWUS-tD6XVv9ugWr3_R25zXIDRRAAYDWRAYxm7rFUiluGCKvCeJoQy2rGlyJrmZRW_6IvB1AN-eT2ew8d7p0z6gz2VadRrWY7jfsGpHGUE20Y26DaHG36vdFDWo9eBnvLhcw-U5p1LWpnALOhYIt6GnRwZazBRt4K7bYdpT-8Ul2N5HVXRqWTBL5sS3uQGYNw7yWgudMb9b0fDBlAwRT8X31EeB3pbmn_y0jmf4ra3cb_WlMrABOBQnRuhKcq4MuX5Nc_ArV0SSEDlzL_kg6tdTwgIT4HPuB_C7v0IfA-9E6wIOcRUIzcXMLPChvg1lQSpVhobU0PQcu-b6AjrMEhPMdWGjtPg6inaXvPk7ykt3r8DhIrPUm9mAUoTjauHnT0Q6CllpGZ1zLS_-ulAc4BJMxRCs43nddZKsFYWD_yAaPsqrGVEELtp4SkIO7JiR7iI0LpYUuB3xOdeP5umTsjECjo1-GwCnosvOpjQ1wR38opAXDtJ7aBA_-qoZp4jnxIPrJdGT2YbZvl6DsyptJ1l04c55_Mrxtzmz6E8Jz7HfyDLTM95o4uOfJIigGRUocJlrIYangMBFYPOHqctrPHRWuErsNWok6eU5avJmR3-lU-mbzhkGy_0Dz8g6f7HEcuhE5fAJ3rUqWIYcce9ceB_V-LNlJm0k3s0vqms3DqNeiLx4ZZXP5SvGhAG0Jq9Y
Requested by
Host: ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
URL: https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6EE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRMmS9m-sobcHb7VVCYNYqCgJzqYmhnmmXZpGxOvuRhqQCwJrDwmbbdKxIewc6VrQOpy6ZgKWb03IWo_9UIZ14PJHG1V4cDzs3PicqKwD2XiM-pSm2ji88vA&sai=AMfl-YSwhxfoZOERFGOLcyYw7aDrfAusXjOEBMqTRvL5HaUQdPsaNEVihIhXyksiIdUuxZwEidk6Y35use9ETaUhIquHaXNbP-3uk-9eXNSQf2rYx2vsTdE7_FNtzKtXUw&sig=Cg0ArKJSzGxGvx6WuLrMEAE&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgDg&id=lidar2&mcvt=1000&p=60,236,150,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665278090772&rpt=1175&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9679 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
194676
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 883A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
9d1dd321fe92fe3fc77eda8df1855bfbe2ff08fe811533d47e9eed0e769f242a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--AN4W0A9F8hjaaSV3iuJww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce--AN4W0A9F8hjaaSV3iuJww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:53 GMT
expires
Sun, 09 Oct 2022 01:14:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame AD60 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuKxUrxlJ_txA8JNq_LELWYpUU5r_UhOnF1y18X9HAs4IupdNk2D0jYgQZqs_s3hfI310IYLwzgYzCuzBIm835VRr331RFYK2fbUu5_1SFQ75pX8pZXt7dgA&sai=AMfl-YToCe_BtNq-M-wXgzh6MpAzhxVlAHUXETcp4Ix5_7kCoqOkZxdpb_kBKZLSFVhxso4C7GqCpKRelnM5NzRpjXbokFVYIBUDdqVqNiWtDfFw9A-is7bh_sYdWfHRfA&sig=Cg0ArKJSzHJMjUigOU-0EAE&cid=CAQSOwDq26N9Q0iTLwfQ38FY2CjHA2KZxhfVM0B86d1S_dquRVlu47wCul7wAUwfKGw7Sf_34rlZQzdUA0QKGAEgDg&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665278090776&rpt=1262&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 09 Oct 2022 01:14:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
481056
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		341 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
bbe0d6c706007d303a35354701236ac713f834622038d32bc592030f18d5eba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
707026
expires
0
rid
match.adsrvr.org/track/ 		108 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
92e6931f5f0b18c16f115ed9b6985e68b76f4d50e8af0c0e2ec1e2045fe26a16

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 01:14:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 08 Nov 2022 01:14:53 GMT
pd
u.openx.net/w/1.0/ Frame 394B 		533 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e230bc32d1202c3f336e8b21025c66571cc199721e81fcfc2df7490bcbb4eb7c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
325
content-type
text/html
date
Sun, 09 Oct 2022 01:14:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame 578E 		2 KB
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
cd1f234275fb1045acd062cffc730f6b88654804a423f27052d34dbac33660af

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
675
content-type
text/html; charset=utf-8
date
Sun, 09 Oct 2022 01:14:52 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
sync
eb2.3lift.com/ Frame 9B83
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
297c964f36bc080f63d172ea5f8978ce987ebea4e0d38e27283cd8337c6a524d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
457
content-type
text/html; charset=utf-8
date
Sun, 09 Oct 2022 01:14:53 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 09 Oct 2022 01:14:53 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame FD0D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.239 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 01:14:54 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2CC6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 01:14:53 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame CB53 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bb579a55a5c73996444ab2dd3e71a0f2338c695e12ed540fd262db32ea8837d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 01:14:53 GMT
expires
Tue, 11 Oct 2022 01:14:53 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame F1EC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-21.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
86339
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 08 Oct 2022 01:15:56 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 472d8295289753113caedd2aa0660466.cloudfront.net (CloudFront)
x-amz-cf-id
giD4sF0CFhVZSSxAy6KkU6V1oHgPkvnAmyKkryw5H-0s7RxsI4ReNw==
x-amz-cf-pop
MRS52-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 92DF 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1665278088522
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1BAD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 09 Oct 2022 01:14:53 GMT
ETag
"623de86a-cf34"
Expires
Mon, 10 Oct 2022 01:14:55 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 883A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=1819693795624103&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 9679 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 14:38:21 GMT
sd
us-u.openx.net/w/1.0/ Frame 394B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 394B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=f7d77cba-c77c-7e02-e44d-6bc71ff699d5&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=61bf4df7-00ca-4364-92e8-6295063ece25&ttd_puid=f7d77cba-c77c-7e02-e44d-6bc71ff699d5&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=61bf4df7-00ca-4364-92e8-6295063ece25&ttd_puid=f7d77cba-c77c-7e02-e44d-6bc71ff699d5&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=61bf4df7-00ca-4364-92e8-6295063ece25&ttd_puid=f7d77cba-c77c-7e02-e44d-6bc71ff699d5&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 394B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0IgjMCo5tIAAEfiHJkAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0IgjMCo5tIAAEfiHJkAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 09 Oct 2022 01:14:53 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":35,"gdpr":false,"ipv4":"173.245.209.165","key":"Y0IgjMCo5tIAAEfiHJkAAAAA","privacy_sensitive":false,"uid":"Y0IgjMCo5tIAAEfiHJkAAAAA","upstream_id":"a-ad40123"}
X-SO-Key
Y0IgjMCo5tIAAEfiHJkAAAAA
X-SO-Upstream-ID
a-ad40123
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40123.dc2p.scaleout.jp
X-SO-UID
Y0IgjMCo5tIAAEfiHJkAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.165
X-SO-Cluster-ID
35
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0IgjMCo5tIAAEfiHJkAAAAA
Cache-Control
private
X-SO-Ads-Time
10
X-SO-LB-Hostname
a-tgng40014.dc2p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 394B
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUo1LtDth_I7ks8ADv76KRlbRM8AAAGDuk8ogw
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUo1LtDth_I7ks8ADv76KRlbRM8AAAGDuk8ogw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
via
1.1 17fb84bf4d70f7e6db47eb138f34fc8a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUo1LtDth_I7ks8ADv76KRlbRM8AAAGDuk8ogw
cache-control
no-cache
content-length
0
x-amz-cf-id
Y0y5KX1m0WGN01QdjycRKPzKhrE8KpXZMRC3At8bLcMEJhfLVSAjwQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 394B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJiOGFmNzAtMGUwYi0yMGE2LWYxYWQtMzE3ZWQ1MTQ1N2I1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 394B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECy3yDva6rerJkX6xOM1o1U&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECy3yDva6rerJkX6xOM1o1U&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECy3yDva6rerJkX6xOM1o1U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3A74 		2 KB
664 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arimo:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
42074ae258a13356bbc4dbe1133b20e4485a3d9bfea58353fcd83ce71981ee66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 Oct 2022 00:55:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Oct 2022 01:14:53 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 3A74 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 20:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Oct 2022 20:32:20 GMT
css
fonts.googleapis.com/ Frame 6473 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arimo:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
42074ae258a13356bbc4dbe1133b20e4485a3d9bfea58353fcd83ce71981ee66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 Oct 2022 01:14:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Oct 2022 01:14:53 GMT
all
csm.as.criteo.net/ Frame 93B9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=dMDUGzvxPu_eyx-hgAQuiOTgdYrRVj169mADedu0PVeVAn5hdrbqjSRn15G_OFTU_xN2N0lPVCj2Hgddsl47nnPc6jOXS070qeioxrNiTEULAm0Q9pZORExtZwYmXiwMt9ZQQATqY54G59-Ut3SvqWsMqS7T8cr2WaY0LANljldeHshd3vaXd7llO2mlqw5ZpgoMy3sC2uOYGRF1233xCHx5-R5B2EfpYMLj-X3uwwapmYI-NNfvqieWBuU_guN8A1ueSQ&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFKmkKj1kBAABBb4p1wrcDCjJkAiX_LA&u=%7CSq63OP5VFkgrZqByc5Azh3M7dzF3yED5%2FC9oye5mFok%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0kewZx4OvO7hSYM886Cl314AB3DKiASQValYzIXdOo0_HYiXjGkioiauWuzerbM-DS2NtQuztb_Os5-ejacXAvVMBslx2-lpV7_6txxqWDAyyr_4MIkgRLFVY3fwqsw9hfgtJJLV4i0BTZW9v-68x8prA9nXyM7mSC9iHAsYaV-PCZKlCLykeOp_1kLZ4f5mfu948YxkPcMIEgbWc6pFs7jR_MJe517X7nVSOyUj6UC2clomEnkwCBdtNHYr5Ts4o1Lj4IrdbeHQMJI2X-dGhbyPvw0zpZxk-Z9Lz-aAtU47JDDhzFfXlVpagbDKRbBqk199YQKNdI9OXbHcQ19wNseB4Ixr9Nh92zZVhR1tTBXrvNMrukqDbIPGoljgOfYP4OLhqgeRCg8zEZpLytKODFRei-czpPlPFMt4tpKcGADqMgVXb1S03Hz5BWyVRQ-4JilUo480_BI__nZVS7YzkaIUt6MA8zA1JFgIdBOR8FG-SopvMuI6yWOnlK2TLu6WrLiTt3vBH1ifMsAlMZ94TNcBeM9ohOQm4xQRajqmZQ5kfnUai1vqoFWsOwRwKSk97lLieBlXBAJM_jJ9rrJdW9tut9NUjq5hYfkx776JOfCo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfjzViCBCY-nUFIGyvQTvgoGAA5j80bFcmuiH5YUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAs2u2H3UY6U-qAMBqgT5AU_Q3CzW3wkNZ11AP2serRtYXq8ZFWTCiD5RYAOBs-Haw9hwAO09657BOsgYEi1Yxz5uXDA77_vDdqj9kw3jbwQhnkscOmdFisxadLWRfNfCvnJTYKtdTBzpOdUpkSpSJJJy0LqY4Tfq8RYzcbQd0M7igxzewO3GJC4mIxkkeTQew82rj8gnb4Nmcd3bYXAKKoYCGK1eiqxxRsIiB5I8XWLHfVXpHCcLFuswbWqORHCtC3LxedjC_bVMxds-7eqzfIiBXRUJ5SxQTJMVaj0ViFxlGPeEONcQ-r40h2Mf2SUH4A8N0LLb5VbOX0FVa7yHvkq3Eof2u1B7mYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3a5wMxiLxjNKXQe6CvXUU8pk5nuw%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
cframe.js
assets.a-mo.net/js/ Frame 578E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.159.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:53 GMT
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SYD62-P2
age
360
x-cache
Hit from cloudfront
last-modified
Tue, 16 Aug 2022 15:29:37 GMT
server
cloudflare
etag
W/"b5a666dd0f7ba9330dd36461c34df0c8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
757343156a06a979-SYD
x-amz-cf-id
NUtQ9r5ZjK5VBwYUZsYjUrXAJU3PAgLVOX9fkaSPNuVKAxnmnzWztw==
expires
Sun, 09 Oct 2022 02:14:53 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 6473 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 20:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Oct 2022 20:32:20 GMT
sync
gum.criteo.com/ Frame CB53 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
470422
expires
60
usync.html
eus.rubiconproject.com/ Frame 7E24
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 01:14:54 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 09 Oct 2022 01:14:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame A169
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Drkt%26refUrl%3D%26vid%3D527809344930827969168357200...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=rkt&refUrl=&vid=52780934493082796916835720000V10&ovsid=1976306189714053534
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=rkt&refUrl=&vid=52780934493082796916835720000V10&ovsid=1976306189714053534
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sun, 09 Oct 2022 01:14:55 GMT
expires
Sun, 09 Oct 2022 01:14:55 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sun, 09 Oct 2022 01:14:55 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=rkt&refUrl=&vid=52780934493082796916835720000V10&ovsid=1976306189714053534
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6676 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=84052
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 01:14:54 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 10 Oct 2022 00:35:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame CB53
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dapx%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=apx&refUrl=&vid=52780934493082796916835720000V10&ovsid=1343102717477708702
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=apx&refUrl=&vid=52780934493082796916835720000V10&ovsid=1343102717477708702
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:53 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:53 GMT
AN-X-Request-Uuid
bf57a6bd-5ad7-4bd1-802b-7c61daf830da
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=apx&refUrl=&vid=52780934493082796916835720000V10&ovsid=1343102717477708702
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame CB53
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3082796916835720...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=opx&refUrl=&vid=52780934493082796916835720000V10&ovsid=3ffb1525-6c7c-44e2-8702-15a9ad190b09
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=opx&refUrl=&vid=52780934493082796916835720000V10&ovsid=3ffb1525-6c7c-44e2-8702-15a9ad190b09
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:53 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:53 GMT

Redirect headers

date
Sun, 09 Oct 2022 01:14:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3082796916835720000V10&type=opx&refUrl=&vid=52780934493082796916835720000V10&ovsid=3ffb1525-6c7c-44e2-8702-15a9ad190b09
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame CB53
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dmma%26refUrl%3D%26vid%3D527809344930827969168357...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=mma&refUrl=&vid=52780934493082796916835720000V10&ovsid=8f156342-208d-4100-a5a0-a842d4f44073
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=mma&refUrl=&vid=52780934493082796916835720000V10&ovsid=8f156342-208d-4100-a5a0-a842d4f44073
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:54 GMT

Redirect headers

Date
Sun, 09 Oct 2022 01:14:53 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=mma&refUrl=&vid=52780934493082796916835720000V10&ovsid=8f156342-208d-4100-a5a0-a842d4f44073
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 09 Oct 2022 01:14:52 GMT
cksync.php
contextual.media.net/ Frame CB53
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dr1%26refUrl%3D%26vid%3D52780934493082796916...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=866930923
  • https://sync.1rx.io/usersync/tradedesk/61bf4df7-00ca-4364-92e8-6295063ece25
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=r1&refUrl=&vid=52780934493082796916835720000V10&ovsid=RX-989766dd-eede-4b7b-a35a-da2df6914046-004
45 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=r1&refUrl=&vid=52780934493082796916835720000V10&ovsid=RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:54 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=r1&refUrl=&vid=52780934493082796916835720000V10&ovsid=RX-989766dd-eede-4b7b-a35a-da2df6914046-004
date
Sun, 09 Oct 2022 01:14:54 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX989766ddeede4b7ba35ada2df6914046004
content-type
text/html
cksync.php
contextual.media.net/ Frame CB53
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Ddxu%26refUrl%3D%26vid%3D52780934493082796916835...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Ddxu%26refUrl%3D%26vid%3D52780934493082796...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=dxu&refUrl=&vid=52780934493082796916835720000V10&ovsid=93ZPgxDu1OHkU65
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=dxu&refUrl=&vid=52780934493082796916835720000V10&ovsid=93ZPgxDu1OHkU65
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:54 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0c66a101650797f5a@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=dxu&refUrl=&vid=52780934493082796916835720000V10&ovsid=93ZPgxDu1OHkU65
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame CB53 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
282051
expires
Sun, 09 Oct 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame CB53
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedi...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1779e28f67d24de0806c5ae81c36434a&ssp=medianet&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=0&consent=&gdpr_pd=1&expires=7
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=0&gdpr_consent=&gdpr_pd=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:55 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=0&gdpr_consent=&gdpr_pd=1
Date
Sun, 09 Oct 2022 01:14:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame CB53
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dzem%26refUrl%3D%26vid%3D52780934493082796916835720...
