urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Submission: On September 23 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 12 countries across 108 domains to perform 524 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 583884.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 142.251.12.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
3 209.58.188.181 133752 (LEASEWEB-...)
22 104.26.2.91 13335 (CLOUDFLAR...)
42 172.253.118.154 15169 (GOOGLE)
2 69.16.175.10 20446 (STACKPATH...)
22 63 172.217.194.157 15169 (GOOGLE)
6 142.251.10.155 15169 (GOOGLE)
1 74.125.130.94 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
4 74.125.200.138 15169 (GOOGLE)
9 74.125.68.156 15169 (GOOGLE)
2 74.125.24.155 15169 (GOOGLE)
5 74.125.130.156 15169 (GOOGLE)
1 36 23.207.36.20 16625 (AKAMAI-AS)
2 42.99.140.144 4637 (ASN-TELST...)
30 172.217.194.132 15169 (GOOGLE)
2 4 103.229.10.247 16509 (AMAZON-02)
1 104.16.87.20 13335 (CLOUDFLAR...)
1 54.203.144.13 16509 (AMAZON-02)
5 25 139.99.49.250 16276 (OVH)
1 182.161.73.145 55569 (CRITEO-AS...)
1 8 34.98.64.218 15169 (GOOGLE)
14 34.253.177.61 16509 (AMAZON-02)
6 10 104.254.151.68 29990 (ASN-APPNEX)
1 54.251.29.91 16509 (AMAZON-02)
1 3 23.207.37.41 16625 (AKAMAI-AS)
1 34.107.148.139 15169 (GOOGLE)
2 5 145.40.89.200 54825 (PACKET)
2 104.18.19.126 13335 (CLOUDFLAR...)
1 35.213.117.18 15169 (GOOGLE)
3 52.194.84.66 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 13.227.254.2 16509 (AMAZON-02)
15 16 52.223.40.198 16509 (AMAZON-02)
7 142.251.10.106 15169 (GOOGLE)
1 13.227.254.109 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
4 19 104.18.18.126 13335 (CLOUDFLAR...)
2 6 35.244.159.8 15169 (GOOGLE)
4 151.101.2.49 54113 (FASTLY)
1 1 35.227.252.103 15169 (GOOGLE)
10 11 64.74.236.159 22075 (AS-OUTBRAIN)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 159.203.145.121 14061 (DIGITALOC...)
2 3 213.180.204.90 13238 (YANDEX)
12 182.161.73.129 55569 (CRITEO-AS...)
14 142.251.10.149 15169 (GOOGLE)
1 182.161.73.132 55569 (CRITEO-AS...)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 139.162.58.205 63949 (LINODE-AP...)
1 202.233.84.1 131957 (MICROAD M...)
4 11 35.71.178.8 16509 (AMAZON-02)
1 1 18.179.72.109 16509 (AMAZON-02)
2 2 54.254.33.203 16509 (AMAZON-02)
1 104.17.25.14 13335 (CLOUDFLAR...)
4 4 89.207.22.137 399104 (CNVR-APAC)
1 2 104.18.35.11 13335 (CLOUDFLAR...)
1 1 52.194.95.20 16509 (AMAZON-02)
5 182.161.73.136 55569 (CRITEO-AS...)
16 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
4 142.251.10.154 15169 (GOOGLE)
1 151.101.65.108 54113 (FASTLY)
1 52.84.45.7 16509 (AMAZON-02)
1 23.207.36.240 16625 (AKAMAI-AS)
8 23.75.85.227 16625 (AKAMAI-AS)
4 5 209.191.163.210 32475 (SINGLEHOP...)
16 20 35.213.12.39 15169 (GOOGLE)
6 6 35.227.202.26 15169 (GOOGLE)
3 3 107.178.244.193 15169 (GOOGLE)
2 2 13.224.250.18 ()
11 15 69.173.158.64 26667 (RUBICONPR...)
7 8 52.74.13.196 16509 (AMAZON-02)
2 2 50.116.239.135 6336 (TURN-US-ASN)
2 2 124.146.215.49 2514 (INFOSPHER...)
2 2 13.227.254.100 16509 (AMAZON-02)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.102.194 13335 (CLOUDFLAR...)
1 1 23.108.103.8 59253 (LEASEWEB-...)
3 4 46.137.228.209 16509 (AMAZON-02)
4 11 209.54.182.161 16509 (AMAZON-02)
1 13.107.21.200 8068 (MICROSOFT...)
3 3 23.207.37.206 16625 (AKAMAI-AS)
3 3 23.41.65.80 16625 (AKAMAI-AS)
2 2 198.8.71.128 54312 (ROCKETFUEL)
4 23.207.36.196 16625 (AKAMAI-AS)
11 13 74.118.186.45 26120 (RHYTHMONE)
3 3 13.213.209.254 16509 (AMAZON-02)
1 2 182.161.73.146 55569 (CRITEO-AS...)
2 2 35.156.36.186 16509 (AMAZON-02)
2 107.23.149.157 14618 (AMAZON-AES)
5 5 103.229.205.243 30419 (MEDIAMATH...)
1 2 69.173.144.138 26667 (RUBICONPR...)
3 6 23.106.127.165 59253 (LEASEWEB-...)
4 7 35.190.60.146 15169 (GOOGLE)
3 9 67.199.150.82 3257 (GTT-BACKB...)
2 103.231.98.196 62713 (AS-PUBMATIC)
2 4 52.95.126.138 16509 (AMAZON-02)
1 35.74.137.60 16509 (AMAZON-02)
1 3 44.194.177.91 14618 (AMAZON-AES)
6 7 185.84.60.30 198622 (ADFORM)
1 2 44.198.244.56 14618 (AMAZON-AES)
4 4 104.254.150.228 29990 (ASN-APPNEX)
1 54.169.170.163 16509 (AMAZON-02)
3 3 52.205.223.187 14618 (AMAZON-AES)
1 104.18.12.76 13335 (CLOUDFLAR...)
7 18 103.231.98.194 62713 (AS-PUBMATIC)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 139.162.38.30 63949 (LINODE-AP...)
1 202.131.200.84 17941 (BIT-ISLE ...)
1 1 35.186.193.173 15169 (GOOGLE)
1 18.176.32.10 16509 (AMAZON-02)
1 18 54.238.120.71 ()
2 2 52.74.118.249 16509 (AMAZON-02)
1 2 151.101.129.44 54113 (FASTLY)
2 169.197.150.8 398989 (DEEPINTENT)
1 195.5.165.20 ()
2 104.19.173.108 13335 (CLOUDFLAR...)
2 2 35.230.38.116 396982 (GOOGLE-CL...)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 ()
3 103.231.98.195 62713 (AS-PUBMATIC)
1 1 34.102.253.54 15169 (GOOGLE)
1 54.65.159.169 16509 (AMAZON-02)
2 2 23.106.69.72 59253 (LEASEWEB-...)
1 2 52.40.183.14 ()
2 2 74.214.196.131 19189 (PULSEPOINT)
1 1 8.43.72.98 ()
3 4 38.133.127.127 ()
1 1 3.227.163.94 ()
1 150.136.25.38 ()
2 2 13.214.13.223 16509 (AMAZON-02)
2 2 13.115.141.232 ()
2 2 185.184.8.90 ()
524 105
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
baebd14d6eb9f84ad2dab463d5e79661.safeframe.googlesyndication.com
78d8cbd388dd889000a93cd0d93ce89b.safeframe.googlesyndication.com
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
22    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
42    172.253.118.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f154.1e100.net
pagead2.googlesyndication.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
63    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
cm.g.doubleclick.net
6    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
adservice.google.com
1    74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net
d-3565599582756887759.ampproject.net
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    74.125.200.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f138.1e100.net
www.google-analytics.com
9    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
googleads.g.doubleclick.net
2    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
partner.googleadservices.com
5    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
adservice.google.com.au
36    23.207.36.20 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-20.deploy.static.akamaitechnologies.com
hblg.media.net
contextual.media.net
warp.media.net
lg3.media.net
cs.media.net
c21lg-d.media.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
qsearch-a.akamaihd.net
30    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
4    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    54.203.144.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-144-13.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
25    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
14    34.253.177.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
ads.servenobid.com
10    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    54.251.29.91 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-29-91.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    23.207.37.41 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-41.deploy.static.akamaitechnologies.com
a.teads.tv
sync.teads.tv
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
3    52.194.84.66 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-84-66.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    13.227.254.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-2.sin52.r.cloudfront.net
rules.quantcount.com
16    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    142.251.10.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f106.1e100.net
www.google.com
1    13.227.254.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-109.sin52.r.cloudfront.net
pxl.qccerttest.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
19    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
11    64.74.236.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
3    213.180.204.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
12    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
14    142.251.10.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f149.1e100.net
s0.2mdn.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    202.232.238.37 (Minato-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    139.162.58.205 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1471-205.members.linode.com
a.c.appier.net
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
11    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    18.179.72.109 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-72-109.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
2    54.254.33.203 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-33-203.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    89.207.22.137 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin03-usadmm-ds.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
2    104.18.35.11 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    52.194.95.20 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-95-20.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
5    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
16    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
4    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
googleads4.g.doubleclick.net
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    52.84.45.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-7.mrs52.r.cloudfront.net
public.servenobid.com
1    23.207.36.240 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-240.deploy.static.akamaitechnologies.com
js-sec.indexww.com
8    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
20    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
6    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
3    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
2    13.224.250.18 (None, )

ASN- ()
aa.agkn.com
15    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
8    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    124.146.215.49 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.227.254.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-100.sin52.r.cloudfront.net
cr-p3.ladsp.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    23.108.103.8 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
4    46.137.228.209 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-228-209.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
11    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    23.207.37.206 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-206.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    23.41.65.80 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-65-80.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.207.36.196 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    13.213.209.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-209-254.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    35.156.36.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-36-186.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    107.23.149.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-149-157.compute-1.amazonaws.com
cs.emxdgt.com
5    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
6    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
9    67.199.150.82 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    35.74.137.60 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-137-60.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
3    44.194.177.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-177-91.compute-1.amazonaws.com
x.yieldlift.com
7    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    44.198.244.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-244-56.compute-1.amazonaws.com
ssp.disqus.com
4    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
1    54.169.170.163 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-170-163.ap-southeast-1.compute.amazonaws.com
d.adroll.com
3    52.205.223.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-223-187.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    104.18.12.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
18    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    139.162.38.30 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1451-30.members.linode.com
gocm.c.appier.net
1    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    18.176.32.10 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-32-10.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
18    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
2    52.74.118.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    104.19.173.108 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
3    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    54.65.159.169 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-159-169.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
2    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    52.40.183.14 (None, )

ASN- ()
dpm.demdex.net
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
4    38.133.127.127 (None, )

ASN- ()
sync.outbrain.com
1    3.227.163.94 (None, )

ASN- ()
sync.ipredictive.com
1    150.136.25.38 (None, )

ASN- ()
sync.technoratimedia.com
2    13.214.13.223 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-13-223.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
2    13.115.141.232 (None, )