  • https://stags.bluekai.com/site/23178?id=BdnY_Dq9RW65X8RZGJdl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKCMRXFSX2EOE4VEVZWGVMDQUS2I5FGI...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=BdnY_Dq9RW65X8RZGJdl&refUrl=&type=zem&vid=52780934493082796916835720000V10&vsid=3082796916835720000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=BdnY_Dq9RW65X8RZGJdl&refUrl=&type=zem&vid=52780934493082796916835720000V10&vsid=3082796916835720000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:55 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:54 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=BdnY_Dq9RW65X8RZGJdl&refUrl=&type=zem&vid=52780934493082796916835720000V10&vsid=3082796916835720000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame CB53
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3082796916835720000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3082796916835720000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=57d13263-fe60-4cb4-b99e-d2c833acc733&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=57d13263-fe60-4cb4-b99e-d2c833acc733&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:55 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=57d13263-fe60-4cb4-b99e-d2c833acc733&cs=1
Date
Sun, 09 Oct 2022 01:14:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame CB53 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Demx%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.112.43 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 936D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
194676
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EED6 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
cdb6f80031eb817b721968608d6b1f5d29c930b37ac632e50941c2ef092bb36e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qWmUoQucy2K5k_zj1NDL2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-qWmUoQucy2K5k_zj1NDL2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:53 GMT
expires
Sun, 09 Oct 2022 01:14:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 9679 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-ddJCw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 936D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 14:38:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EED6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=2488395460926590&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync
id.a-mx.com/ Frame 578E 		0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=4d71389c-ff80-44ed-b386-731e2c8d9dd8&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.154.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
AU
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=he8ueXZVmPaHKEUPUF6drudKW%2BkGT2CMoRpbHYNLqPbP2H%2BJFpotiTIPPcJ%2B23ptND%2F9nq1K7fpA9Ggq10WvIQc9uM8xsyTYEdCNnbFo90XZos5PUWot4NuFks7uyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
757343176950dfb5-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync
x.bidswitch.net/ Frame 578E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=4d71389c-ff80-44ed-b386-731e2c8d9dd8&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3609a297-6f72-4c9d-8acd-bfe36c2a7849&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523434588417042321&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5a8d4a46-e157-4b90-9e52-74558a1cc344&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523434588417042321&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208960804299000392440&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10523434588417042321&ssp=adaptmx&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10523434588417042321&ssp=adaptmx&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:56 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10523434588417042321&ssp=adaptmx&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
yahoo
prebid.a-mo.net/setuid/ Frame 578E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=4d71389c-ff80-44ed-b386-731e2c8d9dd8
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A&gdpr=0&gdpr_consent=
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 01:14:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 578E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L90NKTOH-N-8XOP&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L90NKTOH-N-8XOP&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L90NKTOH-N-8XOP&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
cookie
cm.adform.net/ Frame 578E 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid.a-mo.net/ Frame 578E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dzeta%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=zeta&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=zeta&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=zeta&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
prebid.a-mo.net/ Frame 578E
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%...
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=smartadserver&uid=7358413176204741223
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=smartadserver&uid=7358413176204741223
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=smartadserver&uid=7358413176204741223
date
Sun, 09 Oct 2022 01:14:53 GMT
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 578E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQyNzZDNTgtQkIzQS00QUFFLTlFNTItRDkxMzUzNTQ1MjRD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid.a-mo.net/ Frame 578E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=index_rtb&uid=Y0IgjKcM3bFHDtNdyblpSAAA%264697
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=index_rtb&uid=Y0IgjKcM3bFHDtNdyblpSAAA%264697
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKQ69iT9xhWhVkgoXc1k%2BfD55KXzHc0JPUXw19l4iQ1ZDldQhAS0HAR2FLZqCD9wPnbJqDbMWTtp8hoTgrCVDxJQ7tED6SEW2NP39R%2BSBp%2BUPhsKFQSd2aBLXBNKQ9Gk4U6vAlcf"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=index_rtb&uid=Y0IgjKcM3bFHDtNdyblpSAAA%264697
cache-control
no-cache
cf-ray
757343178d846a6c-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 578E
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=sovrn&uid=FcxKCLZHaGenyQAMR4yF8F1M
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=sovrn&uid=FcxKCLZHaGenyQAMR4yF8F1M
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sun, 09 Oct 2022 01:14:54 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=sovrn&uid=FcxKCLZHaGenyQAMR4yF8F1M
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame 578E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=appnexus&uid=1343102717477708702
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=appnexus&uid=1343102717477708702
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:53 GMT
AN-X-Request-Uuid
36b4be2f-fbde-445f-af6c-5a4765c8af56
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=appnexus&uid=1343102717477708702
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 578E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=4d71389c-ff80-44ed-b386-731e2c8d9dd8
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:54 GMT
AN-X-Request-Uuid
56bf9322-f9ca-4dc2-9765-60304f2620a0
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ADMX
c.deployads.com/cs/ Frame 578E 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/ADMX?b=4d71389c-ff80-44ed-b386-731e2c8d9dd8
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.60.98 -, , ASN (),
Reverse DNS
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
setuid
ow.pubmatic.com/ Frame 578E 		86 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=4d71389c-ff80-44ed-b386-731e2c8d9dd8
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
content-length
86
content-type
image/png
setuid
pb-server.ezoic.com/ Frame 578E 		86 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-server.ezoic.com/setuid?bidder=amx&uid=4d71389c-ff80-44ed-b386-731e2c8d9dd8
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.185.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0
setuid
prebid-server.rubiconproject.com/ Frame 578E 		86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=4d71389c-ff80-44ed-b386-731e2c8d9dd8
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.192.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
xuid
eb2.3lift.com/ Frame 9B83
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=61bf4df7-00ca-4364-92e8-6295063ece25&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=61bf4df7-00ca-4364-92e8-6295063ece25&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 09 Oct 2022 01:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=61bf4df7-00ca-4364-92e8-6295063ece25&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 9B83
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTMwNTkyMDM4NTI1MjkwNjQyNzM3
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 9B83
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGnSUzBMggFVh1G-V6zgnVA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGnSUzBMggFVh1G-V6zgnVA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGnSUzBMggFVh1G-V6zgnVA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9B83
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTMwNTkyMDM4NTI1MjkwNjQyNzM3
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTMwNTkyMDM4NTI1MjkwNjQyNzM3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTMwNTkyMDM4NTI1MjkwNjQyNzM3
date
Sun, 09 Oct 2022 01:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 9B83
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=930592038525290642737&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=930592038525290642737&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a469fe10-b7ab-4bd9-b808-f3d5ac877380&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a469fe10-b7ab-4bd9-b808-f3d5ac877380&_noobservation=1&_expected_cookie=3021b2e...
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a469fe10-b7ab-4bd9-b808-f3d5ac877380&_noobservation=1&_expected_cookie=3021b2ee3b1de37070d97a8feb69d61a
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sun, 09 Oct 2022 01:14:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7573431e6b3ca93d-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a469fe10-b7ab-4bd9-b808-f3d5ac877380&_noobservation=1&_expected_cookie=3021b2ee3b1de37070d97a8feb69d61a
date
Sun, 09 Oct 2022 01:14:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7573431d09d7a93d-SYD
content-length
0
xuid
eb2.3lift.com/ Frame 9B83
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=930592038525290642737&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3609a297-6f72-4c9d-8acd-bfe36c2a7849&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523434588417042321&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5a8d4a46-e157-4b90-9e52-74558a1cc344&ssp=triplelift&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523434588417042321&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208880804299000392525&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10523434588417042321&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3609a297-6f72-4c9d-8acd-bfe36c2a7849&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=3609a297-6f72-4c9d-8acd-bfe36c2a7849&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=3609a297-6f72-4c9d-8acd-bfe36c2a7849&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 9B83
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/930592038525290642737?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Y9bOfPpE2oTRoj1lu8YAOvG7J_H05CP8yWOtTlQIDw--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Y9bOfPpE2oTRoj1lu8YAOvG7J_H05CP8yWOtTlQIDw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 09 Oct 2022 01:14:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Y9bOfPpE2oTRoj1lu8YAOvG7J_H05CP8yWOtTlQIDw--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 9B83
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=930592038525290642737
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=930592038525290642737&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=930592038525290642737&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y3B3V421QX3W5KPH94VH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=930592038525290642737&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 9B83 		42 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=930592038525290642737&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:53 GMT
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D3CB4BA16543471BB956ECF90D0FCB0A Ref B: SYD03EDGE1621 Ref C: 2022-10-09T01:14:54Z
etag
"8766f3fc1fc7d81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 9B83
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=BdnY_Dq9RW65X8RZGJdl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IJSG4WK7IRYTS...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=BdnY_Dq9RW65X8RZGJdl
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=BdnY_Dq9RW65X8RZGJdl
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=BdnY_Dq9RW65X8RZGJdl
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2CC6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73818
Connection
keep-alive
Content-Length
9422
Expires
Sun, 09 Oct 2022 21:45:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C6EE 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1Hg_gR-rj_GL4lX2ynK54rAjGb8bm6-fA3PYOMhOuQyC9A10jZuYFLb799_2dnVYNFs_hxZ_QheHw8Kx6yaqlYC9LrNhiK4_rF3Vdvi42i37ChgjsE2QG2l_Uf0ITPUNdYWV1wwimkr4VwYRT3kdnJQbElLJbIhNJ9371twHFaQQr0RXV_E7gMhViokujM2FBgcy69pEnypOzHOTZIsF8v7zNgG-yi23tQwaAZE3spC5a74xNWjpU4NT7I3LqZt0uDA5pt8KLjO9hBgZ5vylmssc2i8SzKSAPbJvv_EpFnTh3nOGlKnf6fu1NHfixpdcUBxZp3k8YU4TClwupSp1mnGuoCUeDbE-2wEW-xPmNVSIYLmFjeFzt2hRDv0-W8rf_EVxiY-5KypN5Fw6_MvifJjpeWCTCeaOQKvEdDX9U6qgL72IAM6KyFHx4aJp07-17AONq3YWyZPk6MlPgKUjQDBcMle5fioO-ZBvHYdls8S_kbZK0UG6ZxUEws4HmZRN7_asyQepqH9IcbfqrJSvpNUkIdOPtJc468fp-O_Mmr9c7yRalF-xpi4bncFMqRHFZmwnbmLc9XEuO2RqSfl308Cf4Pja7a5mrlsU1gGAvtP2md_pcm8ATrJtZtSuN8jjQ-a2gg1fe04E_6XuUAEp1-iSYiu_jj52NXNwHnc0_3g4bqEDgTQQmm40_cF0oreCevTwF3UWILsttDcn7muv-UAo04iMcMPO6uHyM4Bnvk2bZpcxWm2JVxEGHLa0eBTr3sFQMMa6g65zmjh4meImVhPtuOx8gL5JCS1BXfS9ded8Xun9ePpUCqAqKcD9GVOjI36J0xB5-0EL16x-CHlrWwHXTg6piOaSbZuLIotrbqgAdxCEp_PmhQRzOjzg1udCxLpVixb1ot__LTdjVe5Lpg_qPE1u1NPqvMO0N7kYI_I2XFpxKnSPO6oXFppI5WMsoc_Z54Y8hMSxoIpbEfUOVy7klBXDO2zgQom09_jGMR5dOzFPO8lYKlwDlYpr6a19Bc5IIRfWxO_DttaElVD4FbU_q7By7h8TD23Sc3AoH0RE-aEq_3pkMGjDtgtvYQia6ja_-92XSOX72vf3htQwwAWofAy0aBXKbhr0QZ_0aDSdltfp5MTRmKHPhPUZaTicdivrLAJkDU8An-wvboWmA64CtjHDFQP2N9mHCGJSE8Pqa50OEDxCnIpiHTxiLPYNXZRnrdUErKz4X2gULzzPYDqAs9-R7i2iFjR4sGJpxkmFez9Q&sai=AMfl-YR_wjI7PrRJPm8MCqoEDXYk-HQn7vRrvRXJcxW19iauj-xoafmfwV7OCUDFrFEXEv_pN7cIFL1JRkwlgwLHT2YQF_mHsLETKht0vhdRcldDJD5N0MYoEQq7-yHyVPsm2qcdqcu2cWFXMe0n-7Oml4JWEjJgIfamflJr-5HRJTFl73RFyliuFvzfQD8pDkwQ6FRt5MTNdaJsIiCM7YImGccFVymLOMj3V2muo-HcYDuMDL1KJlpdic1cDL6izd5V6e8M5EI_5n8&sig=Cg0ArKJSzGcM6Lk3yNFzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2163&vt=11&dtpt=1194&dett=3&cstd=965&cisv=r20221003.22224&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AD60 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPHQ-5DxBno8oSGQtvGD_YUgpLxyQZQrNrZmdWXPKz0huVwxFb_4XPmS93PJgMX6r6ytAw6dFFZCQkwi_A5nsWB2nKM0LSuiQ7ODf2J6elwDuHOQ-45zt_MN2nGVExlK-xtKHmIAQya4WFQNG0FqrEYEc2pgxKBaEDC2gsFBsLL21SKEmYdJx9W8F3HCesO-BA51JLTFLyNlCZqXs1TttOmQWJT_iMaxXWOojRUsEYhTf6zU6gz7NMxH2w-S4HdbA5k3nQsyQThAJEOFG6-35D48ba3mMlhBsPqnODMilf1QjOdaH2G9_oMTB8ZyMlT-22iMgLXppmqCWspSOu6Nj7rWpsqIhjUdZZ85mcP9UA3c_D28lgQKRTXh4_AGWw4psMi8zV8m3nIOeXkbeLBxYmNJFuHky9lyOq1Km99u2RxYzSjLHQJx6GVKzddnwq6kWLoghhcou6rZAOXd0rYQBLwUKkAlgPScrLs-G20g95kiDlZvTHotg9ySNTkGFaX9vHH9PH9RmS3mQgiEs23vTiZ3bmDMCC8wiQ6ukyuqMYHUI6kELHezUxdI5KheHiv3snyCX0juYyskP2VnEsGJiib0cKnPcixWe0MAlQWOcC4hizRUinLaWZvvvoCPhgMlasFpcQ84C-AS5y8KDgzTCBUK9y6xGRifPLCknIQt0g7-GLjMP1VEIFWbQ-BtKIwoM3fTytBLBVuSnAN5sqNHpNnFgVuAOvuA8PV0oZDisx4Tn07tyCxy7xQqNENVfcVbBGNo-ZlD12ZTB_a12AQtfZcd03vZiBz32KGYVgShvy068ynHIc3IFrAhrOAHUgJlQK-ZwonErrjF324v0p8o1o9kXRi9kDb7qG3AltO9okCuHBfN4btIgJoXVLOVLhioHZjyh_2Nt1BCjAe2UyMa-1JFt93CLwivzEQxM3zRWLNnCJM4K47bPScrOtJrl4BGSy9wsxnItH_PXZMwxOcxEc5BtzscDusUZ7jtFpynzneKbpJFZ2JaegErXFoUcy6uwRuaIdTwXjPCRf7M5_ZLl8hgufsMZkBdrWXmmkfJBANzs4IOd1DZNZdhZQfLQEZ8ZGDmxfTT0R0VsAJUwCjVB0YZRUsogCf5FI7BZElmE4zebrTVkr4a_0Nquccum8LURS2GtpMgaz2byDFLvc6eDqBQTZkEstRxXKs4zOk1cDd0eDRxS6w-1AldELlW8-ndlGP8bJmMTuqDWLMIxx7dTmA1X3r_J2B6TcEc_yAVXkHSd8G4pXPA&sai=AMfl-YQlMp4nGqbXbQrjVbX7_HoVvsQTCrQNY8Q8ffBLMxVaeluLfJkLNL8bggN7WwDSZu8uBDe2eLH7uB8yg7FG766zUnJGgCrxKwHmIUSuTEC_irpvCLTPzRO-uoNEOmNITi_00Hmdfr4Y2utVp274Ai9CiB85mJWd8D6dVfEksSZGZsamxLRyiNOF0jmqO-yY7BuOlLY52uqUd9TH-f79FBafMEtXHLlhTBRBNSYAY8dDghWEXGw9vG8WuJaGAW0XpZhARaamyII&sig=Cg0ArKJSzOJKK1TU7fruEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2124&vt=11&dtpt=1205&dett=3&cstd=916&cisv=r20221003.75384&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Morning_fresh_logo.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/Morning_fresh_logo.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
88c5f40caecd2ee5b4915ae7d71260e465971c6b4adb60c914889b521d2533aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16494
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
BOTTLE-Clean_Green.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/BOTTLE-Clean_Green.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
bf5cd48ff185d59a837437682b0271df40fb697f3557cb12616a7e6a56e5a5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75903
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
leaf-01.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/leaf-01.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
a8bf8f5adf2c7e1243f0bfc4dc3a832e72413cc8dba4465270825dbfb96c9c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 06:36:56 GMT
x-content-type-options
nosniff
age
67078
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6617
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 06:36:56 GMT
SPLASH-3-small.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/SPLASH-3-small.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
08b62d251e07ffd2c3cbdf3215e57bbae6221e22829b0dc80b2c535d7a8e55bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 23:20:21 GMT
x-content-type-options
nosniff
age
179673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35440
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Oct 2023 23:20:21 GMT
leaf-02.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/leaf-02.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
9493a12a77f23858db7f6bc0b4f9cad98497f14b688ea695317b6cbafa27cb77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7483
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
SPLASH-2-small.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/SPLASH-2-small.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
46af9ecc28409c3c4a544aecc039ecf9eecac0010db15ba421fc9ecac80ac107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55406
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
Lemon-Wedge.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/Lemon-Wedge.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
2da73276a8a490b96cbc43f4003fd791e4cacb0d924f759e98a547408dfac0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14717
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
SPLASH-1-small.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/SPLASH-1-small.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
1bef8b80ad4ad52afabdc126c83d3f231808b46d3f1965ab2ab5391d17948ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 21:14:59 GMT
x-content-type-options
nosniff
age
14395
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33798
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 21:14:59 GMT
Lemon-Slice.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/Lemon-Slice.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
0796ee5a883907cb945b262f668a79c8f75b5b013cc58b57ea06c48c926d2b61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19254
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
CG-text-1-long.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/CG-text-1-long.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
5356f4e02bc1a51c44dbfe1f1894e8a4f38df602387ca6b44dfcd07a6fb221ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4172
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
CG-text-2-long.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/CG-text-2-long.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
8eea0160b239f584c0b8316f49d10fc5d4eee403f08171b227c0a9e416322352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4299
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
CG-text-3-long.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/CG-text-3-long.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
4e221b2c9a77f52875ca3c958511fa15b639744c349ad5e2b46e8a1a3dcacfe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 21:14:59 GMT
x-content-type-options
nosniff
age
14395
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4326
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 21:14:59 GMT
burst.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/burst.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
c91314a394022a14c0e105334016e949e71c62243d1a54769a608826029f5bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28839
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
Green-BG-Horiz.jpg
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 6473 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/Green-BG-Horiz.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
c15ce368d813c9396685e5c0e6e202aa7eda67c9cde3448cbc45b99505af2c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10197
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
Morning_fresh_logo.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/Morning_fresh_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
88c5f40caecd2ee5b4915ae7d71260e465971c6b4adb60c914889b521d2533aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16494
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
BOTTLE-Clean_Green.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/BOTTLE-Clean_Green.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
bf5cd48ff185d59a837437682b0271df40fb697f3557cb12616a7e6a56e5a5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75903
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
leaf-01.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/leaf-01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
a8bf8f5adf2c7e1243f0bfc4dc3a832e72413cc8dba4465270825dbfb96c9c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 06:36:56 GMT
x-content-type-options
nosniff
age
67078
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6617
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 06:36:56 GMT
SPLASH-3-small.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/SPLASH-3-small.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
08b62d251e07ffd2c3cbdf3215e57bbae6221e22829b0dc80b2c535d7a8e55bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 23:20:21 GMT
x-content-type-options
nosniff
age
179673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35440
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Oct 2023 23:20:21 GMT
leaf-02.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/leaf-02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
9493a12a77f23858db7f6bc0b4f9cad98497f14b688ea695317b6cbafa27cb77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7483
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
SPLASH-2-small.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/SPLASH-2-small.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
46af9ecc28409c3c4a544aecc039ecf9eecac0010db15ba421fc9ecac80ac107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55406
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
Lemon-Wedge.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/Lemon-Wedge.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
2da73276a8a490b96cbc43f4003fd791e4cacb0d924f759e98a547408dfac0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14717
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
SPLASH-1-small.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/SPLASH-1-small.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
1bef8b80ad4ad52afabdc126c83d3f231808b46d3f1965ab2ab5391d17948ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 21:14:59 GMT
x-content-type-options
nosniff
age
14395
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33798
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 21:14:59 GMT
Lemon-Slice.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/Lemon-Slice.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
0796ee5a883907cb945b262f668a79c8f75b5b013cc58b57ea06c48c926d2b61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19254
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
CG-text-1-long.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/CG-text-1-long.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
5356f4e02bc1a51c44dbfe1f1894e8a4f38df602387ca6b44dfcd07a6fb221ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4172
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
CG-text-2-long.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/CG-text-2-long.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
8eea0160b239f584c0b8316f49d10fc5d4eee403f08171b227c0a9e416322352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4299
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
CG-text-3-long.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/CG-text-3-long.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
4e221b2c9a77f52875ca3c958511fa15b639744c349ad5e2b46e8a1a3dcacfe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 21:14:59 GMT
x-content-type-options
nosniff
age
14395
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4326
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 21:14:59 GMT
burst.png
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/burst.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
c91314a394022a14c0e105334016e949e71c62243d1a54769a608826029f5bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28839
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
Green-BG-Horiz.jpg
s0.2mdn.net/sadbundle/8821928880079431844/ Frame 3A74 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8821928880079431844/Green-BG-Horiz.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
c15ce368d813c9396685e5c0e6e202aa7eda67c9cde3448cbc45b99505af2c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8821928880079431844/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:20:23 GMT
x-content-type-options
nosniff
age
89671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10197
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 02:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Oct 2023 00:20:23 GMT
generate_204
tpc.googlesyndication.com/ Frame 936D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4B0yjQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A4DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=1819693795624103&bg=!3t2l3ZnNAAYQgTJdMIE7ACkAdvg8WvFZ-pZS39Pur9ntg--vXniGfDE39gXQepuOCIuddCxu-762HQIAAAB9UgAAAAJoAQcKALKwWhYp4wGd03IgweVaM2TFUn2B6mpQ3L1aTt2j6vFwK-ZRnEFmCdktNcqmtPXcWtwXZDyuid8Vw91XXmzsVhmjqyOps87FFDBto2K4tL_AbnZ5dePPAMAKbW_n4SoGQWsmfENL5H9E6ljY3VsnpbvnEDASeDbX65FWinE9Bi6vrJKmDWwzSmTZGP5RsS70gWYM9-SAOWJnLDGJEEKBNXoXeMjaxVVpDlRCemDGHiTYC6WFmQLC0D_3RFENNed0Qe5l-qZzq2A2H1Y69ubbP4f7gDYVR0Pu9gnT1AS1QIFUIqjufNm-CRus_zyaH28iaqyK7Tks-guwEOezJzNfVA0w6TpC2ErLRFLvsM_6vY59FycStGsZkyWOqFTVnvZDeE84zNUfvTqTSGTFMhORZTlyBSCUYkbEtrdnX5yxkMLxVOq-PRhv4lDuN2A_tXCAevdPzz3-2czU-Y7hsjQ8STsb13b2WW78kwK4uBl8UoRkb-CmTF6kubZ8hZueAXNa_8NQkPSnVCfKGPP35C_xwhWwQrvgWM9RSFct2gY5ybp_R71E5rh7av939_s_OIDV97_Ga__eK_qDQjHSsUM5MKqvb453lv02NGv-i1Kv94dM0UDAKrDl0pHZr3t1ib3t1Jrz5FXrjf7JhyrUeGgPHsFrBxbc3AU6AqHuXxDZ5yb6KgzCa8fT10CTI1Ed_Ok5Gb8jVXkDtvL8_seEUzGyX5q-5nhdrUEFruYSB5_0O1XsS1WfEPlvKNW6OSD7d1SmehuI5naRZRNYs125FzO0UnNQKuZ9Z46xGQ55f07zrcaf592HSKtRKgeiunnfQMpjnBMKy_zpGwXd6z4QesVebKlbDOg6XhvKqrD7hos4ostiqr6mHcN2CZ613d8RJpRPysSzZ4V_WBNq6zhRXHwcGlH1GAlLjQX6K0nKBhOmozOPOFzlZib1z_pf0hTFghGyU1imZY1l2RoAGUMrp9iNPM3C9FOfmppNyI_uvhXPDppLZVYZhal1auk37bjTX7oRbSrmQgJpopntjp_lFSTGjIxGaRLfoj7-5WAh36CYTerClRyXlD0TakHD_vbEzmkHlPY7VTLTv4wwAfmbB5h_cSp26v5_wkqfwf86w1yi4yp3r3RC95R9ZETDKA0KD9D404QkER4VSc-7XKNIACWxE2MkIK4lF4wvHw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 1BAD 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:54 GMT
AN-X-Request-Uuid
23f32a55-3436-4ad3-b557-4d496a51edab
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2CC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI5NTE1NzE4YjEzNjFiOWY4NTk5OGQxZjMxZjFjM2ZkMDk4M2JiNw
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI5NTE1NzE4YjEzNjFiOWY4NTk5OGQxZjMxZjFjM2ZkMDk4M2JiNw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI5NTE1NzE4YjEzNjFiOWY4NTk5OGQxZjMxZjFjM2ZkMDk4M2JiNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2CC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mGIbRGr7YjL6Yh01MET5CQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8520224266981524057
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8520224266981524057
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 09 Oct 2022 01:14:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8520224266981524057
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2CC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwTktUT0gtTi04WE9Q
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwTktUT0gtTi04WE9Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwTktUT0gtTi04WE9Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 2CC6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XuVilFeNQLis3DvRl20hBw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuVilFeNQLis3DvRl20hBw
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuVilFeNQLis3DvRl20hBw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
47X7WG5351CSWEP7WMF5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuVilFeNQLis3DvRl20hBw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2CC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC3dKAsn7YCMLWgYL0T9fRk&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC3dKAsn7YCMLWgYL0T9fRk&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC3dKAsn7YCMLWgYL0T9fRk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2CC6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=61bf4df7-00ca-4364-92e8-6295063ece25&gdpr=0&gdpr_consent=&expires=30
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=61bf4df7-00ca-4364-92e8-6295063ece25&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=61bf4df7-00ca-4364-92e8-6295063ece25&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame 2CC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L90NKTOH-N-8XOP
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L90NKTOH-N-8XOP
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AF7B235A1AEB4A1F94FC94B9CB7ED706 Ref B: SYD03EDGE1511 Ref C: 2022-10-09T01:14:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqj8VTCBU7hTxUVBfc3g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L90NKTOH-N-8XOP
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2CC6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wjBIUCM7RSegqJDs3Lrchw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wjBIUCM7RSegqJDs3Lrchw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wjBIUCM7RSegqJDs3Lrchw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
HTTP/1.1
Server
52.94.223.167 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3EWGA5E44G1YP30JSY1A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wjBIUCM7RSegqJDs3Lrchw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatch
ssum-sec.casalemedia.com/ Frame 42EE 		2 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b6d24dec4e7a4710bab186b9905d449c9eabb7b38fda7293c442453fb7aa8a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7573431caa7a6a68-SYD
content-encoding
br
content-type
text/html
date
Sun, 09 Oct 2022 01:14:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqE26dSa9Kco1fN2OVdknY3a9FhXpv%2FIyeWN6xmwjeCqy63zPC%2FVqZGtAics4xw1PCHB2S6r%2F6l%2B3CD%2Fwg%2F4jp3XjXgCKqXpf837j8C7kNUjYSxo3d%2F90UgybjX7zoEYKyDx685YFpRm1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 6676 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39862125&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f81d94cbb5a5b87b94912bafc82f1c23f813941452c5ff947e40320f032f5ec8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 01:14:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D95D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=84052