ASN- ()
pool.admedo.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
Apex Domain
Subdomains		 Transfer
78 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
baebd14d6eb9f84ad2dab463d5e79661.safeframe.googlesyndication.com
78d8cbd388dd889000a93cd0d93ce89b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
695 KB
71 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
594 KB
37 media.net
hblg.media.net — Cisco Umbrella Rank: 1563
contextual.media.net — Cisco Umbrella Rank: 559
warp.media.net — Cisco Umbrella Rank: 2230
prebid.media.net — Cisco Umbrella Rank: 1065
lg3.media.net — Cisco Umbrella Rank: 3643
cs.media.net — Cisco Umbrella Rank: 1318
c21lg-d.media.net — Cisco Umbrella Rank: 1716
341 KB
36 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 462
image8.pubmatic.com — Cisco Umbrella Rank: 607
image6.pubmatic.com — Cisco Umbrella Rank: 648
simage2.pubmatic.com — Cisco Umbrella Rank: 690
image2.pubmatic.com — Cisco Umbrella Rank: 883
image4.pubmatic.com — Cisco Umbrella Rank: 835
simage4.pubmatic.com
46 KB
33 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2009
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-us-east.rubiconproject.com
55 KB
30 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.as.criteo.net — Cisco Umbrella Rank: 17010
csm.as.criteo.net — Cisco Umbrella Rank: 17365
238 KB
25 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
12 KB
23 bg3.co
www.bg3.co — Cisco Umbrella Rank: 583884
static.bg3.co
182 KB
21 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 934
x.bidswitch.net — Cisco Umbrella Rank: 301
9 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
17 KB
20 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1371
usersync.gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1053
6 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
8 KB
15 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
10 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com — Cisco Umbrella Rank: 432
41 KB
15 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1646
public.servenobid.com — Cisco Umbrella Rank: 3425
9 KB
15 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13567
us-u.openx.net — Cisco Umbrella Rank: 396
rtb.openx.net — Cisco Umbrella Rank: 1505
u.openx.net — Cisco Umbrella Rank: 650
jp-u.openx.net — Cisco Umbrella Rank: 10797
3 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
225 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
5 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15327
e3.adpushup.com — Cisco Umbrella Rank: 16605
aplogger.adpushup.com — Cisco Umbrella Rank: 16434
217 KB
12 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
4 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
5 KB
11 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
7 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22529
ads.as.criteo.com — Cisco Umbrella Rank: 17083
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17485
gum.criteo.com — Cisco Umbrella Rank: 406
dis.criteo.com — Cisco Umbrella Rank: 688
67 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
217 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
5 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
3 KB
7 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 561
idsync.rlcdn.com — Cisco Umbrella Rank: 331
1002 B
6 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1762
ssbsync.smartadserver.com — Cisco Umbrella Rank: 873
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649
3 KB
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
869 B
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30433
sync.aralego.com — Cisco Umbrella Rank: 3193
4 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
3 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
ce.lijit.com — Cisco Umbrella Rank: 877
3 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
13 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
218 KB
5 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 97372
1 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1048
2 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3005
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2956
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
404 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
11 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
549 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9047
45 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
2 KB
3 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3461
742 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
2 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 501
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
1 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
646 B
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2536
1 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
sync.teads.tv — Cisco Umbrella Rank: 1077
767 B
2 creativecdn.com
creativecdn.com
700 B
2 admedo.com
pool.admedo.com
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 683
621 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1315
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 734
718 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
32 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 860
83 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 697
match.taboola.com — Cisco Umbrella Rank: 2758
560 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1407
1 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2279
323 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 985
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 492
478 B
2 ladsp.com
cr-p3.ladsp.com
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
959 B
2 agkn.com
aa.agkn.com
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com — Cisco Umbrella Rank: 1381
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
745 B
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15860
gocm.c.appier.net — Cisco Umbrella Rank: 2373
972 B
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1527
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
1004 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
74 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 654
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 14734
11 KB
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3623
463 B
1 linksynergy.com
tags.rd.linksynergy.com
391 B
1 iprom.net
core.iprom.net
277 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 19482
220 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 23487
459 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3148
243 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 25082
653 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1453
181 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 220
668 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2415
586 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3200
418 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
5 KB
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 134742
561 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 3943
641 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 64791
704 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 2535
134 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6824
583 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
550 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
684 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209
517 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 ampproject.net
d-3565599582756887759.ampproject.net
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 inmobi.com Failed
sync.inmobi.com — Cisco Umbrella Rank: 2025 Failed
524 108
Domain Requested by
47 cm.g.doubleclick.net 22 redirects googleads.g.doubleclick.net
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
onetag-sys.com
g2.gumgum.com
42 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
googleads.g.doubleclick.net
30 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
25 onetag-sys.com 5 redirects cdn.adpushup.com
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
22 static.bg3.co www.bg3.co
20 x.bidswitch.net 16 redirects contextual.media.net
onetag-sys.com
ads.pubmatic.com
18 usersync.gumgum.com 1 redirects ads.pubmatic.com
g2.gumgum.com
eus.rubiconproject.com
16 pix.as.criteo.net ads.as.criteo.com
16 match.adsrvr.org 15 redirects cdn.adpushup.com
16 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
eus.rubiconproject.com
ads.pubmatic.com
14 s0.2mdn.net www.bg3.co
s0.2mdn.net
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
ssbsync.smartadserver.com
eus.rubiconproject.com
g2.gumgum.com
12 simage2.pubmatic.com 5 redirects ads.pubmatic.com
12 static.criteo.net cdn.adpushup.com
ads.as.criteo.com
static.criteo.net
11 s.amazon-adsystem.com 4 redirects eb2.3lift.com
onetag-sys.com
ssum-sec.casalemedia.com
11 pixel.rubiconproject.com 7 redirects onetag-sys.com
11 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
11 b1sync.zemanta.com 10 redirects 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 ib.adnxs.com 6 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 image8.pubmatic.com 3 redirects onetag-sys.com
ads.pubmatic.com
9 sync.1rx.io 9 redirects
9 googleads.g.doubleclick.net cdn.ampproject.org
pagead2.googlesyndication.com
www.bg3.co
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
8 ups.analytics.yahoo.com 7 redirects onetag-sys.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 us-u.openx.net 3 redirects googleads.g.doubleclick.net
u.openx.net
7 www.google.com tpc.googlesyndication.com
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
6 image2.pubmatic.com 2 redirects ads.pubmatic.com
6 odr.mookie1.com 6 redirects
6 cs.media.net 1 redirects contextual.media.net
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
6 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
6 e3.adpushup.com www.bg3.co
6 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 id.rlcdn.com 3 redirects onetag-sys.com
ssbsync.smartadserver.com
5 sync.mathtag.com 5 redirects
5 gum.criteo.com static.criteo.net
gum.criteo.com
cdn.adpushup.com
contextual.media.net
5 prebid.a-mo.net 2 redirects cdn.adpushup.com
5 www.googletagservices.com googleads.g.doubleclick.net
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
5 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
5 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 secure.adnxs.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ssbsync.smartadserver.com
4 token.rubiconproject.com 4 redirects
4 sync.targeting.unrulymedia.com 2 redirects public.servenobid.com
g2.gumgum.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 googleads4.g.doubleclick.net www.bg3.co
4 sync-tm.everesttech.net 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
4 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 www.google-analytics.com www.bg3.co
www.googletagmanager.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 sync.srv.stackadapt.com 3 redirects
3 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
3 pm.w55c.net 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 stags.bluekai.com 3 redirects
3 px.ads.linkedin.com 2 redirects
3 pixel.tapad.com 3 redirects public.servenobid.com
3 ap.lijit.com 2 redirects
3 an.yandex.ru 2 redirects
3 pixel.quantserve.com 2 redirects www.bg3.co
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 creativecdn.com 2 redirects
2 pool.admedo.com 2 redirects
2 ad.360yield.com 2 redirects
2 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
2 bh.contextweb.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 csync.loopme.me ads.pubmatic.com
ssbsync.smartadserver.com
2 match.deepintent.com ads.pubmatic.com
g2.gumgum.com
2 cm.adgrx.com 2 redirects
2 ssp.disqus.com 1 redirects public.servenobid.com
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 image6.pubmatic.com ads.pubmatic.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 1 redirects contextual.media.net
2 p.rfihub.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 ad.turn.com 2 redirects
2 aa.agkn.com 2 redirects
2 csm.as.criteo.net ads.as.criteo.com
2 dclk-match.dotomi.com 2 redirects
2 match.sharethrough.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 warp.media.net googleads.g.doubleclick.net
2 qsearch-a.akamaihd.net www.bg3.co
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 ipac.ctnsnet.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 g2.gumgum.com public.servenobid.com
1 c21lg-d.media.net contextual.media.net
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 cc.adingo.jp 1 redirects
1 s.tribalfusion.com 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects ads.pubmatic.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 google.dap.fw-ad.jp 1 redirects
1 aid.send.microad.jp 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 sync.fout.jp 1 redirects
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 cs.chocolateplatform.com 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
1 dsp.adkernel.com 1 redirects
1 rtb.openx.net 1 redirects
1 ads.as.criteo.com 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 78d8cbd388dd889000a93cd0d93ce89b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 baebd14d6eb9f84ad2dab463d5e79661.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-3565599582756887759.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 sync.crwdcntrl.net Failed public.servenobid.com
0 uipglob.semasio.net Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 sync.inmobi.com Failed
524 172

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
cs.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2022-09-21 -
2022-12-20		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2021-10-06 -
2022-11-07		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.adroll.com
Amazon		 2021-12-18 -
2023-01-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.yieldlift.com
Amazon		 2022-01-14 -
2023-02-11		 a year crt.sh

This page contains 89 frames:

Primary Page: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Frame ID: BC48658C1C49A93F6EF487B00E0533BE
Requests: 108 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0FE59BD54904EF870F61F08A6BA5F31A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FEA08E41F69492C3627C3D38F09E8236
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: AAF9C97D59FD5FDB361B76A1B7C2405F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1249B231373F542EC2EB1B9037555D62
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5349702072444496862&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3246&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=8075003493&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&ga_hid=3493&dt=1663966235763&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&bdt=2119&dtd=557&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: FFD0FB813E3395950ACFC6C425436386
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Frame ID: 9588B648B648F7F8A50A655600D2D12B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Frame ID: B738747B4FF90C2ACD46ACA96ACB7192
Requests: 1 HTTP requests in this frame

Frame: https://baebd14d6eb9f84ad2dab463d5e79661.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3706331C4CACF413F11F85F0CCB93DFC
Requests: 1 HTTP requests in this frame

Frame: https://78d8cbd388dd889000a93cd0d93ce89b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5DF5E7A124DAD618F29C4AF035D1EEB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cr7GWHBwuY8OfNJWbmgermYDQCKzX_fBktPaok-ILwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAZX1m98DyAEJqAMBqgS2Ak_Q5L4Ux5QuGuwEWnlrUcvx0p4pZVVpqNlw5SmZf2VYwZl7Q022OE6g2vtXP11-8ekycoD43tyfMzX55NkT3tKJkVdnriTCwD0VGstr76qxavjLGyiF7jduUDJVeCvI9kpd2gYh1CrrMogRtW6P6GzY6PWpXGkNKkRfMm_HdgrZLVRR8I9ycpsFgKmCicqNEgDSh36rKufE8H27PMhRhBpZSdQHY1NCuzELAGisJovxxKepLOkOhQNEOTu5XxRNgAEpWXzHxqmVFpRe_-gY0XIWpNzMKMRPl9vrozZJvlA7KFk5zjKERYPiI2NQzz4alaIUtvjQsWZXLk5CrEcf8VO6DGoSKUHNItiV3J8EmlLWKbejXK9P9aYU1S-8wRHlC_0eMWZHF6H15qprZtQnwwqOM0EoiyKABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=EJEvVNWSvB4&uach_m=[UACH]&cid=CAQSGwCsnQUxusfNV1ngy3WcjJSvRtwxeOzyJLCFJhgB
Frame ID: 771B82323EFBD8E1DBDA3AE33D99CE84
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CkOB_HBwuY4a3NPyK3LUP6IG4gAWs1_3wZLT2qJPiC8CNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoEsAJP0Olz4tXtiZ1Sz8i1xEgI_Fkq3VnrtitTVfB5rT6eCT_nw1vyNiy7fPFv1Wf52h7HIWNAFLyNsT7tmMo2icbyM5K6kYCRwSk0pEYwggweSpLuQGRboxduGErEhR7dAFU09M1mWgDZ1frVqnbSsvdDCGRChF5mPjJioM6Ab65awxeTx6lZBZwZK4mFvlNyoCBYwtUT41bs5YohhgcyTfq_OiKDVQuavjT3lctnf64i4ga3EHao7qmIa3In16o87pV9VSpZxNcKjH9fqVPME3Pv7GGEnZcMpAceZpEPnayTuGHXphMbtxgST6GseFSvAKiuXjPSSjxQ-iRsQfLcUNpa2a0I_Dfa7S8VFiP-7KAGBcOKqboj9t56RGyKWFcDOPdJX30-oOwqre9NhaBZzQajgAbDxd-byq3NmOkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=9CHP5aKKs0c&uach_m=[UACH]&cid=CAQSGwCsnQUx5AMs7xjO4NVLdGaeWaHdE1rMTM90OBgB
Frame ID: 3FF78E8BD1036A325555D63809CFD5C3
Requests: 16 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 0265BA2B51AC0547984028D5641B81B0
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 7756AED7BED51C9AB82508C985427551
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2F43F3AA8851852BCC3CAC84E2E041D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1745142605DB1323E04EF1403F9FEC9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8271DB1D073541594402AB00CC39C6E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7EC41AA57C806A521ECEC46AE3D48F60
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 350C5821A91733FFBB43813EE0EAD47E
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 58FC559141714E6DB49679605A10917A
Requests: 4 HTTP requests in this frame

Frame: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2552A485A39FAF6DE4333003FAB799F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9F3973EB77BE96123A3BA740C357B3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37C5007796C19DF2A7CDA4A2D17E7795
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A343DD966D6D42B3212CFF81451DCCD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0C964E41637BE35C9510765C240C385
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5356A4F9AF089078C146C5A0F121ACA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7BEA55A60912CA41C0A4876F3B701CD8
Requests: 2 HTTP requests in this frame

Frame: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F1C319DE6EC2AF94213AFD9292FBAD83
Requests: 15 HTTP requests in this frame

Frame: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3A2546657416FE1C20FDAB2D41883578
Requests: 15 HTTP requests in this frame

Frame: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A817342908A66DF1B6B46E9307B91F50
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVvoymFwQOSzp8CEdofKIfxXqtQgNSknAzdhSmhmm9yuRBcNxCfFvznMrziK90JSf_yDxKqu6FZ5pUZfcq5vcXjZTmqzQ
Frame ID: 0E273ACADCA29742D5A9410EE79F5034
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVsK7Mz4PNGW4F4WN_DtnUIhrdc6lU7RNGWKhmpAASDPflWeBKts45Xr7vCzlCIzFLMBCVHMA0k7tyZnx8T7g8Qh6KOYA
Frame ID: FC281CB43BBC0F7C947BA8C544C4408F
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 425EADA240A5D71B219B30C09597A616
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2380E99B7940D7EB7163ED12F9918CCD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FEC0D898BFC1F591183527453D20CEC5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D00CD91D0955A6B92077AE1E26A59B5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 11CAE71C1EB2CD9377DD38891FDF3950
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F82787DA3BB2A9EAFF94A889FA62ACA
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: DF3AB043FF22C942587034CAD8BF367F
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
Frame ID: EB786DEA915DAC2B49B41977F228A5D8
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Frame ID: 75D75747AC8F89A91312F323F25939BD
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663966238525
Frame ID: B8DCE39BC40CA3DD5B6B95844CE86EE9
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3309662CE60925D3207F34EFD6855E62
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 13526920553037F692C56182C7782237
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: C9CAC68609C95C8EF6A8E706EF63831D
Requests: 12 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 9DA5616F74532E2C3BA1452EDA41ADBD
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8D432ED76441360083AB7BDC56470474
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9C5E39FBF220D6CA2FD10DFA7E1CFF36
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7C4D7CD3F5CCCC1910E59C78385D3983
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 87EF684C406C2905AA4072436D6762B0
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=rkt&refUrl=&vid=39662425313069678381540929000V10&ovsid=1921700045832649417
Frame ID: B0C4A4F44730D3B82DAE0B0AF110F62F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Frame ID: C365C235DB94B08A10811A32B7C31AA7
Requests: 20 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6E46DB26E821139A945B0DB776BC3B09
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 001505DFB4075ED3EDB907E862E4CD40
Requests: 5 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 7BE476390341BE24C8514F285415985E
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 9EA3EAFBAA36AA40591B14507CFC7963
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 420FEC3B28320D25A0D79E6AF952898D
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 954C454102FD80E9540869C68D09D2F6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 9C9379630F8C594687889B91A2883F00
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Frame ID: 9E9FAC2DDB624C3A0259F5CA27E2A489
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Frame ID: 839A0F7EBD2DAE4076AC35AEA54B202B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 0A3E11B19A0F26F8C3665423BECC737F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x67uju45lba
Frame ID: BC03890C62537A012057ACB718C695D2
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: DCCB0793B45FAFA29515B5CF600876E1
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: A98CBA2979745AF48739F0D98C647D6D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: FFB7FB4826CD8FB59EB4C1BDFDFF83FB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Frame ID: C47FD53EEE9D9FE9D25D632D68AC9490
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Frame ID: DF66286D1EEBE3AFB8A296954231ECCC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rhy&i=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Frame ID: C08A80BEE933716210F44EA372D23371
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4CnqC0zZ1OBPDd5&gdpr=0&gdpr_consent=
Frame ID: 6ACB7ABC065A8766872A8B7F762AC74D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64b07e16-3b81-11ed-93f9-d07437c7098f
Frame ID: E42AB04F13ADB0A187A2D8BEA9446270
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=178b3bc8-1da6-44f3-a7ce-277c49c9b37f-tucta27a1a4&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 72FFD5A5A9676343BA8D981ACC55C264
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 322CE4E7CEAA00CCA5D0CB1DBC77AA22
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 52F2F38DDE38F4D26921301243CAEDE3
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: D1B964BF094FD49974BEB0DAD7F6C0F3
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: C6386C22FA8D1811826772888A0AFFD7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=pba&refUrl=&vid=39662425313069678381540929000V10&ovsid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Frame ID: 7E9391E19DC7288363A4FF732DAC216D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Frame ID: BB1A712827FE0120DD4139D27C4FD1FF
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 4F31BC5FFECE8B4737FFE2C13F444FA2
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV80Zjk3YzE0YS02ODI3LTQyMjEtOTk4Mi0wNDhhZTA2M2ZlYWQ=&gdpr=0&gdpr_consent=
Frame ID: 5C33BE7B810181CE38BF44106B052894
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: CDC3969AE5EAC11ACC70B18D077CB69E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Frame ID: 2023043A578BD029F2E94AC05082F135
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 274B8A2149B78EADF53241B5A527ADE3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Yy4cJMCo8X0AAN64m9wAAAAA
Frame ID: F6C2850C51C5BCC674072B729D9F11D8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Yy4cILKEHw4EVhBn.HX6jwAA%264736
Frame ID: 08E08042F9F4947FA2B4F285BBADB8B5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=60aY5ISNziYG5IrXmRIN&pi=gumgum&tc=1
Frame ID: AD228CECDB2A528BEDF65E402550FD88
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 14D6C80F40281FE8113C0027EF10DBB7
Requests: 3 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3445213D2032AE90E4D222F5087AF3B9
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Frame ID: F78A71669FD3A3EF04EF7F6E481FA425
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