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 01:14:54 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 10 Oct 2022 00:35:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame D32C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.236.28 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3f9003e7b2932c37dc51e2c3cf178962e8dab03e15e0063d9713e5a8b6081df

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 09 Oct 2022 01:14:54 GMT
etag
W/"06b0d2d7a3decdd8a16584400256b58d0"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 10DF 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame AE0C 		928 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
12d0909e5ce831835334dd8c9f9327bd35f233cea74d0964647a14b812aeaee6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
928
content-type
text/html
date
Sun, 09 Oct 2022 01:14:54 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7F40 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1721635d7f73848e30cc5558028e76a765a65096657ecb0cb92c3102f5387a9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7573431caa7f6a68-SYD
content-encoding
br
content-type
text/html
date
Sun, 09 Oct 2022 01:14:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQYAlfUcRmK0jiwAOVeTzdLbJzJ9aViAO495tT1PU1BsHHtPOm8zO6BqG4150AkupOeMpQIORXUB8n%2FffqP2Mqpdnwsodop6j7l1iDMslnn68yhTFSrr1VySt9IjJDL9w7UsoPH2pLeUYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8AD1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 01:14:54 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 09 Oct 2022 01:14:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame F1EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L90NKTOH-N-8XOP&gdpr=0&us_privacy=1YN-
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L90NKTOH-N-8XOP&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.224.193.2 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:55 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L90NKTOH-N-8XOP&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1343102717477708702
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1343102717477708702
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:54 GMT
AN-X-Request-Uuid
d31d1cc4-260e-4d67-ba5f-ff4cc04dfb01
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=1343102717477708702
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FcxKCRZH8mHGmWr-T0Gs8Bxb
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FcxKCRZH8mHGmWr-T0Gs8Bxb
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FcxKCRZH8mHGmWr-T0Gs8Bxb
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FcxKCLZH-qoiaaLfQuWhuQr_
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FcxKCLZH-qoiaaLfQuWhuQr_
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sun, 09 Oct 2022 01:14:55 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FcxKCLZH-qoiaaLfQuWhuQr_
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=7a1a5a8d-f50c-44ee-b2a2-e02ccc94c3e4
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=7a1a5a8d-f50c-44ee-b2a2-e02ccc94c3e4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=7a1a5a8d-f50c-44ee-b2a2-e02ccc94c3e4
Date
Sun, 09 Oct 2022 01:14:55 GMT
Connection
keep-alive
Content-Length
119
Vary
Origin
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F1EC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-989766dd-eede-4b7b-a35a-da2df6914046-004&rndcb=254106960
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849&google_hm=MzYwOWEyOTctNmY3Mi00YzlkLThhY2QtYmZlMzZjMmE3...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGI7-2VsbuYmFzLuDJ39czo&google_cver=1&ssp=adconductor&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849
  • https://sync.1rx.io/usersync/bidswitch/3609a297-6f72-4c9d-8acd-bfe36c2a7849?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-989766dd-eede-4b7b-a35a-da2df6914046-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-989766dd-eede-4b7b-a35a-da2df6914046-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-989766dd-eede-4b7b-a35a-da2df6914046-004
date
Sun, 09 Oct 2022 01:14:55 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX989766ddeede4b7ba35ada2df6914046004
content-type
text/html
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1917759394340541177
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1917759394340541177
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1917759394340541177
Date
Sun, 09 Oct 2022 01:14:55 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame F1EC 		0
0
pixel
ap.lijit.com/ Frame F1EC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F84%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D4d71389c-ff80-44ed-b386-...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F84%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
209.191.163.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 09 Oct 2022 01:14:55 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F84%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A
date
Sun, 09 Oct 2022 01:14:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame F1EC
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iNzRlYWI1OS0xMWQ1LTNhMTktOGExMS1lNDMwMjI4NjYxNmIqU2h0dHBzOi8vYWRz...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4277%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D4d71389c-...
  • https://prebid.a-mo.net/cchain/0/4277?gdpr=0&gdpr_consent=&us_privacy=&A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=zeta&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTnpSbFl...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4277%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D4d71389c-ff80-44ed-b386-731e2c8d9...
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4277%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTnpSbFlXSTFPUzB4TVdRMUxUTmhNVGt0T0dFeE1TMWxORE13TWpJNE5qWXhObUlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqYzBaV0ZpTlRrdE1URmtOUzB6WVRFNUxUaGhNVEV0WlRRek1ESXlPRFkyTVRaaU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.2.239 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:56 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4277%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTnpSbFlXSTFPUzB4TVdRMUxUTmhNVGt0T0dFeE1TMWxORE13TWpJNE5qWXhObUlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqYzBaV0ZpTlRrdE1URmtOUzB6WVRFNUxUaGhNVEV0WlRRek1ESXlPRFkyTVRaaU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-xiTl6GNE2uFABCrfUltvD4r.RitH0p3LJ48FRZ0-~A
date
Sun, 09 Oct 2022 01:14:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
c1.adform.net/serving/cookie/ Frame C2C9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=54276C58-BB3A-4AAE-9E52-D9135354524C
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54276C58-BB3A-4AAE-9E52-D9135354524C
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54276C58-BB3A-4AAE-9E52-D9135354524C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 09 Oct 2022 01:14:56 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 09 Oct 2022 01:14:55 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54276C58-BB3A-4AAE-9E52-D9135354524C
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
ImgSync
image8.pubmatic.com/AdServer/ Frame A2C7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 09 Oct 2022 01:14:57 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 45DB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 09 Oct 2022 01:14:57 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 61F5
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xczncprhyev
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
379
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
ImgSync
image8.pubmatic.com/AdServer/ Frame D1B4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-bt8Sv24cEHivHpA_-llTP7pK0jisX9O-7qRTtaZ
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 09 Oct 2022 01:14:57 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame 3740 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:54 GMT
expires
Sun, 09 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
337773
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 0623 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:55 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame BC3A
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=MwIBSRh2DjeyMPbSjCBCYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
379
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
pxd
dps.jp.cinarra.com/ Frame 85FE 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=54276C58-BB3A-4AAE-9E52-D9135354524C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.32.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Sun, 09 Oct 2022 01:14:55 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame AFF8
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1df23e6c7b524d81850fefcb61cc1378
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 09 Oct 2022 01:14:57 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
RX-989766dd-eede-4b7b-a35a-da2df6914046-004
sync.targeting.unrulymedia.com/csync/ Frame A589
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-989766dd-eede-4b7b-a35a-da2df6914046-004&rndcb=5655066866
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf3e0ba8-0d85-4fca-a6b8-ef63adc3fda4&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/3609a297-6f72-4c9d-8acd-bfe36c2a7849?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
43
date
Sun, 09 Oct 2022 01:14:57 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 09 Oct 2022 01:14:57 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
pragma
no-cache
setuid
prebid.a-mo.net/ Frame 7107
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c8c06d9a-476f-11ed-a08b-616fe903e0c0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dpubmatic%26uid%3D54276C58-BB3A-4AAE-9E52-D91...
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sun, 09 Oct 2022 01:14:56 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
2

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 09 Oct 2022 01:14:56 GMT
location
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame A627
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:93ZPgxDu1OHkU65&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 09 Oct 2022 01:14:57 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 48C4
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0ea93cf1-d4a5-4620-8bae-96b3f76c8cc8-tucta3ba60f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0ea93cf1-d4a5-4620-8bae-96b3f76c8cc8-tucta3ba60f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Sun, 09 Oct 2022 01:14:55 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10144-SYD
x-timer
S1665278095.214026,VS0,VE130

Redirect headers

accept-ranges
bytes
content-length
0
date
Sun, 09 Oct 2022 01:14:55 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0ea93cf1-d4a5-4620-8bae-96b3f76c8cc8-tucta3ba60f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10144-SYD
x-timer
S1665278095.018363,VS0,VE94
x-vcl-time-ms
94
/
csync.loopme.me/ Frame 47A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7573431dd835a8ce-SYD
date
Sun, 09 Oct 2022 01:14:55 GMT
server
cloudflare
cookiesync
core.iprom.net/ Frame F391 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:56 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-92e98a3b3b27@version_1.527v2
X-core-time
0ms
X-server-arch
v2
i.match
a.tribalfusion.com/ Frame E713 		43 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7573431d3e7aa81d-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
141
match.deepintent.com/usersync/ Frame 7900 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 09 Oct 2022 01:14:54 GMT
server
c
cksync.php
contextual.media.net/ Frame BE38 		45 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082796916835720000V10&type=pba&refUrl=&vid=52780934493082796916835720000V10&ovsid=54276C58-BB3A-4AAE-9E52-D9135354524C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Sun, 09 Oct 2022 01:14:54 GMT
expires
Sun, 09 Oct 2022 01:14:54 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6676
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VCdsWLs6Sq6eUtkTU1RSTA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=84052
accept-ranges
bytes
content-length
5549
expires
Mon, 10 Oct 2022 00:35:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 6676
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=54276C58-BB3A-4AAE-9E52-D9135354524C
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDU0Mjc2QzU4LUJCM0EtNEFBRS05RTUyLUQ5MTM1MzU0NTI0QxAAGg0IjsGImgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=4a4e0fb8e48ff456efce85280e4748a53c71907ff7467613828de74a70d16a4b791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0YTRlMGZiOGU0OGZmNDU2ZWZjZTg1MjgwZTQ3NDhhNTNjNzE5MDdmZjc0Njc2MTM4MjhkZTc0YTcwZDE2YTRiNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0YTRlMGZiOGU0OGZmNDU2ZWZjZTg1MjgwZTQ3NDhhNTNjNzE5MDdmZjc0Njc2MTM4MjhkZTc0YTcwZDE2YTRiNzkxNDI2YjU0MTdkY2UyMRAAGgwIj8GImgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0a4da27a-4af5-44da-9662-8fe4e1cfd541
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=0a4da27a-4af5-44da-9662-8fe4e1cfd541
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H3
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=0a4da27a-4af5-44da-9662-8fe4e1cfd541
date
Sun, 09 Oct 2022 01:14:56 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8f156342-208d-4100-a5a0-a842d4f44073
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8f156342-208d-4100-a5a0-a842d4f44073
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 09 Oct 2022 01:14:54 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8f156342-208d-4100-a5a0-a842d4f44073
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 09 Oct 2022 01:14:53 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQyNzZDNTgtQkIzQS00QUFFLTlFNTItRDkxMzUzNTQ1MjRD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 01:14:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 01:14:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 01:14:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
54276C58-BB3A-4AAE-9E52-D9135354524C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6676 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/54276C58-BB3A-4AAE-9E52-D9135354524C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.52.29 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1343102717477708702&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1928316975489506355
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1928316975489506355
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1928316975489506355
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
SPug
image4.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54276C58-BB3A-4AAE-9E52-D9135354524C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zax8gLhE2uVCzBAw_vob6C5S143s9zU-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zax8gLhE2uVCzBAw_vob6C5S143s9zU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zax8gLhE2uVCzBAw_vob6C5S143s9zU-~A&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 01:14:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame 6676
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1343102717477708702
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dpubmatic%26uid%3D54276C58-BB3A-4AAE-9E52-D91...
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=bcd302ae-effe-42f0-a8a8-b5e0b1c269e9&expires=1&user_group=5&ssp=pubmatic&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=&gdpr_consent=&gdpr_pd=
1 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3609a297-6f72-4c9d-8acd-bfe36c2a7849&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 6676
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO8y3YjA6ZhNvNcrEJQEWgY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DABC430862449EE94380AE57C1C8D5C
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=61bf4df7-00ca-4364-92e8-6295063ece25
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 01:14:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 6676
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1d8f49a994b62281&is_secure=true&networkId=17100&version=1&nuid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJrsCTImINogNHVpghAAAAAAA&expiration=1665364495&nuid=54276C58-BB3A-4AAE-9E52-D9135354524C&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4d71389c-ff80-44ed-b386-731e2c8d9dd8%26bidder%3Dpubmatic%26uid%3D54276C58-BB3A-4AAE-9E52-D91...
  • https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=4d71389c-ff80-44ed-b386-731e2c8d9dd8&bidder=pubmatic&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
d1ba4609
rtb.gumgum.com/getuid/ Frame 6676 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.105.127 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1761 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=2488395460926590&bg=!nZ6lntrNAAYQgTJdMIE7ACkAdvg8WsqLYCGbt48j0WwULsmZmux_VljQI2SrQzeYfZDjYek7WjyRSgIAAABoUgAAAAJoAQeZAsiE_G_HqgjJf4RFlM5zTZ0Xe8dXp3g0_JsaKiNtxH-xEO180SVeMXbRS0S0-xjIeLicaJCVntSsXRFIIk-ziQtPWExMSiPRJcuGW-AZmJfyItex-HGjqpmAE0f_UvuU7awq8BH7-B-kr8urtRAPC4165UseUlfP-Bcjkli4fdPxbYMQfoRnLad0pR3igjf4nOBlL-6J3yyiAbPo4tmQXg8rC-kguXQg5XGFaj92MD5bquTkWzQacJNPRTiQ-_lpltAHOdzQlAouRlM-UyVhcxl5Ixbgf7BzED0Omeopkef9ZPCyO90j0cZLEMimw78dpw83Aejlj4dXSlN5Bm6Pm97CNRXGHYKQ_gOey6mW06YsV15l5VTxY1f7v0B_QNcOfZZm7cCMKmtFLOTT7dM02cbgKODWPYYZtqoESuy1Av8z9bGFq-JbtfXl6dYXvwvxj2Ge0nCcwUh8KDXb0klu5UCfGXNWjqiI9VofDZmatGoUBY6JkYvAgtOIYpshwEAHtmh1fCslVpjzN2MeyfW1a2EaShMjVPm6Glcrhwql2si6yqnLxvat5udZbkq_pc1wId0XX6P_gFUy9BK23qJj-phxrHKpVLH3vA2zfqvJqfY0y93ODLHZpN7Ss2iBx1Rb3o016EzUWfrb5bxAONUmUVbXMIpMUFW9xw-IZYcZmbAp82BLvq3YZhIJgl8NGbQOluJX2_0JzSVuSkL00WX_5lRBjQ9L-68K6oy6HK4bpgHCt2sHlWM6V8mq_zrXzoMuc3s0_19Y2aXfxWl_mXVAnbgiTcuW_q03bkdvIIf9w1eb8uTEz1ykVE_s9vrI1S00eePCMlcZgZKxOIJMouLQpgzIIVxyX1ZUOeQL_SO0UvBuBp7ClKho9oYmd_qhdOYZ_kSOGy-9AmQDsqOUdoFhvIeUIoR9mXwPKmDfr-yBJA6Fs3Agpe7HEOV5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame AE0C 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7358413176204741223&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
csync.loopme.me/ Frame AE0C 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7573431dd836a8ce-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
rtb-csync.smartadserver.com/redir/ Frame AE0C
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=083b220407cbcd8237011994&gdpr=0&gdpr_consent=
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=083b220407cbcd8237011994&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=083b220407cbcd8237011994&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 01:14:55 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame AE0C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=tDBZdz1IvgYZ&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=tDBZdz1IvgYZ&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=tDBZdz1IvgYZ&ev=1&pid=560288&gdpr_consent=&gdpr=0
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-54dd88c84-98sbm
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-syd10122-SYD
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665278095.824000,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 7E24 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73817
Connection
keep-alive
Content-Length
9422
Expires
Sun, 09 Oct 2022 21:45:11 GMT
usync.js
eus.rubiconproject.com/ Frame 8AD1 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73816
Connection
keep-alive
Content-Length
9422
Expires
Sun, 09 Oct 2022 21:45:11 GMT
rum
dsum-sec.casalemedia.com/ Frame 7F40
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=61bf4df7-00ca-4364-92e8-6295063ece25&expiration=1667870095&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=61bf4df7-00ca-4364-92e8-6295063ece25&expiration=1667870095&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=61bf4df7-00ca-4364-92e8-6295063ece25&expiration=1667870095&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame 7F40 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FA5MDBXYJV0PNSFW5CBP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7F40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0bwkZmT4_luGLOaxV6qGQ&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0bwkZmT4_luGLOaxV6qGQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltBSAk4E%2FCkTlR5dj9%2BkWKL%2FFeyoeiEIzCxFVu1lyL2g4jsgvTQ8npUkUjqIotOyx%2Bh0H0thSkH1Vtv7VGxffbm%2BC99Qc%2BAp5OBeThGV8d8guD73QfRzWQhvPI17sU6AofbmBKzfYbjzFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7573431fabe5aacf-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0bwkZmT4_luGLOaxV6qGQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7F40 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.52.29 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 7F40
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0IgjAAAa1-P0gA1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0IgjAAAa1-P0gA1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10122-SYD
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665278095.108857,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0IgjAAAa1-P0gA1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum.casalemedia.com/ Frame 7F40
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=205e3121-1f76-1d0a-5af422cf
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=205e3121-1f76-1d0a-5af422cf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sun, 09 Oct 2022 01:14:55 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=205e3121-1f76-1d0a-5af422cf
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 7F40
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3805267149452660393
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3805267149452660393
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3805267149452660393
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7F40
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1343102717477708702
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1343102717477708702
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
AN-X-Request-Uuid
46af7f34-5bf3-42cb-be7c-2c70b3ea1ddb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1343102717477708702
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7F40 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 42EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0bwkZmT4_luGLOaxV6qGQ&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0bwkZmT4_luGLOaxV6qGQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcjDDIoAeWMHgHQYlefn%2FWqLtFg49ccA55%2Fj3dObGVteeaM7EgiteNBT2%2BW6fmGeihnPuU%2FijonCyibPXRRaMl1gLPllxDelXcFpVAnfLD2KkDbq2%2ByjGNpprqa38X4qi5kUqoetfsUmFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7573431fabd8aacf-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEI0bwkZmT4_luGLOaxV6qGQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 42EE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZAYNM3RYH9Z60TXBZPK2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 42EE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=61bf4df7-00ca-4364-92e8-6295063ece25&expiration=1667870095&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=61bf4df7-00ca-4364-92e8-6295063ece25&expiration=1667870095&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=61bf4df7-00ca-4364-92e8-6295063ece25&expiration=1667870095&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 42EE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1343102717477708702
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1343102717477708702
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
AN-X-Request-Uuid
c82e7218-ada2-4d3f-a29c-b6048cfb8475
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1343102717477708702
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 42EE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=93ZPgxDu1OHkU65
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=93ZPgxDu1OHkU65
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-061340171d1604405@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=93ZPgxDu1OHkU65
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 42EE
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y0IgjKcM3bFHDtNdyblpSAAA%264697?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y0IgjKcM3bFHDtNdyblpSAAA%264697
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y0IgjKcM3bFHDtNdyblpSAAA%264697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
44.240.25.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-033521a91.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
QPLAxl8wR5o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v040-00f54d090.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3JIJ+oXoQWM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y0IgjKcM3bFHDtNdyblpSAAA%264697
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 42EE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARIWk7GhEEAAB8RM2XXHg&expiration=1666487696
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARIWk7GhEEAAB8RM2XXHg&expiration=1666487696
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARIWk7GhEEAAB8RM2XXHg&expiration=1666487696
Date
Sun, 09 Oct 2022 01:14:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 42EE 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0IgjKcM3bFHDtNdyblpSAAAElkAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.52.29 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame 42EE 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y0IgjKcM3bFHDtNdyblpSAAA%264697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
124
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
7573431fdd21a87a-SYD
content-length
43
expires
Sun, 09 Oct 2022 03:14:55 GMT
cksync.php
contextual.media.net/ Frame 7E24
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L90NKTOH-N-8XOP
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L90NKTOH-N-8XOP
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L90NKTOH-N-8XOP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 01:14:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 01:14:55 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L90NKTOH-N-8XOP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1343102717477708702
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1343102717477708702
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
AN-X-Request-Uuid
b2245c57-276f-4140-87b9-fc7bc13de562
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=1343102717477708702
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_8600cde6-81c0-412d-b228-301689ab1948&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=3609a297-6f72-4c9d-8acd-bfe36c2a7849
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=3609a297-6f72-4c9d-8acd-bfe36c2a7849
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=372e2dbd-78e0-42ea-acaf-8d86b1f6df6f&user_group=1&ssp=gumgum2&bsw_param=3609a297-6f72-4c9d-8acd-bfe36c2a7849
  • https://usersync.gumgum.com/usersync?b=bsw&i=3609a297-6f72-4c9d-8acd-bfe36c2a7849
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=3609a297-6f72-4c9d-8acd-bfe36c2a7849
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=3609a297-6f72-4c9d-8acd-bfe36c2a7849
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame D32C
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Rx4loN-v4jSmA9osOtOf6H0jdlcNAC4HGAk8G7FK4Mf7QazAb9qvGh5H5kbMlQ-q%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_8600cde6-81c0-412d-b228-301689ab1948&obuid=ENC(Rx4loN-v4jSmA9osOtOf6H0jdlcNAC4HGAk8G7FK4Mf7QazAb9qvGh5H5kbMlQ-q)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DRx4loN-v4jSmA9osOtOf6...
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DRx4loN-v4jSmA9osOtOf6H0jdlcNAC4HGAk8G7FK4Mf7QazAb9qvGh5H5kbMlQ-q%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
495121
expires
Sun, 09 Oct 2022 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DRx4loN-v4jSmA9osOtOf6H0jdlcNAC4HGAk8G7FK4Mf7QazAb9qvGh5H5kbMlQ-q%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A
Date
Sun, 09 Oct 2022 01:14:57 GMT
X-TraceId
84be7d18ebb5b2d4ad51cfa1691e797a
Content-Length
0
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=00ead8ca-ef69-4654-8336-7b2ad7a69893
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=00ead8ca-ef69-4654-8336-7b2ad7a69893
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 09 Oct 2022 01:14:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=00ead8ca-ef69-4654-8336-7b2ad7a69893
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-885ff046-8a38-45ee-783f-ba778214cb78$ip$173.245.209.165
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-885ff046-8a38-45ee-783f-ba778214cb78$ip$173.245.209.165
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-885ff046-8a38-45ee-783f-ba778214cb78$ip$173.245.209.165
Date
Sun, 09 Oct 2022 01:14:56 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-b0pccehE2pclmwU5RZim_DWrcSrQg.KXib6m~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-b0pccehE2pclmwU5RZim_DWrcSrQg.KXib6m~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 09 Oct 2022 01:14:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-b0pccehE2pclmwU5RZim_DWrcSrQg.KXib6m~A
content-length
0
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=58000345-0cbd-4e2d-acdf-520650a2d443
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=58000345-0cbd-4e2d-acdf-520650a2d443
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=58000345-0cbd-4e2d-acdf-520650a2d443
Date
Sun, 09 Oct 2022 01:14:56 GMT
Connection
keep-alive
X-CI-RTID
3bc2a23a-acb7-4406-a90b-27c66d64a8df
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame D32C 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
986499206
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame D32C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_8600cde6-81c0-412d-b228-301689ab1948&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=BdnY_Dq9RW65X8RZGJdl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2QTENZMV6RDRHFJFONRVLA4FEWSHJJSGY...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=BdnY_Dq9RW65X8RZGJdl&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=BdnY_Dq9RW65X8RZGJdl&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=BdnY_Dq9RW65X8RZGJdl&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=04682d8a-a75b-4555-96b0-25c082965be4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=04682d8a-a75b-4555-96b0-25c082965be4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=04682d8a-a75b-4555-96b0-25c082965be4
access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:55 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-989766dd-eede-4b7b-a35a-da2df6914046-004
sync.targeting.unrulymedia.com/csync/ Frame D32C
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-989766dd-eede-4b7b-a35a-da2df6914046-004&rndcb=7394478993
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6285434939126273341&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/3609a297-6f72-4c9d-8acd-bfe36c2a7849?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-989766dd-eede-4b7b-a35a-da2df6914046-004
pragma
no-cache
date
Sun, 09 Oct 2022 01:14:57 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=I23buj3sz7OE&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=I23buj3sz7OE&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=I23buj3sz7OE&ev=1&pid=558355
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-54dd88c84-ck487
expires
-1
usersync
usersync.gumgum.com/ Frame D32C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7358413176204741223
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7358413176204741223
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7358413176204741223
date
Sun, 09 Oct 2022 01:14:55 GMT
content-length
0
sync
ads.servenobid.com/ Frame D32C 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_8600cde6-81c0-412d-b228-301689ab1948
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 6F71
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:55 GMT
Expires
Sun, 09 Oct 2022 01:14:54 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x20 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 513E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 09 Oct 2022 01:14:55 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10122-SYD
x-timer
S1665278095.177033,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 0B6C 		170 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84NjAwY2RlNi04MWMwLTQxMmQtYjIyOC0zMDE2ODlhYjE5NDg=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:14:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1534 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=84051