疲憊退散!營養師點名「8大食材」有效抗疲勞,藍莓也在內 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

524
Requests

73 %
HTTPS

0 %
IPv6

108
Domains

172
Subdomains

105
IPs

12
Countries

3410 kB
Transfer

9087 kB
Size

188
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA2OTY3ODM4MTU0MDkzNzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1
Request Chain 142
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Request Chain 147
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA2OTY3ODM4MTU0MDk3NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1&C=1
Request Chain 228
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy4cILKEHw4EVhBn.HX6jwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1&google_hm=2
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_xgNQWQACUGEE5s5CG4Es&google_cver=1
Request Chain 230
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwNjY5MzcxMDQwODEwMzA0MQ%3D%3D
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIRDZMoTjn-LgbbMASqvB0A&google_cver=1
Request Chain 232
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTkzMTQ3NWEtNTVkOC0yZTU4LWU0YjEtYjFhZDBhYmU5MTY2
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFeMyg4zyu6iwOrFwFGm9K8&google_cver=1
Request Chain 234
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YWI2MzQ5ODMtMzU0MC00MGE4LTk2ZjAtZDY5NDg3OGUxMWQy
Request Chain 236
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELoSdGlo-tIuv-U3CzDzm_4&google_cver=1&google_push=AZmPxg9Z0dLu2tKcOmpXLLKBYuWry9aruLJRiRbIWf8kokCx0budxAeGldMDHmR4TuMWH-AW0JweED2ZZbi1UQZ2pY68ATrNedX16M-0bKg-30ROn-oqar4hL1eCM6VmrzH4IUK_o-E3v1o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzZjMmVhMGMtZDQwYy00YmY0LTgzYjctNDMxNmJiODg5YmE2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Request Chain 237
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBn2QG3wBw-yTpZIXMWt85k&google_cver=1&google_push=AZmPxg_HtD4GSO9xiEJez-zl18UxYuRCiX_Fa9A4gPCpanS3I7jMMTbelYBSrXbdKUSCiV1PF1ZFCyZpjjlmGkzFKqA5GM-M3nTA4a4olQZ7htCm-3WuTOPRSLGQzHq72M2MS0GQLXYAT6E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_HtD4GSO9xiEJez-zl18UxYuRCiX_Fa9A4gPCpanS3I7jMMTbelYBSrXbdKUSCiV1PF1ZFCyZpjjlmGkzFKqA5GM-M3nTA4a4olQZ7htCm-3WuTOPRSLGQzHq72M2MS0GQLXYAT6E&google_hm=6ggerDUpydIXJaejE0VlvA==
Request Chain 238
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJCWmQWeK3paOWmSvU6KA6Q&google_cver=1&google_push=AZmPxg-J7P6UM4PxntZ6B9bl1Tihev5Z9xPJpPF6btITOWY0KKsNzCOuWXuZiGm1hZuCppG04fC6XgCBLujimy0mkwdj0XaDkvE1elLD-7H5WuaDYekwwFZtZEed_JLvukY4tY6ySAIwGUA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJCWmQWeK3paOWmSvU6KA6Q&google_push=AZmPxg-J7P6UM4PxntZ6B9bl1Tihev5Z9xPJpPF6btITOWY0KKsNzCOuWXuZiGm1hZuCppG04fC6XgCBLujimy0mkwdj0XaDkvE1elLD-7H5WuaDYekwwFZtZEed_JLvukY4tY6ySAIwGUA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-J7P6UM4PxntZ6B9bl1Tihev5Z9xPJpPF6btITOWY0KKsNzCOuWXuZiGm1hZuCppG04fC6XgCBLujimy0mkwdj0XaDkvE1elLD-7H5WuaDYekwwFZtZEed_JLvukY4tY6ySAIwGUA&google_hm=YVlUbF94VEZTeXJqcFI1cDJkSS0=
Request Chain 239
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKft-vkKcxQH1aF3ExbFHAk&google_cver=1&google_push=AZmPxg9pR3c8AARYiWZPsvftzkOUCo6yUop8jF92ok1FLIdRzFX8VnSs7Q4sLcGDVQVYuxc7m57HvSZ-9BhJllnTsXfl5B91g6EDgv6ZiRo1B-Fxmnd9lfsgQF4Qj9bgN0suU4-PokZa64E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM4NzM0NTQzOTI4MDcwNDI2MjI&google_push=AZmPxg9pR3c8AARYiWZPsvftzkOUCo6yUop8jF92ok1FLIdRzFX8VnSs7Q4sLcGDVQVYuxc7m57HvSZ-9BhJllnTsXfl5B91g6EDgv6ZiRo1B-Fxmnd9lfsgQF4Qj9bgN0suU4-PokZa64E
Request Chain 241
  • https://an.yandex.ru/mapuid/google/CAESEJ5B-XkNur7xFU4xD6KCWPE?ext-param=AZmPxg8ZQ0NY2ZvilQUj3G9aGE2-xz6gvqlbOMVXuUJuzRUsZ2t9ByDtMKwiqZvUqu5rxZZEkuHlQXc122C2b6VB99AN5kGCl-cBliVDcOVRcZpsYhYmSXvBxudL3zv5ISMgrUbUoNMJ_7tN&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEJ5B-XkNur7xFU4xD6KCWPE?redir-setuniq=1&ext-param=AZmPxg8ZQ0NY2ZvilQUj3G9aGE2-xz6gvqlbOMVXuUJuzRUsZ2t9ByDtMKwiqZvUqu5rxZZEkuHlQXc122C2b6VB99AN5kGCl-cBliVDcOVRcZpsYhYmSXvBxudL3zv5ISMgrUbUoNMJ_7tN&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJ5B-XkNur7xFU4xD6KCWPE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 266
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEO1qJMLUizB6iwGiNEnvBDw&google_cver=1&google_push=AZmPxg-smYoSUmQgDDvLcU98jP2SBIMg9JyuH77uwWajTvb4qI85pN5nrXgwZrGrcMT1LNaKM4zAfLoRTUA_02CBGtS2U5bya9f2VOT3IIBV87FDC1slgeVDb496G7qJz7uVfKa0fBjIZL0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-smYoSUmQgDDvLcU98jP2SBIMg9JyuH77uwWajTvb4qI85pN5nrXgwZrGrcMT1LNaKM4zAfLoRTUA_02CBGtS2U5bya9f2VOT3IIBV87FDC1slgeVDb496G7qJz7uVfKa0fBjIZL0&google_hm=MDQ0Zkw5amNLOUtFMTBqRk1QZ0ZtWlJwZm9j&from_google=sp1
Request Chain 267
  • https://a.c.appier.net/gcm?google_gid=CAESEO4jidh4RO6Tfv3satjcpa4&google_cver=1&google_push=AZmPxg-i55260BQY3Fx4ZWR_bxph2QCmOq2tV8niGXjBbSbD7FsMhIodffFg5IzvbW360wqSV5_MKTqAwYIsHs1rFnrBlj6nBGe3CUUuUjp1LmS1fud7Tx87q0NH4vjPd4xW0mVMqoeXNI8f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Wm1vSkhSQ2FEVTI3d2E0UElSd3VZdw%3D%3D&google_push=AZmPxg-i55260BQY3Fx4ZWR_bxph2QCmOq2tV8niGXjBbSbD7FsMhIodffFg5IzvbW360wqSV5_MKTqAwYIsHs1rFnrBlj6nBGe3CUUuUjp1LmS1fud7Tx87q0NH4vjPd4xW0mVMqoeXNI8f
Request Chain 269
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENwSHSvR3vttqlY6A8xCUUk&google_cver=1&google_push=AZmPxg8UyCfRBIesf3osvYBHDuyviYd7uFW7NmfZ0XUUyl6DiapQi2lFUTpC4XIWawDh9wM2Qcm07KdffFezudQDgcP6y0_bbtHc-5_NmauzmNqNXLuFyOrsyGrvbwnyqNuRGWdNmwX2SPAW HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8UyCfRBIesf3osvYBHDuyviYd7uFW7NmfZ0XUUyl6DiapQi2lFUTpC4XIWawDh9wM2Qcm07KdffFezudQDgcP6y0_bbtHc-5_NmauzmNqNXLuFyOrsyGrvbwnyqNuRGWdNmwX2SPAW&google_gid=CAESENwSHSvR3vttqlY6A8xCUUk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D&google_push=AZmPxg8UyCfRBIesf3osvYBHDuyviYd7uFW7NmfZ0XUUyl6DiapQi2lFUTpC4XIWawDh9wM2Qcm07KdffFezudQDgcP6y0_bbtHc-5_NmauzmNqNXLuFyOrsyGrvbwnyqNuRGWdNmwX2SPAW
Request Chain 270
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESED9Jt4hdsXk5nsYqKyWqmcE&google_cver=1&google_push=AZmPxg9jgJi1V7St7_Tkb-yQqUf5RrkE_qPiNETixdkeSIHwW90fleGTLyw3FGIwJiFQNrmue9r8L0m098oLb6oX3fGUqI0GeS943Rsn23xjnZN3KaOKYEv0cIVx_mtvQkgo9v3jOcwde4JYeQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9jgJi1V7St7_Tkb-yQqUf5RrkE_qPiNETixdkeSIHwW90fleGTLyw3FGIwJiFQNrmue9r8L0m098oLb6oX3fGUqI0GeS943Rsn23xjnZN3KaOKYEv0cIVx_mtvQkgo9v3jOcwde4JYeQ&google_hm=Nzc0ZGNkMGYtNGY2Ny0zYWQxLWFkNzYtNGJkZDhjNjg4ZTJl
Request Chain 271
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEBrGXm4BPcMxTvRF7GmliM4&google_cver=1&google_push=AZmPxg-tSud2DTIdQwTBMG8rsVJJaeYIA8zwErbmiP3CiHoXMj_ValWMBa5xeAaSAzCAPAwAxnfvfZ1GNWNuvLKQzmV9C8W3FYz-8drX-_4MRa9_bR4_OiROWmCF4ZAEwB36V1Z_-l3cYIIeBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=N2I0ZDdjOTUtNmExMS00ZDk5LWI3NmEtYTA5ODU2NDU4N2Qx&google_push=AZmPxg-tSud2DTIdQwTBMG8rsVJJaeYIA8zwErbmiP3CiHoXMj_ValWMBa5xeAaSAzCAPAwAxnfvfZ1GNWNuvLKQzmV9C8W3FYz-8drX-_4MRa9_bR4_OiROWmCF4ZAEwB36V1Z_-l3cYIIeBQ
Request Chain 272
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1&google_push=AZmPxg9nAT53SwI-QhBQIZdFzmTNg0n0VZ4O2XmdqEF_RRyHPcPRXTjJCZzq9TsY6-aHVOPpSJwOAAlQ5no_0PPDq93U9VSfhkQmcWQWTWrSL3SS7IDyoK8F2g4vgkIIb32F47PKQdIgkMrekQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd4xJ8BqQHKH6b48e_E_IVv1EnQn50sA&google_push=AZmPxg9nAT53SwI-QhBQIZdFzmTNg0n0VZ4O2XmdqEF_RRyHPcPRXTjJCZzq9TsY6-aHVOPpSJwOAAlQ5no_0PPDq93U9VSfhkQmcWQWTWrSL3SS7IDyoK8F2g4vgkIIb32F47PKQdIgkMrekQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 276
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPiUyiYpMftXf5SXolz_vWY&google_cver=1&google_push=AZmPxg-zgtKetmiNpVDDTCv0zKiUPoI7_SMwvBR60Bi8Wcl08h48pbgKj_kF3nTbxB5NjOBqBei_o6WO4gZGQuZbNRMdT08I8gR0 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=347dce3f759520c4&is_secure=true&networkId=14000&version=1&google_gid=CAESEPiUyiYpMftXf5SXolz_vWY&google_cver=1&google_push=AZmPxg-zgtKetmiNpVDDTCv0zKiUPoI7_SMwvBR60Bi8Wcl08h48pbgKj_kF3nTbxB5NjOBqBei_o6WO4gZGQuZbNRMdT08I8gR0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALoY2cZIuGQgNWIWTwAAAAAAA&expiration=1664052642&google_cver=1&is_secure=true&google_gid=CAESEPiUyiYpMftXf5SXolz_vWY&google_push=AZmPxg-zgtKetmiNpVDDTCv0zKiUPoI7_SMwvBR60Bi8Wcl08h48pbgKj_kF3nTbxB5NjOBqBei_o6WO4gZGQuZbNRMdT08I8gR0
Request Chain 277
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFTWQGWYVmLqkIR8G9ndZ34&google_cver=1&google_push=AZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTWQGWYVmLqkIR8G9ndZ34&google_cver=1&google_push=AZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 278
  • https://cs.media.net/cksync?type=g&cma=1&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1&google_push=AZmPxg8aPLLAaNmxLsSK8QfJkFHNGGWoNK7TgHgXmo3HumdfymW1S4Q0Wrd-IEjpIsegqNMAj87AwaZHfV9YRJDbLZ9-V4xo2KT_ HTTP 302
  • https://cs.media.net/cksync?cs=40&type=wun&chng=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT}&redirect=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3D8m33zk4%26ttd_tpi%3D1%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}https%3a%2f%2fcs.media.net%2fcksync%3ftype%3dwun%26vsid%3d3069678381540929000V10%26cs%3d12%26ovsid%3d%26google_push%3dAZmPxg8aPLLAaNmxLsSK8QfJkFHNGGWoNK7TgHgXmo3HumdfymW1S4Q0Wrd-IEjpIsegqNMAj87AwaZHfV9YRJDbLZ9-V4xo2KT_&gdpr=&gdpr_consent=
Request Chain 279
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEPlxe7VydKdNmpthJvHpPZs&google_cver=1&google_push=AZmPxg9-yD8p1DRj7-8aeZvnEugme4mBcrH9Oc2lQfUmaPwXuQ4ENZHr0TaCRIZTT-xCdug2pHJX9HLyDojjH-A7S2BOvhEZkKYL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9-yD8p1DRj7-8aeZvnEugme4mBcrH9Oc2lQfUmaPwXuQ4ENZHr0TaCRIZTT-xCdug2pHJX9HLyDojjH-A7S2BOvhEZkKYL&google_hm=1876a028e70a2f85d1bef01b6eeaa9c2
Request Chain 280
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEBrGXm4BPcMxTvRF7GmliM4&google_cver=1&google_push=AZmPxg8W2GphnS76SdWboekyfRnHx3VFGKjCAm9YHZSFMeqAnPjmzDu9tcQnVJLDx3wOHrpuVhdQ8RwQlRdkDqoIO_rfAXEXLQLk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWRjYjM2NTctOWU1Ny00MWYyLWJhMGMtNmYxMDg1ZDc2MjY5&google_push=AZmPxg8W2GphnS76SdWboekyfRnHx3VFGKjCAm9YHZSFMeqAnPjmzDu9tcQnVJLDx3wOHrpuVhdQ8RwQlRdkDqoIO_rfAXEXLQLk
Request Chain 281
  • https://sync.inmobi.com/gob?google_gid=CAESEEThY7uqnfVIjn6-NVnFz9M&google_cver=1&google_push=AZmPxg_LfOqWReFm7vAaqntgsTIbPUcOE22feVIV6Ue7AAnJuZiWiaHrw2vlY_VNAWIabHPDGaPd7fDldgvK-kUzxON9na4h2URh HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg_LfOqWReFm7vAaqntgsTIbPUcOE22feVIV6Ue7AAnJuZiWiaHrw2vlY_VNAWIabHPDGaPd7fDldgvK-kUzxON9na4h2URh&gdpr_consent=&gdpr= HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOwmLyZP3jhRtZVTHPe27nZR9RlC8xcktDZJznMg&google_push=AZmPxg_LfOqWReFm7vAaqntgsTIbPUcOE22feVIV6Ue7AAnJuZiWiaHrw2vlY_VNAWIabHPDGaPd7fDldgvK-kUzxON9na4h2URh
Request Chain 282
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEP-NzvxlmrmFdi01mWY_Zhk&google_cver=1&google_push=AZmPxg9tH6lES4zke07W-dyGGMNvVaUlrMqv5J-o4Wy3MTOiQ8W387KBXl0KotNQW5XiFr2Llp0if05Nb0TtAW2REGfnN4eM1WSC0A HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEP-NzvxlmrmFdi01mWY_Zhk&google_push=AZmPxg9tH6lES4zke07W-dyGGMNvVaUlrMqv5J-o4Wy3MTOiQ8W387KBXl0KotNQW5XiFr2Llp0if05Nb0TtAW2REGfnN4eM1WSC0A&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9tH6lES4zke07W-dyGGMNvVaUlrMqv5J-o4Wy3MTOiQ8W387KBXl0KotNQW5XiFr2Llp0if05Nb0TtAW2REGfnN4eM1WSC0A&google_hm=LU9GRW52dWhMZzBqTGlyU2NfdGQ= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 333
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D8190a844-dd57-40df-abe0-c057a059d881&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1281%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D8190a844-dd57-40df-abe0-c057a059d881%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD04MTkwYTg0NC1kZDU3LTQwZGYtYWJlMC1jMDU3YTA1OWQ4ODE%253D%26uid%3D%24UID
Request Chain 334
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=8190a844-dd57-40df-abe0-c057a059d881&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=8190a844-dd57-40df-abe0-c057a059d881&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=311ef306-2d9e-4ffe-8a74-68fbe2b7b141&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528852980624694037&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10528852980624694037&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528852980624694037&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208950804283005789868&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980624694037&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 335
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L8EYJALY-6-9Q7D&gdpr=0&us_privacy=1---
Request Chain 336
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=8190a844-dd57-40df-abe0-c057a059d881 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=8190a844-dd57-40df-abe0-c057a059d881&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-bek6mZJE2uFse1GTDYORSYzyzFNpVaSwjPyMOK4-~A&gdpr=0&gdpr_consent=
Request Chain 348
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4035254839846314974&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 349
  • https://match.adsrvr.org/track/cmf/openx?oxid=355e9490-9caf-70fc-f151-eb14c05c5f06&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&ttd_puid=355e9490-9caf-70fc-f151-eb14c05c5f06&gdpr=0&gdpr_consent=
Request Chain 350
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yy4cI8Co8X0AAN64m8AAAAAA
Request Chain 351
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afz716lt_Q2rks8ADsWuIP40ec8AAAGDbB3pkw
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIRDZMoTjn-LgbbMASqvB0A&google_cver=1
Request Chain 354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&dongle=0cfd
Request Chain 355
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBDKwQqBrAzQnYmvKbg2-tE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 357
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D
Request Chain 358
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1831928396507131899786&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1831928396507131899786&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d1b31243-b705-40a3-9d88-ac4d86d5cd8d&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d1b31243-b705-40a3-9d88-ac4d86d5cd8d&_noobservation=1&_expected_cookie=3eafc74c74efe4a86bd027e852f107d9
Request Chain 359
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1831928396507131899786&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1831928396507131899786&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D594e175c-b93a-484e-8662-079e65dbfa3c%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=6d4f9c140fa54516bb99918dbf687b9f&ssp=triplelift&bsw_param=594e175c-b93a-484e-8662-079e65dbfa3c&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=594e175c-b93a-484e-8662-079e65dbfa3c&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 360
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1831928396507131899786?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-O8cDO7NE2oSbKT5IwOAzj9W7pIb9bE3QX3tyB_Piyg--~A&dongle=0883
Request Chain 361
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1831928396507131899786 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1831928396507131899786&dcc=t
Request Chain 363
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=aYTl_xTFSyrjpR5p2dI-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFMVI3C7PBKEMU3ZOJVHAURVOAZGISJN&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFMVI3C7PBKEMU3ZOJVHAURVOAZGISJN HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aYTl_xTFSyrjpR5p2dI-
Request Chain 366
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 367
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Drkt%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=rkt&refUrl=&vid=39662425313069678381540929000V10&ovsid=1921700045832649417
Request Chain 369
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dapx%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=apx&refUrl=&vid=39662425313069678381540929000V10&ovsid=7006693710408103041
Request Chain 370
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dopx%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=opx&refUrl=&vid=39662425313069678381540929000V10&ovsid=fd72fd0f-37af-4a1c-921e-957a72b3cdda
Request Chain 371