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 01:14:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 10 Oct 2022 00:35:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 9B70
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=61bf4df7-00ca-4364-92e8-6295063ece25
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=61bf4df7-00ca-4364-92e8-6295063ece25
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sun, 09 Oct 2022 01:14:55 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=61bf4df7-00ca-4364-92e8-6295063ece25
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame B171 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.112.43 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 09 Oct 2022 01:14:55 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame D898
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y0IgjMCo5tIAAEfiHJkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y0IgjMCo5tIAAEfiHJkAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 09 Oct 2022 01:14:55 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y0IgjMCo5tIAAEfiHJkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
35
X-SO-HostName
a-ad40123.dc2p.scaleout.jp
X-SO-IP
173.245.209.165
X-SO-Key
Y0IgjMCo5tIAAEfiHJkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":35,"gdpr":false,"ipv4":"173.245.209.165","key":"Y0IgjMCo5tIAAEfiHJkAAAAA","privacy_sensitive":false,"uid":"Y0IgjMCo5tIAAEfiHJkAAAAA","upstream_id":"a-ad40123"}
X-SO-LB-Hostname
a-tgng40014.dc2p.scaleout.jp
X-SO-UID
Y0IgjMCo5tIAAEfiHJkAAAAA
X-SO-Upstream-ID
a-ad40123
usersync
usersync.gumgum.com/ Frame 0040
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y0IgjKcM3bFHDtNdyblpSAAA%264697
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y0IgjKcM3bFHDtNdyblpSAAA%264697
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7573431f8bbaaacf-SYD
content-length
0
date
Sun, 09 Oct 2022 01:14:55 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y0IgjKcM3bFHDtNdyblpSAAA%264697
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oq3aOi37H3X9PkELtAM3ZPlmcpJwZgfb8t%2FOeIFCNLC3ASSkgHMf7HWkL8FagEU46pDicYtZBfTsuywla16lmHZj5MqEzwSUtn6amaFDKPW3eYD3hCaey0qXjfVRbauOgch0NkwosZPIhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 8EAC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=bL9lfsPu4pFPUGHCX1t5&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=bL9lfsPu4pFPUGHCX1t5&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 09 Oct 2022 01:14:56 GMT Sun, 09 Oct 2022 01:14:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=bL9lfsPu4pFPUGHCX1t5&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 09AD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 01:14:55 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 09 Oct 2022 01:14:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
async_usersync
ib.adnxs.com/ Frame 1BAD 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:55 GMT
AN-X-Request-Uuid
a3e54032-8d4b-4944-9113-74f2ec574fd1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 8AD1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L90NKTOH-N-8XOP
  • https://ads.servenobid.com/sync?pid=323&uid=L90NKTOH-N-8XOP
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L90NKTOH-N-8XOP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.248.37.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-37-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=L90NKTOH-N-8XOP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oea50&_p=3918&cid=2026981476.1665278090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665278090&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&dt=%E7%9B%B4%E6%93%8A%EF%BC%8F%E7%B6%B2%E5%8F%8B%E8%AA%8D%E8%AD%89%E6%80%A7%E6%84%9F%E5%91%B3%E3%80%80%E6%9D%8E%E6%AF%93%E8%8A%AC%E6%B3%84%E9%9B%AA%E7%99%BD%E5%B0%8F%E8%82%9A%E8%82%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 09AD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 01:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73816
Connection
keep-alive
Content-Length
9422
Expires
Sun, 09 Oct 2022 21:45:11 GMT
usersync
usersync.gumgum.com/ Frame 09AD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L90NKTOH-N-8XOP
  • https://usersync.gumgum.com/usersync?b=mag&i=L90NKTOH-N-8XOP
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L90NKTOH-N-8XOP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=L90NKTOH-N-8XOP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 6676 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082796916835720000V10%26type%3Dpba%26refUrl%3D%26vid%3D52780934493082796916835720000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.as.criteo.net/ Frame 479C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=GQYTQzvxPu_eyx-hraXoszj9NFu1baiWMk2SGJxfRA5-eh9ZfBPZZ-NaLUiE8IjldEZdxiSRf-eV02W8D8U5iSMR5SS2_9dyHUBR7Opid0-YsjI9-lLetqhiRUQGwIHpmEeT7loU2OIxSATJz2XtuSIN6dEWtfH3t6sjY7JvWIotFVmDRJ5MufJyyhCYzl5Zsg7uQwpgOaJP7KiCrx-WSGWdVRDq8CZej-zJWu89MgMAWprfB2z3b8BuQmokRs171EV-TxrPFrAP4jqE&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame D95D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65793591&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a65fe20f6b582e8eff6a6ddc7a9c887254f4c26e033e0c64f3b0a96086ababf1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 01:14:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
54276C58-BB3A-4AAE-9E52-D9135354524C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D95D 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/54276C58-BB3A-4AAE-9E52-D9135354524C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.52.29 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 0C46
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
42 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 09 Oct 2022 01:14:58 GMT
Expires
Sun, 09 Oct 2022 01:14:57 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8f156342-208d-4100-a5a0-a842d4f44073&gdpr=0&gdpr_consent=
cs
ad.turn.com/r/ Frame BD3E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0IgjAAAa1-P0gA1&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4C4B
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xczncprhyev
1 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xczncprhyev
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sun, 09 Oct 2022 01:14:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xczncprhyev
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 554A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-bt8Sv24cEHivHpA_-llTP7pK0jisX9O-7qRTtaZ
42 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-bt8Sv24cEHivHpA_-llTP7pK0jisX9O-7qRTtaZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 09 Oct 2022 01:14:58 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-bt8Sv24cEHivHpA_-llTP7pK0jisX9O-7qRTtaZ
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame D95D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1343102717477708702&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1343102717477708702&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 01:14:58 GMT
AN-X-Request-Uuid
3fba6e17-91dc-48a1-ae3e-be102583e3b8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1343102717477708702&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D95D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6285434939126273341
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6285434939126273341
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 01:14:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6285434939126273341
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
x.yieldlift.com/ Frame 1AF6 		0
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=54276C58-BB3A-4AAE-9E52-D9135354524C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.193.2 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Sun, 09 Oct 2022 01:14:58 GMT
Vary
Origin
info
uipglob.semasio.net/pubmatic/1/ Frame D95D 		0
0
qmap
sync.crwdcntrl.net/ Frame D95D
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent=&ct=y
0
0
receive
pixel.tapad.com/idsync/ex/ Frame D95D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=54276C58-BB3A-4AAE-9E52-D9135354524C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5a8d4a46-e157-4b90-9e52-74558a1cc344%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=61bf4df7-00ca-4364-92e8-6295063ece25&ttd_puid=5a8d4a46-e157-4b90-9e52-74558a1cc344%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=61bf4df7-00ca-4364-92e8-6295063ece25&ttd_puid=5a8d4a46-e157-4b90-9e52-74558a1cc344%2C
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Server
107.178.244.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
date
Sun, 09 Oct 2022 01:14:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 01:14:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=61bf4df7-00ca-4364-92e8-6295063ece25&ttd_puid=5a8d4a46-e157-4b90-9e52-74558a1cc344%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
SPug
image4.pubmatic.com/AdServer/ Frame D95D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54276C58-BB3A-4AAE-9E52-D9135354524C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zax8gLhE2uVCzBAw_vob6C5S143s9zU-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zax8gLhE2uVCzBAw_vob6C5S143s9zU-~A&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 01:14:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zax8gLhE2uVCzBAw_vob6C5S143s9zU-~A&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 01:14:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D95D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1343102717477708702
0
0
sync
x.bidswitch.net/ Frame D95D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf3e0ba8-0d85-4fca-a6b8-ef63adc3fda4&ssp=pubmatic
0
0
all
csm.as.criteo.net/ Frame 9DFD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=enLujjvxPu_eyx-h4COzn2HurbWcEc6g-EpTkU3h_B4UDIZ_kIEZlmkOmlgNfH5G6PSuNElSG1OEo8dByB03PIXGrB0hbGeC_EjtvqJddiTBGIVQakLv1k_0Za_E5OB3OE71w2wqzsYFDcB9Cw2Kd6yYduAFCMpaYtie7LlPJDrTXWLRAPEHxNP4XyGg9h8RyVkny4HPXDTRwAc26hF5k0htCgma1h-oI1BHtmWb_wr2hNfKw2Adb5H1KOzBVz81BxwYwg&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgiAAFe-EBc_krAA5x5uglzTbSOHU-ONxkgA&u=%7CSq63OP5VFkhwwXigGtB4M1LAXJVu18t85j503o%2B6r9I%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgxSIsjcW3kZzhysWZK5uAhqHoWI2FauNYT00L99F0AntsnCTG3Exipv0Ka2X8zZ83o6ucqh_upvuwsgoAvz9xUdAHQBsxRztXRzeyaPoKyauzLMgg1v_epkiv_Yf63VWm6LoJc9U5I2jnExdTs_Vz_MWbQPpfL6-0H5yx41I6NMGGEIe9OoJnKGLee6PGky3VYLjZPqf-e9JuDMaEy9x0XhI9e_jbAYN8NJyye0epWz6NAQvRYCnxvGam13d_az2uta7PvpR35YjjlRrkhnyxAoyEfsMBM86McEJ5dD9SfgAxWGzpc-pz6e4pwQoAO22_m0H3IgiE800Lw_tgw9v3t9Q0RI4AXiGGxYmxa1WIYH-cSuaB6gC_Val6bKHWostDpn2z4w3Hn4eP_ZxnyDEALhq0ytxzPU-2QIeRRiGhbtaC_qv5tX6_YB0PcWbIbrwhUPwsylZg11fKt8h8TgyNgcarlXu-QVxpK5jbfnx_tNsJdASGf3stxRmzpWuXF8RGao4y9_UgdAWVWar2JHdijwNxGBP40L2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwF47iCBCY-H3Favyz7sP5uO56AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNrth91GOlPqgDAaoE8wFP0FFv-_fZ5Y56O3xugAYrU-Mt68SMdooD5w30PNpiILPlz3AlT-XFJ0ZShlz4Vx0aSEHPZFtmAjhB8cXIwzSNxb7MN7nBkwapOqjro4lNhLA9Orw4bBWYmQPKZpUdLPAMog-kQhz9kJbpv-1v5uX0LAxS6qumC9Jv5AK8lLQW0x0fswsZ1YGpS1m5aF3GqosfhRw0K7a-JTZUbyfgqrno7R95kmNhhkpBxUgLG0azIqOOa-yR6sG1umO74RZO2m7lbkp5upYHF1PMn9yudrB0srP3eZntPhM9Wszc7cPAFcn9WPw2kMLBo4jo00rvZbiciu2ABpGn9Jik9J3-YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kmTLHL9zWUMgzzzc0K847q6TQiw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.as.criteo.net/ Frame 479C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=GQYTQzvxPu_eyx-hraXoszj9NFu1baiWMk2SGJxfRA5-eh9ZfBPZZ-NaLUiE8IjldEZdxiSRf-eV02W8D8U5iSMR5SS2_9dyHUBR7Opid0-YsjI9-lLetqhiRUQGwIHpmEeT7loU2OIxSATJz2XtuSIN6dEWtfH3t6sjY7JvWIotFVmDRJ5MufJyyhCYzl5Zsg7uQwpgOaJP7KiCrx-WSGWdVRDq8CZej-zJWu89MgMAWprfB2z3b8BuQmokRs171EV-TxrPFrAP4jqE&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0IgigADzE8Kj3wEAApE7i3P-CerzjxQi73scA&u=%7CH3riNtnFJHSP%2BlkbZfDl4zVwfUTeNIlNAi%2BCYTUwc6I%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC43Iyya_TfHAn0F7-Hd8k-0so2C6D1WapM9v9s1WiI04OELH-BpXPs2H0zVJbMMzKn7Pg083idhJ6L218G3te-spcZbnNS5wblKBMPDyn1Rdf8dskxBuVOn7opgqL8mP6-IQVWlekZxgafrSjlAuNNTRRHhgVdtdc0001JHqoTS4w0SX2liVImM97qchP7An4a52XUp6aMrW8MYaj7zvagjSoNK3MSnNZ2zQyhwxrbMKzkhnX7_DNJ5Xx_RelFl7UeDqG0uFB5ouaBEHQ1fUTCSIM7inSbpdYies5cN5ktPzKiyKShIYuI-Q54Ks3neVt6vochLlrDVJRCEuHLrrzWLC1UfPSZ0CmchKFq1ihoLzWckvPg5cTOa75RT5Kj2zNX5KG-YsN4Bi2VZlZ2Dwzj2JV2o8xALZOVPQKvBHkeOaiaRDXztBzBFpfmrbf0yOMIP-TcanI90Se9w2W5lm5Z_9uH45lyAP6kjRFxUKt0xTNlGxAXHHJw-zy2czfZciuTQiXHLswakjClNWkBa7ua4mMttP6agcO8zJIYqw5SUv0pnYGUEh04Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjcYriiBCY8-YD4T4vQTuianwCZj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgSbAk_Q7O0L9rgj1ObznBt1QF6geGt771Qpgix7qhnWpG2VuqKVH68s_de6flmVtqAQBKVBbt4HGMXZvoUUMOK4ZR0WDjsRSDpE22bMAVSB7JH9wyA9pZXlWpEQheRzmj7aJz6TTzKnP0DHRoeUuOV6OExfPEbR6xXA7q4_ZlURKJkm4KNv7NcgjZIqjMXTuUI1Ldj0620qj1S-sah3GRz4TAygZqNMu1DGJX3J_OyZkhKoQTS0UWQWDzgCefoUK3kpFagtgoBDF6Palxrmb5Z4-ILsYwrKNmNqp4oO2USLD2nOZFiisIyi38U1fRe7H2hi_TWjRl4RQ_Y1nW5Te3psPhVTHr5STscnsQtwYabJIFMZzacqFU9EAv6OBBjgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3NAfIE2-Gd5Xwjsi5OErD6WmBfgA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 01:14:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1534 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39434619&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0b468e573333da15dcdbe609384c372328c312ee274feb25972ee1444a0065a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 09 Oct 2022 01:14:58 GMT
content-length
1608
content-type
text/html; charset=UTF-8
usersync.aspx
dis.criteo.com/dis/ Frame 4BDE 		0
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 4A76 		0
0
pubmatic
gocm.c.appier.net/ Frame 6E62 		0
0
pxd
dps.jp.cinarra.com/ Frame 4329 		0
0
cm
ipac.ctnsnet.com/int/ Frame 603B 		0
0
pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame C327 		0
0
bridge
cm.adgrx.com/ Frame 03FA 		0
0
ping_match.gif
pm.w55c.net/ Frame 30DF 		0
0
usersync
usersync.gumgum.com/ Frame 0AC5 		0
0
cs
ad.turn.com/r/ Frame 1534 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1534 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3805267149452660393&gdpr=0&gdpr_consent=&us_privacy=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=54276C58-BB3A-4AAE-9E52-D9135354524C&sInitiator=external&gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent=&ct=y
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1343102717477708702
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf3e0ba8-0d85-4fca-a6b8-ef63adc3fda4&ssp=pubmatic
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
dps.jp.cinarra.com
URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=54276C58-BB3A-4AAE-9E52-D9135354524C
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pbm&i=54276C58-BB3A-4AAE-9E52-D9135354524C
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=54276C58-BB3A-4AAE-9E52-D9135354524C&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString undefined| $ undefined| jQuery function| jqAlias number| ampAdSlotIdCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| google_ad_modifications number| google_global_correlator object| google_prev_clients undefined| google_measure_js_timing function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

92 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ5NK80rswCgoIgQIQ5NK80rswCgoI4gEQ5NK80rswCgoI5gEQ5NK80rswCgoIhwIQ5NK80rswCgkICRDk0rzSuzAKCQg6EOTSvNK7MAoJCAsQ5NK80rswCgoIjAIQ5NK80rswCgkIXxDk0rzSuzA=
.aralego.com/ Name: sspid
Value: 6804c3bd-4245-33c2-b503-9ba2a85305e3
www.bg3.co/ Name: __AP_SESSION__
Value: 8bf404e4-90c0-41c6-9ddf-048f1add0441
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: c401fd00-476f-11ed-8864-002248570047
.adpushup.com/ Name: ap_usid
Value: c401fd01-476f-11ed-8864-002248570047
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 247b43e3-6efb-41f5-be9b-a32f7bd1aa28
.openx.net/ Name: i
Value: 247b43e3-6efb-41f5-be9b-a32f7bd1aa28|1665278088
.omnitagjs.com/ Name: ayl_visitor
Value: dc8b7ab6dacabba54c70d9f8d1225dad
.bg3.co/ Name: __gpi
Value: UID=00000a244eb611e0:T=1665278088:RT=1665278088:S=ALNI_MbnIl4oBt74ydw8L7H8IuAhIz1IGA
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwiMGImgY4AUABSAEQiMGImgYYAA..