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dr1%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dr1%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D%5BRX_UUID%5D&cb=1663966243004 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8900097423 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dr1%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DRX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=r1&refUrl=&vid=39662425313069678381540929000V10&ovsid=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Request Chain 372
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Ddxu%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Ddxu%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=dxu&refUrl=&vid=39662425313069678381540929000V10&ovsid=4CnqC0zZ1OBPDd5
Request Chain 375
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dzem%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=aYTl_xTFSyrjpR5p2dI-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBLFKGYX3YKRDFG6LSNJYFENLQGJSESLJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTSNRWGI2DENJTGEZTANRZGY3TQMZYGE2TIMBZGI4TAMBQKYYTAJTWONUWIPJTGA3DSNRXHAZTQMJVGQYDSMRZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBLFKGYX3YKRDFG6LSNJYFENLQGJSESLJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTSNRWGI2DENJTGEZTANRZGY3TQMZYGE2TIMBZGI4TAMBQKYYTAJTWONUWIPJTGA3DSNRXHAZTQMJVGQYDSMRZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=aYTl_xTFSyrjpR5p2dI-&refUrl=&type=zem&vid=39662425313069678381540929000V10&vsid=3069678381540929000V10
Request Chain 376
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3069678381540929000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3069678381540929000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=62fb11c8-c09d-4f77-aa1d-f8102a3658e9&cs=1
Request Chain 379
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=1&gdpr_consent=
Request Chain 381
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7006693710408103041
Request Chain 383
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd5_ZY1lsjaZUJY0MSv47eg1PCCR6xWQ
Request Chain 385
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCKK4uJkGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 386
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KMhJRRaV-4NG-f2vVDRRY9Bgd87SI6Y5fHfoesNpFy8
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1
Request Chain 390
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=
Request Chain 396
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vQ5-8fKbRwqZOHZKnjHnWg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vQ5-8fKbRwqZOHZKnjHnWg
Request Chain 397
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFWUpBTFktNi05UTdE
Request Chain 398
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=&expires=30
Request Chain 399
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzM4NjY5YThlNDI4MWZmNTI1OTI4NmQ1NDRhOWM1ZGUwMjJhMWVhYg
Request Chain 400
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HFka-p-FSpeI-awvYxJjTQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HFka-p-FSpeI-awvYxJjTQ
Request Chain 401
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/TOK_yZC0HBuot1do43aJpQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7217229268336238396
Request Chain 402
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L8EYJALY-6-9Q7D&ex=d-rubiconproject.com&status=ok
Request Chain 403
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EYJALY-6-9Q7D
Request Chain 410
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 411
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8EYJALY-6-9Q7D&gdpr=0&us_privacy=1YN-
Request Chain 412
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7006693710408103041
Request Chain 413
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FXbiERZH9qdFTGi5TxKv4iNN
Request Chain 414
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FXbiELZHxp0kwOdGT6SO2Dsn
Request Chain 415
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=3addc1ab-9fdc-49a3-b328-ef1262f503e8
Request Chain 416
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004&rndcb=2882063519 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6500381675878024568&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/594e175c-b93a-484e-8662-079e65dbfa3c?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Request Chain 417
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1972084067388365219
Request Chain 419
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D8190a844-dd57-40df-abe0-c057a059d881%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 420
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
Request Chain 421
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-1e9c7540-4f44-3201-b19a-38a6c88cd9d8
Request Chain 422
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
Request Chain 424
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8EYJALY-6-9Q7D HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8EYJALY-6-9Q7D
Request Chain 425
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB&dcc=t
Request Chain 426
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&expiration=1666558243&gdpr=0&gdpr_consent=
Request Chain 427
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBAudE6NDdtOJ0ivdgieAHw&google_cver=1
Request Chain 428
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7006693710408103041
Request Chain 430
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=39XVY9iF1mPEhdc22t_KZd-FhmDE0oRljdVOjGnR
Request Chain 432
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=MdSSz0JtS3lE2l2JxISRkWfR_nE
Request Chain 435
  • https://c1.adform.net/serving/cookie/match?party=14&cid=EC53BDE9-E45C-483D-86E4-748CCB371E4E HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Request Chain 436
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Request Chain 438
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x67uju45lba
Request Chain 439
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=ZmoJHRCaDU27wa4PIRwuYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 441
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 442
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=d7176d43ab594ca5a2aa8c758ae27fb7 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Request Chain 444
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004&rndcb=5244719263 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=594e175c-b93a-484e-8662-079e65dbfa3c&google_hm=NTk0ZTE3NWMtYjkzYS00ODRlLTg2NjItMDc5ZTY1ZGJmYTNj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJom-Va-7xUSaYU_HaULQb0&google_cver=1&ssp=adconductor&bsw_param=594e175c-b93a-484e-8662-079e65dbfa3c HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/594e175c-b93a-484e-8662-079e65dbfa3c?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Request Chain 445
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4CnqC0zZ1OBPDd5&gdpr=0&gdpr_consent=
Request Chain 446
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64b07e16-3b81-11ed-93f9-d07437c7098f
Request Chain 447
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=178b3bc8-1da6-44f3-a7ce-277c49c9b37f-tucta27a1a4&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 451
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2566F278A4884DA9ACFEC98DA3577A05 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7FO96eRcSD2G5HSMyzceTg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 454
  • https://idsync.rlcdn.com/420486.gif?partner_uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9dbe4992fd5bbfeacc29bf9c9a6dda34c343c5a196b4e7c992ca534052750685791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5ZGJlNDk5MmZkNWJiZmVhY2MyOWJmOWM5YTZkZGEzNGMzNDNjNWExOTZiNGU3Yzk5MmNhNTM0MDUyNzUwNjg1NzkxNDI2YjU0MTdkY2UyMRAAGgwIpLi4mQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5ZGJlNDk5MmZkNWJiZmVhY2MyOWJmOWM5YTZkZGEzNGMzNDNjNWExOTZiNGU3Yzk5MmNhNTM0MDUyNzUwNjg1NzkxNDI2YjU0MTdkY2UyMRAAGgwIpLi4mQYSBAgCEABCAEoA&google_gid=CAESEOqMOo-iNw4GSM1YsPOYvLE&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=f5850bd2-a8f4-4b71-8005-4d65bb4382c0
Request Chain 455
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0abf632e-1c23-4d00-a1f7-554fbd238090
Request Chain 456
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUM1M0JERTktRTQ1Qy00ODNELTg2RTQtNzQ4Q0NCMzcxRTRF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 457
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN_JdwaL2N_KVDBR3DW9DYE&google_cver=1
Request Chain 458
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E0DED384687F48F79322C592D3E05F2F HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 460
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Request Chain 461
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=453&bidswitch_ssp_id=pubmatic
Request Chain 462
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hkMAuvxE2uWj83fuMpaIZOV5fTXiMIo-~A&gdpr=0&gdpr_consent=
Request Chain 463
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DggaJAlYGSQVWBhxCwIFIg5YSScVD0siXAgZK9p4
Request Chain 464
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3891623332221362898 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 465
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7006693710408103041&gdpr=0&gdpr_consent=
Request Chain 466
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4035254839846314974&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 467
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7006693710408103041 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 468
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5dc29f8de8e520bd&is_secure=true&networkId=17100&version=1&nuid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMT6LZ8H6rGwMV-5NAAAAAAAA&expiration=1664052644&nuid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Request Chain 470
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&expiration=1666558243&gdpr=0&gdpr_consent=
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBAudE6NDdtOJ0ivdgieAHw&google_cver=1
Request Chain 473
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7006693710408103041
Request Chain 474
  • https://id.rlcdn.com/711587.gif HTTP 307
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Request Chain 475
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=M_Gn-p1AS9Nl03qGZxIWEGfR_nE
Request Chain 476
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_632e1c242d513&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632e1c242d513
Request Chain 477
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy4cILKEHw4EVhBn.HX6jwAA%264736?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yy4cILKEHw4EVhBn.HX6jwAA%264736
Request Chain 480
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd7LUSB8Od08U3l9CNS3k1PQi8ZDNDxg
Request Chain 482
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Request Chain 483
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=L8EYJALY-6-9Q7D&gdpr=0
Request Chain 484
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7006693710408103041
Request Chain 486
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6506743396448035559
Request Chain 487
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=nVJyWtt_N8UQWx1xUIiKNIYsgg0b30XZvHtwHzkvyeQ
Request Chain 488
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Request Chain 489
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1
Request Chain 490
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
Request Chain 491
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=
Request Chain 492
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=594e175c-b93a-484e-8662-079e65dbfa3c&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528852980624694037&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Donetag%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf&ssp=onetag&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528852980624694037&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208950804283005789892&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980624694037&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=594e175c-b93a-484e-8662-079e65dbfa3c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 497
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=qZFsD0752BnT&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 498
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=5142224890575151820&gdpr=0&gdpr_consent=
Request Chain 500
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8EYJALY-6-9Q7D HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L8EYJALY-6-9Q7D
Request Chain 501
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7006693710408103041
Request Chain 502
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_4f97c14a-6827-4221-9982-048ae063fead&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3209392846824037581&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=594e175c-b93a-484e-8662-079e65dbfa3c
Request Chain 503
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28oCmk0VJ3wjiGxAAFPo875yag9Wb3Jx5-QsLltDuvsweep-lGqb9vX8R_p8qfK9L7%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oCmk0VJ3wjiGxAAFPo875yag9Wb3Jx5-QsLltDuvsweep-lGqb9vX8R_p8qfK9L7%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_4f97c14a-6827-4221-9982-048ae063fead&obuid=ENC(oCmk0VJ3wjiGxAAFPo875yag9Wb3Jx5-QsLltDuvsweep-lGqb9vX8R_p8qfK9L7) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
Request Chain 504
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c26330e0-b4ba-48aa-962a-fbf9080c5e40
Request Chain 505
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0bed572d-4ca6-4c4f-4b64-2f998115e402$ip$103.209.254.113
Request Chain 506
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Dzs8wr9E2pfTxmR67Offdp.1zm6Osrk..S0K~A
Request Chain 507
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=ad942239-660a-429a-b4bc-1096ac97e8af
Request Chain 510
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_4f97c14a-6827-4221-9982-048ae063fead&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=aYTl_xTFSyrjpR5p2dI-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKZKRWF66CUIZJXS4TKOBJDK4BSMRES2JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKZKRWF66CUIZJXS4TKOBJDK4BSMRES2JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aYTl_xTFSyrjpR5p2dI-&us_privacy=1---
Request Chain 511
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=9255aa1a-008e-44ce-b50d-bd5c4abcd5c6
Request Chain 512
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004&rndcb=715231789 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=594e175c-b93a-484e-8662-079e65dbfa3c HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=594e175c-b93a-484e-8662-079e65dbfa3c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6977c0cd-e8cb-41e0-b03d-651cefe5ebaa&user_group=1&ssp=adconductor&bsw_param=594e175c-b93a-484e-8662-079e65dbfa3c HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/594e175c-b93a-484e-8662-079e65dbfa3c?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Request Chain 513
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=AaIM3b9KDQpe&ev=1&pid=558355
Request Chain 514
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5142224890575151820
Request Chain 516
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Request Chain 520
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Request Chain 522
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Yy4cJMCo8X0AAN64m9wAAAAA
Request Chain 523
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Yy4cILKEHw4EVhBn.HX6jwAA%264736
Request Chain 524
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=60aY5ISNziYG5IrXmRIN&pi=gumgum&tc=1
Request Chain 525
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 527
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L8EYJALY-6-9Q7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L8EYJALY-6-9Q7D
Request Chain 536
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=EC53BDE9-E45C-483D-86E4-748CCB371E4E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&ttd_puid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf%2C