.adnxs.com/ Name: uuid2
Value: 1343102717477708702
www.bg3.co/ Name: qcSxc
Value: 1665278089175
.prebid.a-mo.net/ Name: __amc
Value: 1_1665278088_1665278088
.a-mo.net/ Name: amuid2
Value: 4d71389c-ff80-44ed-b386-731e2c8d9dd8
.prebid.a-mo.net/ Name: sd_amuid2
Value: 4d71389c-ff80-44ed-b386-731e2c8d9dd8
.teads.tv/ Name: tt_viewer
Value: a491dffa-72cb-46ba-aaf4-7d0d9f4a4fce
.doubleclick.net/ Name: IDE
Value: AHWqTUnwwgJVJc49yVgaHov_umq7lyAG3nTKw9xwyY-3JSWlum1XJb6eysuIngC7qc0
.quantserve.com/ Name: mc
Value: 63422089-4280a-41ac0-97642
.bg3.co/ Name: __qca
Value: P0-1373673058-1665278089172
.rubiconproject.com/ Name: khaos
Value: L90NKTOH-N-8XOP
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIrTC3v/KC27LUyebV3a1stZSIoJiPS4OMK+G+UBfUHQi5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1665278090.1.0.1665278090.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.2026981476.1665278090
.bg3.co/ Name: __gads
Value: ID=3fb4140cbb1a4dc4:T=1665278088:S=ALNI_MYI_D0yI96-a8h5b-P2ycXDjecN5Q
.quantserve.com/ Name: d
Value: EBoBCQGlJ4EA
.adsrvr.org/ Name: TDID
Value: 61bf4df7-00ca-4364-92e8-6295063ece25
.dap.fw-ad.jp/ Name: user
Value: 2d81f472-1b2e-3346-ace9-f49ac4cc7ddd
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1665278092202000
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 54276C58-BB3A-4AAE-9E52-D9135354524C
.mediago.io/ Name: __mguid_
Value: fbe06119a01574f424c5f432b14816b6
.media.net/ Name: data-ttd
Value: 61bf4df7-00ca-4364-92e8-6295063ece25~~1
.media.net/ Name: visitor-id
Value: 3082796916835720000V10
.casalemedia.com/ Name: CMID
Value: Y0IgjKcM3bFHDtNdyblpSAAA
.casalemedia.com/ Name: CMPS
Value: 4697
.casalemedia.com/ Name: CMPRO
Value: 4697
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y0IgjAAAa1-P0gA1
.media.net/ Name: data-g
Value: CAESEOtMkXS9Vv-6yfm8UAFoJYc~~6
.smartadserver.com/ Name: pid
Value: 7358413176204741223
.c.appier.net/ Name: _auid
Value: MwIBSRh2DjeyMPbSjCBCYw
.c.appier.net/ Name: _gu
Value: CAESEPQSNOrA_QTWR6Rum6NCgp8
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOC
Value: Y0IgjMCo5tIAAEfiHJkAAAAA
.yahoo.com/ Name: A3
Value: d=AQABBIwgQmMCELf8_uhPni_L3dh4ejgH9qoFEgEBAQFyQ2NMYwAAAAAA_eMAAA&S=AQAAAig5W7AjkM28wcyTsF30FvU
.simpli.fi/ Name: suid
Value: 2DABC430862449EE94380AE57C1C8D5C
.tribalfusion.com/ Name: ANON_ID
Value: agnseFSkTsfAutomjt98FgFBYiT0PM9w8XrTZaZdgSgZaOwMHQ6Pa2DcSuYk5ZcfWVueKZbsnQqM0niQOj8ymOcSv
.inmobi.com/ Name: idsp_c
Value: e563307b-5a58-4679-ad54-870211cbb889
.reemo-ad.jp/ Name: deviceIdentifier
Value: EadFbIFkTzGBljArliDhAnMpNopOUiXe
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.bidswitch.net/ Name: tuuid
Value: 3609a297-6f72-4c9d-8acd-bfe36c2a7849
.bidswitch.net/ Name: c
Value: 1665278092
.turn.com/ Name: uid
Value: 3805267149452660393
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2261bf4df7-00ca-4364-92e8-6295063ece25%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-09T01%3A14%3A53%22%7D
.ladsp.com/ Name: smn_uid
Value: FIiNw-1g4CHtjPzBcVVhKA7--ikZW0Q
.openx.net/ Name: pd
Value: v2|1665278093|jElYiuvOiahI
.uuidksinc.net/ Name: jcsuuid
Value: TF0i746lQwo0x8y00onC
.bidswitch.net/ Name: tuuid_lu
Value: 1665278093
.bidswitch.net/ Name: google_push
Value: AZmPxg9dGCwyXVPXvA3deb18pBif20ulhO2AarVQxE01-aVzfsUMh1KUQEftELjIjC_AOu_Pd63V96q61YFVtoMVhhaAh92ZKthU
.3lift.com/ Name: tluid
Value: 930592038525290642737
.ladsp.com/ Name: lum
Value: CIPRvNK7MBIFCAEQqAESBQgDEKgE
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY1Mjc4MDkzfQ
.openx.net/ Name: univ_id
Value: 537072971|61bf4df7-00ca-4364-92e8-6295063ece25|1665278093602766
.zemanta.com/ Name: zuid
Value: BdnY_Dq9RW65X8RZGJdl
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~27m1:196y~27m1"
.mookie1.com/ Name: id
Value: 10523434588417042321
.mookie1.com/ Name: mdata
Value: 1|10523434588417042321|1665278093826
.mookie1.com/ Name: ov
Value: d26d595e83c8e524ffb07aff68a5d2cc
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-989766dd-eede-4b7b-a35a-da2df6914046-004%22%7D
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjRkNzEzODljLWZmODAtNDRlZC1iMzg2LTczMWUyYzhkOWRkOCIsImV4cGlyZXMiOiIyMDIyLTEwLTIzVDAxOjE0OjUzLjg2NjM1NjcwM1oifSwicnViaWNvbiI6eyJ1aWQiOiJMOTBOS1RPSC1OLThYT1AiLCJleHBpcmVzIjoiMjAyMi0xMC0yM1QwMToxNDo1My44NjU5MjY0NDFaIn19LCJiZGF5IjoiMjAyMi0xMC0wOVQwMToxNDo1My44NjU5MjUyNzVaIn0=
.media.net/ Name: data-a
Value: 1343102717477708702~~8
.media.net/ Name: data-o
Value: 3ffb1525-6c7c-44e2-8702-15a9ad190b09~~8
.bg3.co/ Name: cto_bundle
Value: yhFKVV9XYiUyQlVoYnpBdW03RG9neHNXVVd2RSUyQnk3Tm1qUiUyQmgySmZ0ektZNDZSSnVaSWo4SkV4VyUyRld5NnhwNVROeUdpM25hSHY4VmlwMEtoZGp6emNBaVFQTFZ2SlIwWUVEQlZ2RThKS0MlMkJBRjY5R3MlM0Q
.bg3.co/ Name: cto_bidid
Value: EWPRZV9XQ1RnMWRCTlBFNGdpYVolMkZ4ZFl4dFppZ0E1VkFHZzlJNkozTU5leFR6dkRTVmNtWTlFbDlEd2N6WmdWUjQ5dm9qJTJCQ0xvZ0hHamhBb05rWGt0NiUyQnNVUSUzRCUzRA
.a-mx.com/ Name: amuid2
Value: 4d71389c-ff80-44ed-b386-731e2c8d9dd8
.mathtag.com/ Name: uuid
Value: 8f156342-208d-4100-a5a0-a842d4f44073
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-989766dd-eede-4b7b-a35a-da2df6914046-004%22%7D
.casalemedia.com/ Name: CMTS
Value: 4734
.bing.com/ Name: MUID
Value: 3D9EA9D70A3C6FF635A5BBEF0B0E6E31
.c.bing.com/ Name: MR
Value: 0
.w55c.net/ Name: wfivefivec
Value: 93ZPgxDu1OHkU65
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/QE:2jUF']wIg2C%>G$XrP!A#FD.TOKKnyW<U1`VROYQM-:ZonFIM[F.*T#4+*[RPX8GPGMdK1)`4d5d_:(j#iP(Md:R-'+Z]t]Mot?XtX32Q--1j)bhYJE8K/?ks7c2c2AbRAElKSyFUd?h81PvF0b:*g0D(bOrfy
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNGQ3MTM4OWMtZmY4MC00NGVkLWIzODYtNzMxZTJjOGQ5ZGQ4IiwiZXhwaXJlcyI6IjIwMjMtMDEtMDdUMDE6MTQ6NTRaIn19LCJiaXJ0aGRheSI6IjIwMjItMTAtMDlUMDE6MTQ6NTRaIn0=
.linkedin.com/ Name: li_sugr
Value: a469fe10-b7ab-4bd9-b808-f3d5ac877380
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&4def153a-7f6d-4c28-88eb-09714122a759"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2732:u=1:x=1:i=1665278094:t=1665364494:v=2:sig=AQFzn5acSu7GM--G-muyKfBhRAEnxE94"
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIrPLduLbnlDsQBRIWCgdzdng5dDUwEgsIrNWXyLbnlDsQBRIWCgdydWJpY29uEgsI9pvNzLbnlDsQBRgBIAIoAjILCKzNmvXM55Q7EAU4AVoHc3Z4OXQ1MGAC

2 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665278088&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhi-ji-wang-you-ren-zheng-xing-gan-wei-li-yu-fen-xie-xue-bai-xiao-du-du.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665278087251&bpp=12&bdt=1255&idt=981&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=2387511344096&frm=23&ife=1&pv=2&ga_vid=1051709183.1665278088&ga_sid=1665278088&ga_hid=579689063&ga_fc=0&ga_cid=amp-5d8c65x9YwmvNIzm9DSEgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2137947981&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C21066431&oid=2&pvsid=3284416035897806&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8sfnbn5eaa6c&fsb=1&dtd=998
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvemhpLWppLXdhbmcteW91LXJlbi16aGVuZy14aW5nLWdhbi13ZWktbGkteXUtZmVuLXhpZS14dWUtYmFpLXhpYW8tZHUtZHUuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58ad3e685b1b124c341c48eaab5a3d97.safeframe.googlesyndication.com
989a5fc7e1bc0ab63e333489ed15f375.safeframe.googlesyndication.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ab032460e1b58df2dc3e248854f23682.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
app.cauly.co.kr
assets.a-mo.net
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c.deployads.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p1.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-38969000451344156367.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
gocm.c.appier.net
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb-server.ezoic.com
pippio.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
r.turn.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.dsp.reemo-ad.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
ad.turn.com
cm.adgrx.com
dis.criteo.com
dps.jp.cinarra.com
gocm.c.appier.net
ipac.ctnsnet.com
pm.w55c.net
pubmatic-match.dotomi.com
simage2.pubmatic.com
sync-dsp.ad-m.asia
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
uipglob.semasio.net
usersync.gumgum.com
x.bidswitch.net
103.229.10.180
103.229.205.243
103.231.98.194
103.231.98.195
103.231.98.197
103.231.98.203
104.16.87.20
104.17.24.14
104.18.100.194
104.18.13.76
104.18.18.126
104.18.19.126
104.19.159.19
104.19.172.108
104.211.156.162
104.254.150.228
104.254.151.36
104.26.2.91
104.26.4.103
104.45.178.220
104.69.148.168
107.178.244.193
107.178.254.65
13.107.21.200
13.107.42.14
13.250.207.233
13.251.173.219
13.251.20.120
13.33.33.118
13.33.33.27
13.33.33.58
13.76.45.37
133.186.161.88
139.162.38.30
139.162.40.113
139.5.84.243
142.250.4.155
142.251.10.155
142.251.12.94
145.40.89.200
150.95.47.242
151.101.1.44
151.101.130.49
169.197.150.7
172.217.194.132
172.217.194.155
172.217.194.95
172.64.152.245
172.67.154.71
18.138.18.111
18.139.185.219
18.155.68.53
18.176.32.10
18.180.216.240
18.182.192.59
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.183.112.155
185.184.8.90
185.84.60.30
193.122.130.38
195.5.165.20
198.8.71.130
202.131.200.84
202.241.208.56
209.191.163.208
209.58.188.181
216.239.38.178
23.106.127.165
23.106.127.53
23.108.102.145
23.108.103.8
23.195.152.23
23.195.153.54
23.36.252.26
23.72.44.183
23.72.44.196
23.72.44.239
23.9.178.47
23.9.185.218
3.113.228.209
31.220.27.155
34.102.253.54
34.107.148.139
34.111.151.213
34.193.201.64
34.194.85.148
34.248.37.242
34.98.64.218
34.98.67.3
35.156.150.75
35.186.193.173
35.190.60.146
35.208.249.213
35.213.117.18
35.213.12.39
35.213.93.179
35.227.202.26
35.230.38.116
35.244.159.8
35.71.131.137
35.71.178.8
35.72.105.127
35.75.225.181
37.157.2.239
42.99.140.144
42.99.140.200
42.99.140.216
44.230.111.82
44.240.25.198
50.116.239.135
50.31.142.255
51.68.39.188
51.79.234.101
52.209.60.98
52.222.144.21
52.4.73.191
52.46.143.56
52.74.162.2
52.94.223.167
54.156.112.43
54.169.99.236
54.192.150.126
54.224.193.2
54.238.120.71
54.249.236.28
54.255.52.29
66.225.223.191
67.199.150.81
69.16.175.42
69.173.158.64
69.173.158.65
74.118.186.45
74.125.130.154
74.125.130.156
74.125.24.132
74.125.24.147
74.125.24.148
74.125.24.156
74.125.24.97
74.125.68.157
74.214.196.131
8.43.72.98
84.17.37.44
89.207.22.73
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
01ee79947c46e59a7c1dd3b18fd19b7f4083672d9e2f273bde170ad442ffbe6f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3
06a55574709ebf1fbbb4e954c8e470d019f7e0609e8b8bd18dafedc3fe580c72
0796ee5a883907cb945b262f668a79c8f75b5b013cc58b57ea06c48c926d2b61
08b62d251e07ffd2c3cbdf3215e57bbae6221e22829b0dc80b2c535d7a8e55bb
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