524 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
www.bg3.co/a/ 		53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ac70053453f5ade099dc1832670e6bd2507b78c92c89d89fec14b69150dd01d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 23 Sep 2022 20:50:33 GMT
ETag
"d3e8-WEI8wGTlOk99FhoZSqsZyxyfr6Q"
Expires
Fri, 23 Sep 2022 21:50:33 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72580
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 20:50:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"262efd4b6b76c562"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 20:50:34 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9655
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 20:50:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"8ff35979583bd4ad"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 20:50:35 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 20:50:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d4da8c7cd0fe74c1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 20:50:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 20:50:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ca421db8126f307e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 20:50:34 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1031
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXr2AD0nt9tfJjY4UrxNcjDWccpCdDlIwGFfpumFZxiszNzO0m%2Fd%2BU%2FgvxYy3GTwDuH4SvCsK5vrwxE%2BWp%2BeZGqG1XTOCZIZSRYZyw8pfOFZMx3LhHHzwmZe3jXsM2iIWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74f627452b925aa8-MEL

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 23 Sep 2022 20:50:34 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 07:00:26 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-type
application/javascript
content-length
9571
expires
Fri, 23 Sep 2022 21:50:34 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
b8495f96bf23b93cee2ad9dd1ebe81e84cac8fc9e8d247546ae2b5d64e6d0b40

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 23 Sep 2022 20:50:34 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:51 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
x-cf-geodata
AU
content-type
application/javascript
content-length
105414
expires
Fri, 23 Sep 2022 21:50:34 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6790
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JUfxEnkzsQU3wKGVitzvst9MQEr%2FfLzt6mLekfTLO7R%2B%2BI2qkbAbPaAZLpiF%2B7EMeddx%2F1dltLEzJkKm5jtlxVN7%2BO5zUplqvrYP75cRf4zH8aXqbUVH0C6sOhKEo9nhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
74f62745fc1b5aa8-MEL
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
b9a9b552edbd75ce0476b43a52e5f802b8ffb322e37ff9ce657b015adf83cd55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:35 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
b9a9b552edbd75ce0476b43a52e5f802b8ffb322e37ff9ce657b015adf83cd55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:35 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7119441539965583&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:35 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.6393088182095141&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:35 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
8cfd3da1326566afc4210e5f644fad79.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8cfd3da1326566afc4210e5f644fad79.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1409b94a7a31c87b0622c0e4a58b57ac9c5212a253c6e5f257a19075be0b2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 22:04:12 GMT
server
cloudflare
etag
"8CFD3DA1326566AFC4210E5F644FAD79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs1RMrD2hWOl1k7Sbky9lpCVPvGUYc5yxkkWupw8jWzm6ygHpKnBz9cnxc3d8BVwfJ3weQ6LfEba13iG6G9N%2FZGOsVYq1SE9HkUqPyjyY6vJummCVbLhe0LIGRyG3Gc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f627480e1717ce-MEL
content-length
5757
expires
Fri, 30 Sep 2022 20:50:35 GMT
42bfe9fb8f8596d48ac68f558200434c.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/42bfe9fb8f8596d48ac68f558200434c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b235ba0169aa8444fd2f5f377667855a21fb7c6c57dedeac3d522fc95153675c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 10:44:42 GMT
server
cloudflare
etag
"42BFE9FB8F8596D48AC68F558200434C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoNtgB08r%2FPVz4M2xPT4ak8rfJMD%2BuTzwaaBlFq5GMsPYCjDCCoN52QoMbSKvDPO%2BD1cvB%2B9BCHJLHqPQYqdMGFuIlZzVzyz4i27YwS0%2FgxDRZp1uxafHQyzh2zk4uk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f627480e1917ce-MEL
content-length
8855
expires
Fri, 30 Sep 2022 20:50:35 GMT
c6637d756db94050b559eaaf3495619b.jpg
static.bg3.co/imgs/202201/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/c6637d756db94050b559eaaf3495619b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a011c36a45437dcf8aac135010e6771d824c0f5918583a3648173111d162472

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Sun, 09 Jan 2022 09:10:44 GMT
server
cloudflare
etag
"C6637D756DB94050B559EAAF3495619B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjDaXG4nuJoHrlrBxCDjZPynfDCzx7DlX9YHHr4dDPk8WGL%2FR%2Fuz7xFkNnOpMuN1cUesPSTTl0anR35ttbcdQ01ERcpBFvJC3K2sr%2Ff6AZ3OHRHVurEyejdmYo6dbaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f627480e1a17ce-MEL
content-length
4384
expires
Fri, 30 Sep 2022 20:50:35 GMT
5a234be8d466f84e945335f9d2844cd1.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5a234be8d466f84e945335f9d2844cd1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d65443771fb42819ba9cdce93855c1cb6fec378e5e2776b15d6be54d4cff793e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 13:23:55 GMT
server
cloudflare
etag
"5A234BE8D466F84E945335F9D2844CD1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7udVtQJU%2FzFprVd70WSFrZtzJ%2B9SomNyCE2J5qw1KoO9rbZVrw%2F1JNEkoYWj2aanJJvt%2BGzZ4Fd%2BxEvSYgwJeNzAE106AJOMEkCPFxrasaG8Q3e8qR0JiXWO4hUqPCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f627480e1b17ce-MEL
content-length
5190
expires
Fri, 30 Sep 2022 20:50:35 GMT
ccf4066f8e3d567705d94ab9685af982.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ccf4066f8e3d567705d94ab9685af982.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d68bddaf25272acf5a93c4371aa8d9cb5994b9708f1738adcc2137d25b20da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 06:55:21 GMT
server
cloudflare
etag
"CCF4066F8E3D567705D94AB9685AF982"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=179Q0j6nP4soaumnrQ33wotaow97FpjtLh7zG00geHVlnAQeoNhKuSqF2VlM0lVzk%2B7O9VrYoW4mPgeA5wNr%2BmDawzYymkq%2BCmjFi9nKBwaw9eD%2FbIsmyu9cAkfF7Ac%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f627480e1c17ce-MEL
content-length
8423
expires
Fri, 30 Sep 2022 20:50:35 GMT
f4fb95d9fa6215bf68918e65b240be09.jpg
static.bg3.co/imgs/202106/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f4fb95d9fa6215bf68918e65b240be09.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96cc05f10a3c9d5a2b69aaa0523c4464c7a80476e79200065728fcf9046c2603

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 12:08:17 GMT
server
cloudflare
etag
"F4FB95D9FA6215BF68918E65B240BE09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc8ZYnMAawDa%2BhqpP8ZDINFTfbP8B6FGP1IPOJAnyGW35uiMcsyeHxAOHtj7EHxzXGKZjmNKXUVQMXDAJfOexOoDhkZDiLYHjJqF285AtoTwbIRWOxNqpFIl7GM%2BojQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f627480e1d17ce-MEL
content-length
12985
expires
Fri, 30 Sep 2022 20:50:35 GMT
97ca4b736c0a0621a2de464effd52826.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/97ca4b736c0a0621a2de464effd52826.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec55a086ac744f17f414cc9f396b2f2563310ac05f84ac23969012f3ab8fb3c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 17:41:10 GMT
server
cloudflare
etag
"97CA4B736C0A0621A2DE464EFFD52826"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4ikfu1WnnOy21xCx887CKQZIWNYheFdGOhJ86DS3IphGZEox4nH0quy852Pj%2FnuEGGjvh8NrBkCA5MOyeYjRhn66wJw9tTuSq2UEAOoCJeS1fsgsAiKkxl2nROJD0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f627480e1517ce-MEL
content-length
2943
expires
Fri, 30 Sep 2022 20:50:35 GMT
c98617f6ef80761e7d4bd280bd71694a.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c98617f6ef80761e7d4bd280bd71694a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1c106e5aecf93aba94a207bf31a25cbfdafe3087dc08eb0822e172bf375b67

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 14:10:18 GMT
server
cloudflare
etag
"C98617F6EF80761E7D4BD280BD71694A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5WDPFS29UWBXIwV%2Bm%2FWys1OEeILOxvrZI6M6jzLAQ71pkLltfVqTiWGb5El0u88gBfdBb%2Fzx84lzIdP%2FwHlo%2F4ZhfruY%2B%2B1H9X8qlv9M4AxiQovDV7lSAceGJ9XI%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff7b17ce-MEL
content-length
7680
expires
Fri, 30 Sep 2022 20:50:35 GMT
83abbc91189d951d480b6402422dfaba.jpg
static.bg3.co/imgs/202106/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/83abbc91189d951d480b6402422dfaba.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8059fd25c2a6b73cab0b2babf862eb1e848ce3a164f56cbad510a25f7024e2d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 22:51:16 GMT
server
cloudflare
etag
"83ABBC91189D951D480B6402422DFABA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5TuSwSGS%2FETXN41jq2%2FrQZibjAS5l0jejJTzDq9ru3pLlXgpFZqWve2tL55%2BNIP7SOhOP4%2BaONJxwm4wyrcAPqBQmu8Q9hC1sSf0J34yCLTLN4E0QXWxhToFT4wfGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff7d17ce-MEL
content-length
13457
expires
Fri, 30 Sep 2022 20:50:35 GMT
f7826bb89fea82b31f98379ba177be4b.jpg
static.bg3.co/imgs/202105/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f7826bb89fea82b31f98379ba177be4b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad8b051f9e9a373ffbb7c9c93ecc76dc4dfa7cb23575d2e92527eb4a22af052

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 17:56:08 GMT
server
cloudflare
etag
"F7826BB89FEA82B31F98379BA177BE4B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzzzuBcMgi7BgPZnfZY5CcU5CHxUzUz5tWMqL0dMYlfjr0oKIIMRx9mNHtRcWFTviW4YeTjFeCI2IsTZYcl9s8tysv8bYOdvr7HD0hL8TyWmy6UG62IV68X49iPrc4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff7e17ce-MEL
content-length
10701
expires
Fri, 30 Sep 2022 20:50:35 GMT
cb7ed92053fb5e388e347610c6deb7e2.jpg
static.bg3.co/imgs/202203/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/cb7ed92053fb5e388e347610c6deb7e2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34454ee7a784245e5033722bb5db320ddeea0b259ff1cf36921cd11fb0b1f3d0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Mar 2022 11:00:54 GMT
server
cloudflare
etag
"CB7ED92053FB5E388E347610C6DEB7E2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P6Ey6P9yz4mCI2yAJUVO3gK36fzQMnoy4HAxXHVkvcGJZJ6Nbnz8D7JfoYgk2XwZBi9DHHsxxTyFTcoEP0F1AjW3y9JW%2BeqJsGSzUptog%2FhdNE9rz8zd8bJJy4Ri%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff7f17ce-MEL
content-length
6602
expires
Fri, 30 Sep 2022 20:50:35 GMT
35ba68c4937f64892c580912f62056ae.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/35ba68c4937f64892c580912f62056ae.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa04f3cfdacf3c432b9a28f320c3661e18efacc57fb5051965f437ae699591ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 07:20:46 GMT
server
cloudflare
etag
"35BA68C4937F64892C580912F62056AE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q7G%2Fh9GWiQ8DyaK8h9Jq3YFD976eH%2FGBQyLuARPnof0jeWUy8HwpxnPLLJAVPr2WcIvZm5%2FsJbGdlg%2Fe7JYx2%2FIawlyB13DXtJujUp9yoO65faaGKfgos5H8EmUxR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8017ce-MEL
content-length
7830
expires
Fri, 30 Sep 2022 20:50:35 GMT
4f8c0000ae4137186defe0a16ae6505c.jpg
static.bg3.co/imgs/202203/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/4f8c0000ae4137186defe0a16ae6505c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc06956b65e7d5c50973f1dd8a0e6132fc57e763da035bc04bc5971ffd692c9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Mar 2022 15:03:48 GMT
server
cloudflare
etag
"4F8C0000AE4137186DEFE0A16AE6505C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zLyLQ4o3WW9LKQm%2BSo6y8exiIy0Xp%2Bsdhu1K5m9J3Qk0lNoMCobuD9NkOvYWGb70%2BEdaJCsOE%2FsKr2MV6seL3X4PEBOGNJHyo0TgCXwODMciFAV7pKIDZ3t4ZEdh6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8117ce-MEL
content-length
4890
expires
Fri, 30 Sep 2022 20:50:35 GMT
62bd2ecff19ce37163e6f01549973c92.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/62bd2ecff19ce37163e6f01549973c92.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50bc33bb9417b4e7bba61d521ff63fb05a29ac682124b317f899055e078133b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 05:23:32 GMT
server
cloudflare
etag
"62BD2ECFF19CE37163E6F01549973C92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDMc4pN1owUwp9md4BzMf79HPkJHPWcBvYRYTbVAvasFQT1datKXCKKiFga1dU5AH50FIDy9nkkjsFEqFuqh5O%2BHcQ7NJxXkNAp74hjJTBXYt9%2FqGGaD6t0Oen6PLx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8217ce-MEL
content-length
9039
expires
Fri, 30 Sep 2022 20:50:35 GMT
a60f8f47f9b20ce11c17d3b63882c7f0.jpg
static.bg3.co/imgs/202105/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a60f8f47f9b20ce11c17d3b63882c7f0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
192f321e7cb3d59e29ca481ae61c4529b449a5008d42acdfe195a6db4acbb5ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 22:08:45 GMT
server
cloudflare
etag
"A60F8F47F9B20CE11C17D3B63882C7F0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zb1zyU3rXfOF8ADKpcoosvy9Ntcl4%2FLB1gODZoLhcF9b2myMIoccrTFChxsG8cFgRrzpNlsl%2FsJwXEtwJK54GVJcxTvGa2NCS3U4EUAWqwbktRbTSpTPSjLY5QngM2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8317ce-MEL
content-length
2479
expires
Fri, 30 Sep 2022 20:50:35 GMT
4c4ef4229c812eb0eff83289c2c81fb2.jpg
static.bg3.co/imgs/202106/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4c4ef4229c812eb0eff83289c2c81fb2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452cb6e68b8268c89e28217985990d3b0200294d9be2d8132645a8eef7738d30