0b468e573333da15dcdbe609384c372328c312ee274feb25972ee1444a0065a2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c6092323e1e22bed8edeba5bb648764a563b0ca81855589a0f19713e0c3bda1
0df67f608a9eade0786e14d9561b6977247cd9337fba3a13f030e8dbbef33f99
0e4caf58d82de351e2f8ca2640ec2db63785759c83ec3f0b9fc201e2cfe2f52c
0e76ce1245b9bd761dac71bb4ebeff23997b93bd1643a365117123e2251d6859
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12d0909e5ce831835334dd8c9f9327bd35f233cea74d0964647a14b812aeaee6
138661cb6f47a3e039f54fea83f8b49f5213dd003dfbc7ff37eebb437bf946b8
145fe8879549e22f9a5a8b4a8852f7760d13ad9813b6a910b0c355aee96f7763
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194859beed2744c8bb0d8db1678827142c602584061fec1ae6463f9fd4e36139
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1bef8b80ad4ad52afabdc126c83d3f231808b46d3f1965ab2ab5391d17948ca6
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1ece948d98c5e739c54ec068ea618b60e9649127a30091b85ad155b63ce934e8
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
2248d0bd8658f3cb9ed22a07b9310976f0dc2bccf7d364dca316724375cc833d
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28c100d6f914f7b27023459ae32e30d7f5b34d09f8e7fb62970020e327800505
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4
297c964f36bc080f63d172ea5f8978ce987ebea4e0d38e27283cd8337c6a524d
2ccf2528c7f3aebe107e3aeeff30abbe16287f81e3709ac3f76e125942a94eaa
2cf89dcbf60aa56ab4e3da25651ce5b6de62dc2e2eef6509acc08633ad42aba3
2da73276a8a490b96cbc43f4003fd791e4cacb0d924f759e98a547408dfac0d9
304134c72504df6cfdc764011215da488737b1991b1991ed8fd159912310aa22
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3288212b66509bcca02524204f3d2c8cc0b6a6a83cf3a7ff0a2e28e773d9c5dd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3533b67f9822cf16f189a477c233d443fc3acc54148bdda092f56b39302a83ac
3600d5d161593a066ed57bfa0f44230fd55d0fbf709e0517c7a30e69b4eef59b
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38b455982c9529891eef3f78c50c6575e2100c2014f298768f09f63a20654d2d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c06d340742b40998baf873920a9320858d40f90427d2d13fd6e742e3c6cf9ac
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8db6380346147965fb1ef3753afc9bc56ac59a531d09d88c679e90f1702b36
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fdfae67dd249fbd0dc8cc6a2a473c5ee9b375b5871219e7eec6584d0b44f267
4057a8847fdb015e51f3c65728663ca0bf4ba97ecf6f5a9ba3912dbc19bf7de5
42074ae258a13356bbc4dbe1133b20e4485a3d9bfea58353fcd83ce71981ee66
437ebf5e26c542101e52ce8d23c76c72117649a7aa42bcd10fa789212a0a65c2
45ccd162fe5812394d9ca8d3fc676816ca4274df4e06f65eb42062d0e508aac9
45d8f3e86c7c244412117a69f561227a3aa1eea68242e9667109673eabfc5131
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46af9ecc28409c3c4a544aecc039ecf9eecac0010db15ba421fc9ecac80ac107
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ebef14123ec8a553c9ef5e9632273d5543c08990f3ef6e2ce7fc7e227bf862
4b4ae7de8e8b84f4487d52b4409c94cc829e65769c7cf2356cc276e6c37778ab
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e221b2c9a77f52875ca3c958511fa15b639744c349ad5e2b46e8a1a3dcacfe3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50157c7d9815beccdd35fa6b4ef876348722744e445ac0a6a34dfbc322c5fd04
505145cf8b28313bc7315667376b3cd57869d1470b83e6c9f78d851a11f7f7f1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525490ce8a627997ac24e62ea51e871eaa92042817be39d14a2a16d833a31b19
53430af3498ea60d438bebe026849fb9a5cb02cc7a9dc7d4afec95a89280f1bd
5356f4e02bc1a51c44dbfe1f1894e8a4f38df602387ca6b44dfcd07a6fb221ca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cdca4bc9bfdd425ebdcaf86e9ff17220e0eaa535a8d49451b942af31e70e87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
5be61086fbbccbd11b8efd62160fc911948e0a653173a9173e95dfe20b675add
5ddf1e6f545202ed578b181eb2a303228c68c48a0a7821b8654104e156eea684
5e45925128fdbb4a2dfa8c98bcd41c4b74bb54857116418c0812acb736eb79c5
5f39fa93ff942e7929d8d7a804a93ba139a3231498b93b579f2e5ffdd182f53e
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
618e39b7308fcec6b86510fbcf1830dada5a4c2b1eaca2846fc79084823b7540
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64be99cbc239387b3a425f0204d401134bf82c23057da176759f8e3cc790d70f
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
684cdd2e58d1670b53903b5502564f5fa9705e6659b6310c0ae0d784e5e281c6
6876a34a0f87a8f4f2443666164429b3cf8775cbb6593ddb77d47d5a7c398e51
69b89df633ae453be81b254406ff9e58f28fce45f91e239aa9d54550f6f917cf
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7dbf03ac2c1e2d05f6fc6527cefbf8486f9c52b6a23a6acaec5e8de89eb4df
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e64a4894f14fab865296b82dd97d4d3ea3bcec78b5378d9b9ef57f5515948d8
6ee01b6e0700179857d69a2441dfda9544f8b066a461e0b6930bc897593166e0
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7353955b50bbd36ef12239abe251ae6cb4ae266528086a080b1376be84899496
7391d48e4a84e5a731d6908ac947fc36db9cf24a134606129d628b1c36cc1b21
7395c7dee2903d771c03b0f6314437d598be6f0b47cdff942408405a380b1fbc
75589164e5e2ec0ba396fab17bace54684ea14390ba8dc9821c1105397543815
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
82ae3c150b510a8d4b482c6f779cc309d97e1f1275c79485053e9c1ad7179ad8
82c6eee34be1adcfc7cc2b4e626c9916d4d9bcd353bcecb64587638867aee3d3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838babf0a4b44e9f1946e19b5fa0581ea145217014fe1f64ca008f22fcc0ac98
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
88c5f40caecd2ee5b4915ae7d71260e465971c6b4adb60c914889b521d2533aa
88f4b3e7430abf148b5ee9cc6e3cca0512b370981a91bb9c214f89f1e74c0efc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ebf83a63480f8da246e436ec95a78fab8a988df015e529da55ae6296ee66023
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eea0160b239f584c0b8316f49d10fc5d4eee403f08171b227c0a9e416322352
8fc50a2bd35ab58ead6139d412d2cb58b3cfb6127d9c7fddb2069c91d7efed03
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9132c555df9d85c2732a2ca05200138b1e699ce529f654fbf599cb0cd9cd9ab6
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92bf9bbfbd535de2ff829f7a68d09ffaebb4a55b798be5dbacad43f97f10bd82
92e6931f5f0b18c16f115ed9b6985e68b76f4d50e8af0c0e2ec1e2045fe26a16
9493a12a77f23858db7f6bc0b4f9cad98497f14b688ea695317b6cbafa27cb77
955c46641de76d88ba7b3813aae1e5be4bcee524431bcef35afccc0881465959
95dc3fe7bed6cc66d192c34a90ac7912453305c15c62634159227882d6656ddb
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96aebc08154040755027b768dc54e3ae51ccbd11c1b49e0e88a0872946a995c5
97de526ba903534563fc50d8c2ed2ae945d9951d7f5a90e9f43f669e91cf3fab
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9d1dd321fe92fe3fc77eda8df1855bfbe2ff08fe811533d47e9eed0e769f242a
9dcb409f281877214737c5e11358fcc19d69cfb8db64b159a8989a2e012de386
9dd8dbc5304e5c37207063ee8bab8aa5233c1aea7a4e4840e08a2067b236c976
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a19f9b3f4238147bf9ab4a97f2dceed1c08087aa1aa6f7678bf7c5b9c091de74
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a34eb61f6cdcd437c60c012a5e2e0f97249b95e58bbf20247bab8c0ad4260578
a374dc97c1e28c292d187edd19fcfc3e8fea4618569189db753ba349b5e74c76
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65fe20f6b582e8eff6a6ddc7a9c887254f4c26e033e0c64f3b0a96086ababf1
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a8bf8f5adf2c7e1243f0bfc4dc3a832e72413cc8dba4465270825dbfb96c9c97
a96ad4768f32ec875b5e6d4ff9e5107eb19401974d337d1ff79e8da9f435f446
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37
aee5cde58dfbff3cd4ce29957163c5f3bf72c4a029ba60c8df85ddbe38fff964
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
b2c8a768f9122e9c9e3c2a48b97fdbcc05442630b596d3781f5682f707ef0cd1
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b6079a57832f25b765c362aeb838fcfa30ff7fcec1386b385fa43ff473e18f5a
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b7da10485b76ec5c1b19e22e31c3143e01d7c99ee9c932fa21ef8e050ee64f25
b966aa36c9e5220a83cc8c3021eed093449d6bb531c03df512fbf8adc78cfa68
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb579a55a5c73996444ab2dd3e71a0f2338c695e12ed540fd262db32ea8837d4
bbe0d6c706007d303a35354701236ac713f834622038d32bc592030f18d5eba6
bda144b5eb24fa42c74fc47ca2cc1ba786abc2c536fd5141516a25bf000d5ca9
be44fc8bb694bd4f59c58e54f0f1c04aeb9ddbd646238c7bc4454e17db900f61
bf5cd48ff185d59a837437682b0271df40fb697f3557cb12616a7e6a56e5a5e6
bfe1d0d2a45c699408e56ef831345707de6db7adb621378b6d750eb7e5a31d7e
c0598ca749148e02409aad3dbf6ecec47aa29c973b45147b405985700e88ffcf
c15ce368d813c9396685e5c0e6e202aa7eda67c9cde3448cbc45b99505af2c38
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c2f55ea5ae8c76460290233e1626d060bf7d551dd6ad817fe5212313d4e09df5
c4b064035d7575f4bec0fd5729fa76ed3aa06324415dffb767812d0b815e0b34
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c91314a394022a14c0e105334016e949e71c62243d1a54769a608826029f5bb3
cc0c494d91a99c0c303b335557af0a95cc58790ba4a4ab62339762c3d8357804
cd1f234275fb1045acd062cffc730f6b88654804a423f27052d34dbac33660af
cdb6f80031eb817b721968608d6b1f5d29c930b37ac632e50941c2ef092bb36e
cdbf190ea3722c9ed9b3734cba80a76339d01df5785a6dc70982f6be9baf3d94
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d6706e8cb73c1a11961e2d4450354cc0b98ed474ddb3bcb799d95a63e44a6485
d8b6d24dec4e7a4710bab186b9905d449c9eabb7b38fda7293c442453fb7aa8a
d929d609949cc7337b7c2f399fb6d7fc6da48708be063dd3235a1852ed3faf7d
d9366751ced845c6d1c245ef69594aeb3eefb211dfe2dbfd534e9b30177f2b45
dc3b071f42eef358b3e175be5ef76a3f4f7e4cf1b68c18f6f587ccbdf7f69f89
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dffa0ee8fbbf7f2e7cf290ecdafcd68314a2bfc4cad3396e6dc405e362026e5f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1727f88fa7368c67a436f6d522b9cf405f1db823e618f57e04a4a13e72d6a4b
e230bc32d1202c3f336e8b21025c66571cc199721e81fcfc2df7490bcbb4eb7c
e3185485ca7fbd9534b463b112ff24d324730d16c127107c504afda98c4a7816
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9003e7b2932c37dc51e2c3cf178962e8dab03e15e0063d9713e5a8b6081df
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed1953333c77209a15f540742814c057b950471d6794418d59ceab794e4eb900
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcfd60dc4b39228eb1f1ee1f1f61cc31def37590d5af9d355e7a44ae5b59172
f089228d986dd77424295860a5f2f543140b01aae8f7a622e06ed0c89bbbf1e4
f1721635d7f73848e30cc5558028e76a765a65096657ecb0cb92c3102f5387a9
f4fc5c142b4fed8713697b012e25bb2b61fa5e0b5fb4e04af129d21eff151b3b
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f81d94cbb5a5b87b94912bafc82f1c23f813941452c5ff947e40320f032f5ec8
fbadc37227ab5222b0b5206e53be81c1987e4e11aa543f9e4a7f08ffb7e849f5
fc5aecadf87a8a77c98ae712c04c1895f95ab929c7aac22b7fda0fc1388c1065
fd99123da767a58349a1917cdbd09a409146c0b924a50d80924f5e724801cb20
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e