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 09:02:53 GMT
server
cloudflare
etag
"4C4EF4229C812EB0EFF83289C2C81FB2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKJHzPobejVAmtSrBG19jFLEjBI65zItwypwhZ7fGaQyymWy2kbSEFQxPuSn5SfFnxAvSugkzRy5bozUHXcbEKE%2BedBi2BDWuUVM33e7VxR%2BgreaeeN70hXht8fBt5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8417ce-MEL
content-length
8378
expires
Fri, 30 Sep 2022 20:50:35 GMT
304f80281c285d70a5bbdfaa2bb24bac.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/304f80281c285d70a5bbdfaa2bb24bac.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ff74c7d95e03f6cb798de6033e68b6ea3edfe81e8a7759dbb05690eaf95124

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 10:14:21 GMT
server
cloudflare
etag
"304F80281C285D70A5BBDFAA2BB24BAC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkOocPk2Akx8azYSkOlz9d939jk14CtqJTxd06eoSQJY6Ev8RAlkY4uAncwr8obV1cEWnD%2FpA%2FlmEEBkc9OLUu06QC7aQjxbLqyB6K97EOsRBzGN%2FLpa7rK5XUjfa8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8517ce-MEL
content-length
7499
expires
Fri, 30 Sep 2022 20:50:35 GMT
6673bffc123f90cfdb97e07ee63f6a27.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6673bffc123f90cfdb97e07ee63f6a27.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea33f5be401d63ab42b5defdd30f07365c1ded22ddf56b0343bdf5795d26e0c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 01:01:45 GMT
server
cloudflare
etag
"6673BFFC123F90CFDB97E07EE63F6A27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ER7SBKoDFklSf3UnqyMbaGgJ%2BJ5AwrYmSEmpWoYstTbOD%2F%2Fcykcs5myxMQMKIuLbiWJBcIl%2FNOCKCsexLRPOzjrhTiny8PrqV5DrFfr%2F2BZXMp8%2FgiJ6X1XmgEUoDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8617ce-MEL
content-length
7214
expires
Fri, 30 Sep 2022 20:50:35 GMT
17b084749898ac9e63bc9826bf872df9.jpg
static.bg3.co/imgs/202106/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/17b084749898ac9e63bc9826bf872df9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2714d9b88f0c50ccefa469ae332cdcaf154ba5af9e5e27eda0cefc0bd031db1c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 10:03:20 GMT
server
cloudflare
etag
"17B084749898AC9E63BC9826BF872DF9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjRsdruZcvzEg8mY44UAON21%2B5E1GsjQ%2Fi2kfLuwuiBwCDYXputXwdRZk9wepTrSbH%2Bf%2BmhUSN4AQcRhgDaotY4YYzwl3nn%2FVnKfEsJATiBq3c09nc5s2GeZrngPkrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8717ce-MEL
content-length
4644
expires
Fri, 30 Sep 2022 20:50:35 GMT
b4729880702bb7a5bd47421ddc496afd.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b4729880702bb7a5bd47421ddc496afd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547e2f3ff15c5a85f009c8ccdb2d680035b24728e2f880e1c1d1e50f21e71339

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 22:33:45 GMT
server
cloudflare
etag
"B4729880702BB7A5BD47421DDC496AFD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MajOuT6VrazPItXkClPXdwHWW69Tt2lrxtANX5xMPK2%2BsGpLQxLZtXwePuFLu3kaOveaTwmCGLySu8sl1eakuaAeQilQ5EvYkvh2z8OpyLR0Tvv%2BTzdZKm03JUcRr8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8917ce-MEL
content-length
4174
expires
Fri, 30 Sep 2022 20:50:35 GMT
18a056aa61009c5ab1016ee092fc950c.jpg
static.bg3.co/imgs/202105/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/18a056aa61009c5ab1016ee092fc950c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4466654848b03e3faa64a5d0485b4bcbcf6e06442f625b951b6663ecd5d4da6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 06:01:37 GMT
server
cloudflare
etag
"18A056AA61009C5AB1016EE092FC950C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26WeDiQsctjh9UtmKaw%2FSndtfe9GNQfFRQyj3Gz1MidiT78xq7zMz6yv17JG%2FlzjnrtPv%2FPteI9fupqk9Rlc6duBCAUp8K3Qx4pfzf%2B6%2FVcMjBSmQ3btV%2F44zRblnto%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8b17ce-MEL
content-length
11189
expires
Fri, 30 Sep 2022 20:50:35 GMT
fcabc97bec262d0c3bda0fa4908b41bd.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/fcabc97bec262d0c3bda0fa4908b41bd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c26193d730fafbc677653462ad9c59d0eeab1c101f50c2bd516ecc60eb99d43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 20:54:11 GMT
server
cloudflare
etag
"FCABC97BEC262D0C3BDA0FA4908B41BD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhvLhP3qx6jI1McgyCNz8r8xsuPYDHYswRpDXy8uRnSmXcGNB6NGxuKT5v4fG5NFBjI6tORa8UHh3D4p3h5cIDCJHozWk1yp%2Bv02vH8m5JzWwhOpxe2bjd9Ti3Y6%2BA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74f62749ff8c17ce-MEL
content-length
8839
expires
Fri, 30 Sep 2022 20:50:35 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2994
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:32:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef33de73eae082fa"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:32:03 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
334342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23079
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 23:58:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a56a470e0e255659"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 23:58:13 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
cff80c4f1b69a054563ac49abcdb7e292d5cda2e3ea20ce5736e48001ba3b2ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
522
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b1ec7df2eb3636e4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:31:58 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1663966235.dop111.la3.t,1663966235.cds201.la3.hn,1663966235.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1663966235.dop111.la3.t,1663966235.cds201.la3.hn,1663966235.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
322914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10238
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 03:08:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d9aacf1c86bf072e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 03:08:41 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0FE5 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
35c011fd8348a0278ba3b047d3f96ccdda86a00297f5718aea87ad806d9c885f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40619
x-xss-protection
0
server
cafe
etag
10524203869748737549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 20:50:35 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FEA0 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
26f58f16dfccf4720d29caa2a5e127cfeca83c394b91fe27af844c718891d540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40619
x-xss-protection
0
server
cafe
etag
3957227961111594728
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 20:50:35 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
270819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57918
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:36:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7c6c55ae06162656"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:36:56 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame AAF9 		714 B
800 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6811
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74f6274b0cce5ab8-MEL
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 20:50:35 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPHbg8iZyEx3v%2FlXLgzCj9beiRQPDTjMPHQ0Wvg%2FxXUkG0qD3pxfPplOzrZ9W5xVI8BD9fC6IxV1WGXQhVqjUixiU3JUaGYKVO0AlJnzbsp7E%2BPY36TJ%2B8nUvNSK25uxyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:35 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1249 		714 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6811
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74f6274b4d2b5ab8-MEL
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 20:50:35 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US8vZY7IRDGsQ5imOAaDkpul%2FeTS5iA5OhxXF4jv09ihXDiFXOol0EJNV%2BkHggbWQpqTcA1R0PMmfDoeY%2BtzNQc3yv9amqpq5RpnrZLOURcsBYpkENSuq0w0qd%2Bqm8Ph7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AAF9 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
77cd9a483177d7149d1eea99c6cb604ed30c86567dc6a8e32a11e571bcf1bf7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27802
x-xss-protection
0
server
sffe
etag
"1343 / 383 of 1000 / last-modified: 1663931308"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Sep 2022 20:50:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1249 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
77cd9a483177d7149d1eea99c6cb604ed30c86567dc6a8e32a11e571bcf1bf7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27802
x-xss-protection
0
server
sffe
etag
"1343 / 951 of 1000 / last-modified: 1663931308"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Sep 2022 20:50:35 GMT
gtag.json
cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:32:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc10be84565b445b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:32:24 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-3565599582756887759.ampproject.net/2209072154000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-3565599582756887759.ampproject.net/2209072154000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Fri, 23 Sep 2022 20:50:36 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1663966235967
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 23 Sep 2022 20:50:36 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Fri, 23 Sep 2022 21:50:36 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ Frame FEA0 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
09b9870d5d439cd41e0253e12613ebb657e76a2d860d3f74a14f163b046d6c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125800
x-xss-protection
0
server
cafe
etag
1433777407805656681
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 20:50:36 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ Frame 0FE5 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
58574e0b9b617b80c83b15922b5425cbd4f58e247c83935c4ca576cb0a7e7496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125794
x-xss-protection
0
server
cafe
etag
4214961461059106608
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 20:50:36 GMT
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ Frame AAF9 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 10:51:56 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-type
application/javascript
content-length
94168
expires
Sat, 23 Sep 2023 20:50:37 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-type
application/javascript
content-length
317
expires
Sat, 23 Sep 2023 20:50:37 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-type
application/javascript
content-length
17440
expires
Fri, 23 Sep 2022 21:50:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
83675ee21c2d018e49cefa9bb97ac9bb9092879aee8630d835cb7911abb7cf57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27807
x-xss-protection
0
server
sffe
etag
"1343 / 759 of 1000 / last-modified: 1663931382"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Sep 2022 20:50:36 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:36 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ Frame 1249 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 10:51:56 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjM5NjYyMzYzMDQsInBhY2tldElkIjoiMDAwMEE3MDEtNmE3NDU0OTMtOTg1Mi00YTY3LThlMGItNjc2YTZiNjUzZTZlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWJlaS10dWktc2FuLXlpbmcteWFuZy1zaGktZGlhbi1taW5nLThkYS1zaGktY2FpLXlvdS14aWFvLWthbmctcGktbGFvLWxhbi1tZWkteWUtemFpLW5laS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjM5NjYyMzYzMDQsInBhY2tldElkIjoiMDAwMEE3MDEtNmE3NDU0OTMtOTg1Mi00YTY3LThlMGItNjc2YTZiNjUzZTZlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWJlaS10dWktc2FuLXlpbmcteWFuZy1zaGktZGlhbi1taW5nLThkYS1zaGktY2FpLXlvdS14aWFvLWthbmctcGktbGFvLWxhbi1tZWkteWUtemFpLW5laS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjM5NjYyMzYzMDQsInBhY2tldElkIjoiMDAwMEE3MDEtNmE3NDU0OTMtOTg1Mi00YTY3LThlMGItNjc2YTZiNjUzZTZlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWJlaS10dWktc2FuLXlpbmcteWFuZy1zaGktZGlhbi1taW5nLThkYS1zaGktY2FpLXlvdS14aWFvLWthbmctcGktbGFvLWxhbi1tZWkteWUtemFpLW5laS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjM5NjYyMzYzMDgsInBhY2tldElkIjoiMDAwMEE3MDEtNmE3NDU0OTMtOTg1Mi00YTY3LThlMGItNjc2YTZiNjUzZTZlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWJlaS10dWktc2FuLXlpbmcteWFuZy1zaGktZGlhbi1taW5nLThkYS1zaGktY2FpLXlvdS14aWFvLWthbmctcGktbGFvLWxhbi1tZWkteWUtemFpLW5laS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjM5NjYyMzYzMTEsInBhY2tldElkIjoiMDAwMEE3MDEtNmE3NDU0OTMtOTg1Mi00YTY3LThlMGItNjc2YTZiNjUzZTZlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWJlaS10dWktc2FuLXlpbmcteWFuZy1zaGktZGlhbi1taW5nLThkYS1zaGktY2FpLXlvdS14aWFvLWthbmctcGktbGFvLWxhbi1tZWkteWUtemFpLW5laS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%96%B2%E6%86%8A%E9%80%80%E6%95%A3%EF%BC%81%E7%87%9F%E9%A4%8A%E5%B8%AB%E9%BB%9E%E5%90%8D%E3%80%8C8%E5%A4%A7%E9%A3%9F%E6%9D%90%E3%80%8D%E6%9C%89%E6%95%88%E6%8A%97%E7%96%B2%E5%8B%9E%EF%BC%8C%E8%97%8D%E8%8E%93%E4%B9%9F%E5%9C%A8%E5%85%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-N8I0g7HasEnTx_js5nTbpQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.5213704653879998&gjid=0.06214513089744145&_r=1&a=3493&z=0.5561584257231251&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FFD0 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5349702072444496862&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3246&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=8075003493&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&ga_hid=3493&dt=1663966235763&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&bdt=2119&dtd=557&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:37 GMT
expires
Fri, 23 Sep 2022 20:50:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame FEA0 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
6a100e1365de0df67fe5e549641669428ec60756b4701d70a54babeaa0a71e72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame FEA0 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FEA0 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9588 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ff9aaa56f07b739c67d1141422bc4a678180209d9ded2f95b6ec2319068bce68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
14340
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:37 GMT
expires
Fri, 23 Sep 2022 20:50:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 0FE5 		379 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9cea689027911272e45259579b20d1049f34154c314fd2f947ebb68dae581697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 0FE5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0FE5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B738 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
cd310cd9df1443ab6b18cb88859bd2aa060c7a8f9f2bd944f3ee20cf053f9b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
14322
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:37 GMT
expires
Fri, 23 Sep 2022 20:50:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame AAF9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AAF9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AAF9 		499 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2204077460075277&correlator=2147978392996471&eid=31068458&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1663966236916&lmt=1644386353&dlt=1663966235427&idt=1469&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=861hcmeltr70&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1657057256.1663966237&ga_sid=1663966237&ga_hid=321544016&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
f11955261b68a419abdb0b44cbf2045b881afe22fc26240c6f9519f878cf61a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
baebd14d6eb9f84ad2dab463d5e79661.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3706 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://baebd14d6eb9f84ad2dab463d5e79661.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:37 GMT
expires
Sat, 23 Sep 2023 20:50:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022092201.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:55:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131358
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 08:36:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Sep 2023 10:55:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:50:37 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 1249 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1249 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1249 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4123384570853731&correlator=3260818886630487&eid=21068766%2C31061167&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1663966237097&lmt=1644386353&dlt=1663966235467&idt=1621&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=h6vk2veri8kz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1166479076.1663966237&ga_sid=1663966237&ga_hid=1570474142&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
52759e858038d5479ab775abdbd8e975e2d2ef6e633c98b3c1542f7e3cd8e150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
78d8cbd388dd889000a93cd0d93ce89b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DF5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://78d8cbd388dd889000a93cd0d93ce89b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:37 GMT
expires
Sat, 23 Sep 2023 20:50:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 771B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cr7GWHBwuY8OfNJWbmgermYDQCKzX_fBktPaok-ILwI23ARABIABgpcCjgKQBggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAZX1m98DyAEJqAMBqgS2Ak_Q5L4Ux5QuGuwEWnlrUcvx0p4pZVVpqNlw5SmZf2VYwZl7Q022OE6g2vtXP11-8ekycoD43tyfMzX55NkT3tKJkVdnriTCwD0VGstr76qxavjLGyiF7jduUDJVeCvI9kpd2gYh1CrrMogRtW6P6GzY6PWpXGkNKkRfMm_HdgrZLVRR8I9ycpsFgKmCicqNEgDSh36rKufE8H27PMhRhBpZSdQHY1NCuzELAGisJovxxKepLOkOhQNEOTu5XxRNgAEpWXzHxqmVFpRe_-gY0XIWpNzMKMRPl9vrozZJvlA7KFk5zjKERYPiI2NQzz4alaIUtvjQsWZXLk5CrEcf8VO6DGoSKUHNItiV3J8EmlLWKbejXK9P9aYU1S-8wRHlC_0eMWZHF6H15qprZtQnwwqOM0EoiyKABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=EJEvVNWSvB4&uach_m=[UACH]&cid=CAQSGwCsnQUxusfNV1ngy3WcjJSvRtwxeOzyJLCFJhgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 23 Sep 2022 20:50:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:50:37 GMT
log
hblg.media.net/ Frame 771B 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=9.277052E-4&viewability=31&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=6f279b34f289407eba02067189f01947&ugd=4&size=250x250&pvid=4&csip=rtb-common-istio-5db8d86554-tnj4x.SG&ogbdp=0.02&prvReqId=58630104571658_447290710_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&scrid=1700080812610100250025000000500&mang=1&bidrestime=1663966236973&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:37 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 23 Sep 2022 20:50:37 GMT
log
qsearch-a.akamaihd.net/ Frame 771B 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=5.0&adtyp=0&req_id=Yy4cHAAOJhMKj04M4g9Fyw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&url_l1=a&f_seg=&url_l2=pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=0.3100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-VIC&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html%2F&bidrestime=1663966236973&cc=AU&strg=no_strategy&ss=&current_hour=20&time_stamp=2022-09-23+20%3A50%3A36&rvshhon=&bdp=0.0200&ct=Melbourne&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=6f279b34f289407eba02067189f01947&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=2&totalTime=2351150&dmm_m1=2022-09-23+20%3A50%3A36.975271320&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-5db8d86554-tnj4x.SG&dfp_bucket=0.0&adblk=2365071409&itype=adx&pvid_seat=4_BID_API&cliIP=1741815296&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 23 Sep 2022 20:50:38 GMT
nmedianet.js
contextual.media.net/ Frame 771B 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c44996831ed2b4453e626dbf80aca15e6219fc5ef6b09eb41d0a07703d50cd8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-11
content-encoding
gzip
server
Apache
etag
"2c0bf8d0142d3c1fcc181f22f02eb8a5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 23 Sep 2022 20:50:37 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-18
expires
Fri, 23 Sep 2022 20:55:37 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 771B 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 23 Sep 2022 20:50:37 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=49650
access-control-allow-credentials
true
content-length
62892
expires
Sat, 24 Sep 2022 10:38:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 771B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 18:50:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 771B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:15:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 771B 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3FF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkOB_HBwuY4a3NPyK3LUP6IG4gAWs1_3wZLT2qJPiC8CNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoEsAJP0Olz4tXtiZ1Sz8i1xEgI_Fkq3VnrtitTVfB5rT6eCT_nw1vyNiy7fPFv1Wf52h7HIWNAFLyNsT7tmMo2icbyM5K6kYCRwSk0pEYwggweSpLuQGRboxduGErEhR7dAFU09M1mWgDZ1frVqnbSsvdDCGRChF5mPjJioM6Ab65awxeTx6lZBZwZK4mFvlNyoCBYwtUT41bs5YohhgcyTfq_OiKDVQuavjT3lctnf64i4ga3EHao7qmIa3In16o87pV9VSpZxNcKjH9fqVPME3Pv7GGEnZcMpAceZpEPnayTuGHXphMbtxgST6GseFSvAKiuXjPSSjxQ-iRsQfLcUNpa2a0I_Dfa7S8VFiP-7KAGBcOKqboj9t56RGyKWFcDOPdJX30-oOwqre9NhaBZzQajgAbDxd-byq3NmOkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=9CHP5aKKs0c&uach_m=[UACH]&cid=CAQSGwCsnQUx5AMs7xjO4NVLdGaeWaHdE1rMTM90OBgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 23 Sep 2022 20:50:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:50:37 GMT
log
hblg.media.net/ Frame 3FF7 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=9.277052E-4&viewability=83&device_id=4&cbdp=0.02&slotVisibility=1&dn=bg3.co&acid=d68207c4424740d588ab6c4aaea4714a&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-5db8d86554-v86rq.SG&ogbdp=0.02&prvReqId=57539810541597_1615094559_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&scrid=1700080812610100250025000000500&mang=1&bidrestime=1663966236956&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:37 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 23 Sep 2022 20:50:37 GMT
log
qsearch-a.akamaihd.net/ Frame 3FF7 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=5.0&adtyp=0&req_id=Yy4cHAAOMNIBc8fHJQ9ksg&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&url_l1=a&f_seg=&url_l2=pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=0.8300&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-VIC&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html%2F&bidrestime=1663966236956&cc=AU&strg=no_strategy&ss=&current_hour=20&time_stamp=2022-09-23+20%3A50%3A36&rvshhon=&bdp=0.0200&ct=Melbourne&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=d68207c4424740d588ab6c4aaea4714a&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=1&totalTime=2013150&dmm_m1=2022-09-23+20%3A50%3A36.958851669&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=true&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-5db8d86554-v86rq.SG&dfp_bucket=0.0&adblk=2365071409&itype=adx&pvid_seat=313_BID_API&cliIP=1741815296&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 23 Sep 2022 20:50:38 GMT
nmedianet.js
contextual.media.net/ Frame 3FF7 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1e72d71e10ec459160b477ec9afea70cb0ddd6ae3f9871bd21dfd68926da686c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-11
content-encoding
gzip
server
Apache
etag
"2c0bf8d0142d3c1fcc181f22f02eb8a5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 23 Sep 2022 20:50:37 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-18
expires
Fri, 23 Sep 2022 20:55:37 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 3FF7 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 23 Sep 2022 20:50:37 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=49650
access-control-allow-credentials
true
content-length
62892
expires
Sat, 24 Sep 2022 10:38:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 3FF7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 18:50:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 3FF7 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:15:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3FF7 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AAF9 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
0818058dce6ddd054acc693717a91a4512ed5d284eccc1b759a59ec5197b00fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11285
x-xss-protection
0
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 30 Sep 2022 20:50:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1249 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
50559c2fc55e24ebdf4210531cc5c9b616c2838795f6ce0434fe62f0fe745cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11197
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220923
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20979
x-jsd-version
1.0.1472
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19156-FRA, cache-yyz4566-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-5kcFU4ELpJ/3TUqY2DoFFkrnMcY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPOhQdMZidMOeLQRbRkrv2XqNS%2FHsk%2BrBzMyIDvK6ysV%2BTc8tykhqWRzXhQgJENuBpWIOqGdkISB%2Bn9O3V66EoMMsfRCSy7OsXKjPmFOfyGUcxqg%2BJ5Qu9GNfWdWXb3Yg8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74f6275af81e17cc-MEL
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.144.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-144-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:50:38 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
20
vary
Accept-Encoding
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=84349491674
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpushup-d.openx.net/w/1.0/ 		174 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8e6626c2-a577-4d30-b2e0-1ebc77aa3dad%2Cfd432241-8cd5-4feb-bcf9-5032cd6f50cb%2C9d522e56-15f1-4a3b-a3eb-b3c1e8ce08ff&nocache=1663966237704&pubcid=e6f2abc9-3528-4f0b-ab87-23fca47b6cfb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8fde449e41f9fb857ca0d3294492b091510b054666779b030e52f2c7d7ab74a7

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f0e8f722-ce2a-43ca-a219-4d52d0669bcc&nocache=1663966237704&pubcid=e6f2abc9-3528-4f0b-ab87-23fca47b6cfb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8830068f-c5d1-45ef-a7a8-d2a5bbf0d632&nocache=1663966237705&pubcid=e6f2abc9-3528-4f0b-ab87-23fca47b6cfb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2620790b-f4ac-4af4-af76-ce7ee528667b&nocache=1663966237705&pubcid=e6f2abc9-3528-4f0b-ab87-23fca47b6cfb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
adreq
ads.servenobid.com/ 		405 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9332
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ebd6049dcfe1cac963f479673ff653cf21887dc847216db221a5ba2d8c1db4fa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 23 Sep 2022 20:50:38 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a9d68fbc-8046-4ca9-b3a6-2a8ff4340459
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.29.91 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-29-91.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.37.41 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-37-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 23 Sep 2022 20:50:38 GMT
prebid
prebid.media.net/rtb/ 		1 KB
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
91ca2304e3db26df02cb5c28e0b11a4801d16d2426bf7164df1a64271b16ae6b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
122
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		24 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
458d32b43f59aecdeaece61e69b33c95e777d2a2a17616133bd4a2cf31f97410

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:50:37 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
158
content-length
12008
cygnus
htlb.casalemedia.com/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22542926b0c084d8b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22613c2456b96e5c9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2264d35c1ed059cfe%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2265925b6f2df0212%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e6f2abc9-3528-4f0b-ab87-23fca47b6cfb%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1df6a2e8accf448831c362319865b6995d6c8970533039da742bd6c5d9f56c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MymD1romCZkgHgUbgp%2B6r6%2FC5IpJvJUu4WVoGTE7EiumCgsnb34o0w1yV%2BASzxAe3oCRollA6U65s9bH1HzNDg5%2F7nSJOv5XRLGoP5YQGs5JmmFhTuOCrqac4uB28NFUv8TBTBCV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74f6275b4e0cdf85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22542926b0c084d8b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264d35c1ed059cfe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2265925b6f2df0212%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e6f2abc9-3528-4f0b-ab87-23fca47b6cfb%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1df6a2e8accf448831c362319865b6995d6c8970533039da742bd6c5d9f56c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdtn3BYvCC0oXv%2BjN83L1KK52cu7WhL2m6WoNQ8Oudq88cBoJcmZINdBYmFjtd1Igm9LMafvpGpKes0HXxLyjeBnRxHEgnU9QMKRz312ZHGhZQwY8ag%2BvcBKf6S0YmL3JF53vX0y"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74f6275b4e0ddf85-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
557098444c0ca1d6fdc3f9236e8789d9c6ecf423a466a6e70a8e06b5125da658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 23 Sep 2022 20:50:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.84.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-84-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
71bd03971b29ea308ed23709fb13360021fedd25eea3d88333909061ccd738a3

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.84.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-84-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
73611da1d48334fe85f516a1b6deb1592ed1ba0320c18560fea9dc64e830dc01

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.84.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-84-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
45024afc25d6e774df48315bd2f32b4e95ffd1b77695939b5078505332a5f5dd

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=e6f2abc9-3528-4f0b-ab87-23fca47b6cfb%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=12af4dd6-4003-438e-a0c3-fd5ef70f83c8%3B4fad3cfd-03d5-4564-b6b8-acb467cb4b23%3B23377133-0a89-4109-ad06-35cf1c319cd2&l_pb_bid_id=712ee303e2dc234%3B72fdc544ede4d9a%3B731ece139bd07a7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.37768893615867527
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
030c0a70a9cb65f42612963f2f859e6f36eaa80cd68f2d5384f0610fc750a089

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:38 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AAF9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1249 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:38 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-2.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:58:52 GMT
via
1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
age
3107
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
uPfDba8THYYRqthES6DGhtMbyywrkSPIHYSUC80LljMBaUXFWZjEew==
smtr
contextual.media.net/ Frame 771B 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&nse=5&vi=1663966237929782620&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44/a44q/4&bcpf=B44%2Fa44q%2F8fOnRrolnfOur84&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3D22%2Cpr%2C47%2Cj3%2C13l%2C150%2Cyf%2C133%2Chy%2Cy7%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2C12i%2Ci%2Ci2%2Ci5%2Cmz%2C12q%2Ciz%2Ccv%2C3%2C4%2C149%2C4k%2C13a%2Cji%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0757638078t202209232050&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=VIC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
234a380ccfdc003786c4ed03eb23027477b810fd7a217648a436f530f8144bc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Fri, 23 Sep 2022 20:50:38 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-qwl7
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33650
x-sc-w
22-355m
bping.php
lg3.media.net/ Frame 771B 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=621&&vgd_cdv=802&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1663966237929782620&ugd=4&lf=6&cc=AU&sc=VIC&lper=100&wsip=2886781335&r=1663966238216&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=140952&vgd_rakh=1663966237133520996&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0757638078t202209232050&vgd_pgids=1&vgd_uspa=0&hvsid=00001663966238214017418154099689&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 23 Sep 2022 20:50:38 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=57651
content-length
15
checksync.php
contextual.media.net/ Frame 0265 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d61a19b40876ff27c3d5af7857b9cf0ff937d0d978512ed80b14bcf32900a014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 20:50:38 GMT
expires
Sun, 25 Sep 2022 20:50:38 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 771B 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4985&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Yy4cHAAOJhMKj04M4g9Fyw&s_city=singapore&ugd=4&bcat%3C%3E=10368%23%2311841%23%2310437%23%2310058%23%231000004%23%2310508%23%2310445%23%231000031%23%231000030%23%2310130%23%2311669%23%2313525%23%2313589%23%231000024%23%2310648%23%2310137%23%2310080%23%2310086%23%2310088%23%2310089%23%231000037%23%2310539%23%231000036%23%2313612%23%2313740%23%2310031%23%2313423%23%2310544%23%2313425%23%2313428%23%2311321%23%2310106%23%2310366%23%2313566%23%2313439&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=9.277052E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=83432a40&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=31&renderer=1&be=0&rtime=19.0&adj0=0.0&tmax=300&s_ip=74.125.190.8&adj2=0.0&adj1=0.0&feedback_id=Yy4cHAAOJhMKj04M4g9Fyw&adtypes=0&mx_aabpc=0&reqid=Yy4cHAAOJhMKj04M4g9Fyw&sc=AU-VIC&mowxReqId=6f279b34f289407eba02067189f01947_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&bidrestime=1663966236973&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-39-16&coppa_enf=true&bdp=0.020&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=6f279b34f289407eba02067189f01947&actltime=32&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1663966837227&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=32.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=58630104571658_447290710_52982010441&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=38&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-7785899c56-tbrx9&currsrc_date=2022-09-23+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-23+20%3A50%3A36&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_PlW0iauo1ZKZxrzpzYP3ePS5A6KyvJMblZK3TywFQGsSNUaT4expFOmCgJ5W6N2S_wu&dmm_ogerpm=false&csip=rtb-common-istio-5db8d86554-tnj4x.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.31~vis_sd%3D564~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022092314~iurl_b%3D98135.43~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.23~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D30~riipua%3D143%2C147~et%3D10~rc%3D2%2C6~rps_sd%3D2022092314~vis_b%3D320.24~url_b%3D0.01~url_tvi%3D0~smm_wr%3D72.5372~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022092312~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3D1HeXvJkvUSzqc3mVMn~btd%3D242895678123472883512620293286923493980278545779401796738411051607890614681177755648~d2p_l%3D60~3pcf%3D15.2~uim%3D12957~og_msh%3D0.01~dmm_strg%3Dno_strategy~d2p_b%3D0.84~ogd2p_b%3D0.7~vurl_b%3D0.07~ss%3DNA~uiw%3D98~ce%3D0~rps_b%3D20.58~vurl_l%3D50~CI%3D2741~nts%3D3~tb%3D-1~ct%3Dport%20melbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D14.03~isif%3D0~lc%3D2~bid%3D0.02~dc%3D8~vl2r_b%3D0.52~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.31%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D9.277052E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D253&utime=1245&sf=0&cpr=0.4874038840641177
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236048&bpp=12&bdt=1511&idt=600&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=2&ga_vid=1261608654.1663966237&ga_sid=1663966237&ga_hid=1095755843&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2070&biw=1600&bih=1200&isw=336&ish=280&ifk=2865257694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C42531645%2C44772915%2C31062931&oid=2&pvsid=1467528731530751&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hntd2mee4by3&btvi=1&fsb=1&dtd=617
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 23 Sep 2022 20:50:38 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 24 Sep 2022 02:50:38 GMT
truncated
/ Frame 771B 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5317d93c91bff96ea9da60f4b150889602f306b40279915cf6fe9b936605aedf

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
smtr
contextual.media.net/ Frame 3FF7 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&nse=5&vi=1663966237874767125&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44/a44q/4&bcpf=B44%2Fa8fOnRrolnfOur844q%2F4&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D22%2Cpr%2C47%2Cj3%2C13l%2C150%2Cyf%2C133%2Chy%2Cy7%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2C12i%2Ci%2Ci2%2Ci5%2Cmz%2C12q%2Ciz%2Ccv%2C3%2C4%2C149%2C4k%2C13a%2Cji%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0757638078t202209232050&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=VIC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
162449fbab60d9a298cf82e62588dfa1570bf27822b5e973703bf2344e579c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Fri, 23 Sep 2022 20:50:38 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-z8j4
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33672
x-sc-w
22-l5pl
bping.php
lg3.media.net/ Frame 3FF7 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=621&&vgd_cdv=802&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1663966237874767125&ugd=4&lf=6&cc=AU&sc=VIC&lper=100&wsip=2886781335&r=1663966238417&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=140952&vgd_rakh=1663966237109908241&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0757638078t202209232050&vgd_pgids=1&vgd_uspa=0&hvsid=00001663966238414017418154096566&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 23 Sep 2022 20:50:38 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=57651
content-length
15
checksync.php
contextual.media.net/ Frame 7756 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d61a19b40876ff27c3d5af7857b9cf0ff937d0d978512ed80b14bcf32900a014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 20:50:38 GMT
expires
Sun, 25 Sep 2022 20:50:38 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 3FF7 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4976&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Yy4cHAAOMNIBc8fHJQ9ksg&s_city=singapore&ugd=4&bcat%3C%3E=10368%23%2311841%23%2310437%23%2310058%23%231000004%23%2310508%23%2310445%23%231000031%23%231000030%23%2310130%23%2311669%23%2313525%23%2313589%23%231000024%23%2310648%23%2310137%23%2310080%23%2310086%23%2310088%23%2310089%23%231000037%23%2310539%23%231000036%23%2313612%23%2313740%23%2310031%23%2313423%23%2310544%23%2313425%23%2313428%23%2311321%23%2310106%23%2310366%23%2313566%23%2313439&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=9.277052E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=83432a40&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=83&renderer=1&be=0&rtime=12.0&adj0=0.0&tmax=300&s_ip=74.125.190.143&adj2=0.0&adj1=0.0&feedback_id=Yy4cHAAOMNIBc8fHJQ9ksg&adtypes=0&mx_aabpc=0&reqid=Yy4cHAAOMNIBc8fHJQ9ksg&sc=AU-VIC&mowxReqId=d68207c4424740d588ab6c4aaea4714a_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&bidrestime=1663966236956&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-39-2&coppa_enf=true&bdp=0.020&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=d68207c4424740d588ab6c4aaea4714a&actltime=20&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1663966837210&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=19.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=57539810541597_1615094559_52982010413131&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=25&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-7785899c56-lzvc4&currsrc_date=2022-09-23+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-23+20%3A50%3A36&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_Pnb8C__aZ0mcW0oGQ22kWSt1L6r0cAvxGyhdreaAj3RTiUrqi0YxGfGjLgQaQgNtTIq&dmm_ogerpm=false&csip=rtb-common-istio-5db8d86554-v86rq.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.83~smm_bid%3D0.02~vis_sd%3D564~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022092314~iurl_b%3D98135.43~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.23~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D30~riipua%3D143%2C147~et%3D11~rc%3D1~rps_sd%3D2022092314~vis_b%3D711.25~url_b%3D0.01~url_tvi%3D0~smm_wr%3D72.5372~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022092312~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3D1HeXvJkvUSzqbZzHKu~btd%3D242895678123473281277145922287334288782462879782509380157467650731408581629540896768~d2p_l%3D60~3pcf%3D15.2~uim%3D12957~dmm_strg%3Dno_strategy~d2p_b%3D0.84~ogd2p_b%3D0.7~vurl_b%3D0.07~ss%3DNA~uiw%3D98~ce%3D0~rps_b%3D20.58~vurl_l%3D50~CI%3D2741~nts%3D3~tb%3D-1~ct%3Dport%20melbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D14.03~isif%3D0~lc%3D2~bid%3D0.02~dc%3D8~vl2r_b%3D0.55~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.83%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D9.277052E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D253&utime=1462&sf=0&cpr=0.5734474656173221
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 23 Sep 2022 20:50:38 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 24 Sep 2022 02:50:38 GMT
truncated
/ Frame 3FF7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
916e7fcfebf559891b0840b0b5efa1ed0f75b32ed5d5cd2ae6c204f054110246

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cksync
cs.media.net/ Frame 0265
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA2OTY3ODM4MTU0MDkzNzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 0265
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2F4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
392995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 07:40:43 GMT
expires
Tue, 19 Sep 2023 07:40:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B174 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
c6298fc378566f1c3e7ba7c8153f71e6f2c5c6ab8b1cac9e2f7b2c9ed06147dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2gWAXDWu9MgMXK0l0rvkAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-2gWAXDWu9MgMXK0l0rvkAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:38 GMT
expires
Fri, 23 Sep 2022 20:50:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D827 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
392995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 07:40:43 GMT
expires
Tue, 19 Sep 2023 07:40:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7EC4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
db30a12533a8bf008db3d68dd5e2b374118ca7a3c00137f77d593a6f3ab9ee69
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-buxy7L2GAI9lwga0lVJKZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-buxy7L2GAI9lwga0lVJKZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:38 GMT
expires
Fri, 23 Sep 2022 20:50:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cksync
cs.media.net/ Frame 7756
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync
cs.media.net/ Frame 7756
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA2OTY3ODM4MTU0MDk3NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame A2F4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:14:30 GMT
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1453126528;fpan=1;fpa=P0-1056483351-1663966238697;pbc=e6f2abc9-3528-4f0b-ab87-23fca47b6cfb;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1663966238697;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-109.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 22:05:19 GMT
via
1.1 58b09a46630ea2f6a75154a66e58b2e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
81921
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
rMlE3YUr2EmyfC_ZarzKo-9f1kcMzOBNGXINT3kYBqS1msH4eWygAQ==
pixel;r=1731858206;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html;uh=e51ed67dfb8d91dc24b15...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1731858206;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1056483351-1663966238697;pbc=e6f2abc9-3528-4f0b-ab87-23fca47b6cfb;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1663966238700;tzo=0;ogl=;ses=e5532626-7900-4370-88b1-b92d0b121dce
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame D827 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:14:30 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI1NjQwNzNfMTY2Mzk2NjIzODczOSIsInVzZXJJZCI6IjY0Mzc4MF8xNjYzOTY2MjM4NzM5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNDY2MTgxXzE2NjM5NjYyMzg3MzkiLCJwYWdlUGF0aCI6IiUyRmElMkZwaS1iZWktdHVpLXNhbi15aW5nLXlhbmctc2hpLWRpYW4tbWluZy04ZGEtc2hpLWNhaS15b3UteGlhby1rYW5nLXBpLWxhby1sYW4tbWVpLXllLXphaS1uZWkuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZwaS1iZWktdHVpLXNhbi15aW5nLXlhbmctc2hpLWRpYW4tbWluZy04ZGEtc2hpLWNhaS15b3UteGlhby1rYW5nLXBpLWxhby1sYW4tbWVpLXllLXphaS1uZWkuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjYzOTY2MjM4NzQwfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:39 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvcGktYmVpLXR1aS1zYW4teWluZy15YW5nLXNoaS1kaWFuLW1pbmctOGRhLXNoaS1jYWkteW91LXhpYW8ta2FuZy1waS1sYW8tbGFuLW1laS15ZS16YWktbmVpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcGktYmVpLXR1aS1zYW4teWluZy15YW5nLXNoaS1kaWFuLW1pbmctOGRhLXNoaS1jYWkteW91LXhpYW8ta2FuZy1waS1sYW8tbGFuLW1laS15ZS16YWktbmVpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 23 Sep 2022 20:50:39 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=895
content-type
text/html
content-length
555
expires
Fri, 23 Sep 2022 21:50:39 GMT
truncated
/ Frame 350C 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 350C 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 350C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 350C 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5529&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QweJEMKroUAGQNR86n271gSCaG3MWUOw1HLyo154uW51LTn0o5YOjBL1DzwkIp6fCXtdrcoFDEcnFR59KZfAEnhI9HgaJa300&cme=Q94tlGjVzEWF8R5X3wvCP_ir9gZID6g6GoRXtWyuQ_85Gru8ASk5baYZfrs-YDOBPH1Q8iewYeefyc7MhOqLjNBFXrguPp6cV4N47KVtE3cibyOtAsByvJUduHrFox_cxQ4HZtk9bgKIAmjimUF_vonJT2Cq_7ByKTg_Q1KjnxpI-KI7aba6ZuGmMMN-YCJjQHIkh9MrqfNCd9t-pQm4Sg%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7CH58gsiirI30dm57uEQRu5Pw2hPUxUbbaYYgW4t-hjuU9UHLYbfwJyMN4okVnHDYVThl4L22MWmYkYxI71KT4sc3Qwc-KUIAfuQ6h1BT3rba9HgfF6ADnrgIuAsUY2GmUv9sUp-Y5kGw%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CNmPP6lAxKj6DcwU8eiMlsCTRKoMeTAMa-i3jngmWy7Mf-2W5dxIvSb9JDgI_o19j6aArpC_zCS-muWZjDtXClylcXtzWQ7Tv3EBc2rlTDC9fCUB-J71ERHLYNOlvvfHJLxKs917jwDgh9-kRG3Nwx7xz0KRrfsnFV62tHdVf9KklzQewmuwLUzTXyWkMUNl8K13XtaZ10VUXGlaHM3L7nSw7REiyQoNiEY2yK8otyZc%3D%7C&v=1&geo=-37.83%7C144.92&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785163&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuOu99&kwd[]=Trendy+Clothes+for+Older+Women&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=329861602&kbc2[]=1%3D1.00%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D1.26%7C66%3D0.66%7C12%3D0.59%7C62%3D0.97%7C63%3D0.18%7Cps%3D0.501%7C3%3D0.26%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Trendy+Clothes+for+Older+Women&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=350575367&kbc2[]=1%3D1.22%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D1.23%7C66%3D0.44%7C12%3D0.37%7C62%3D2.07%7C63%3D0.18%7Cps%3D0.501%7C3%3D0.66%7C4%3D4.67&ktd[]=274894815488&ktrkt[]=Best+Stocks+to+Invest+in+2022&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=340189069&kbc2[]=1%3D0.33%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D0.33%7C66%3D0.84%7C12%3D0.19%7C62%3D0.51%7C63%3D0.18%7Cps%3D0.501%7C3%3D0.36%7C4%3D3.84&ktd[]=274894815488&ktrkt[]=Website+Maker+App&kwd[]=Best+Priced+Car+Insurance&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=48970281&kbc2[]=1%3D0.61%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D0.53%7C66%3D0.63%7C12%3D0.82%7C62%3D1.92%7C63%3D0.18%7Cps%3D0.482%7C3%3D0.38%7C4%3D4.36&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Vitamins+for+Hair+Loss&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=5&kid[]=30111142&kbc2[]=1%3D0.37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D0.42%7C66%3D0.82%7C12%3D0.17%7C62%3D1.72%7C63%3D0.18%7Cps%3D0.482%7C3%3D0.17%7C4%3D3.69&ktd[]=274911592704&ktrkt[]=Vitamins+for+Hair+Loss&cid=8CUABW64L&vi=1663966237929782620&tdAdd[]=ib%3D0&vsid=3069678381540985&tdAdd[]=asnum%3D140952&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=802&vgd_l3_sc=VIC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785163&vgd_nrrv=13273&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=port+melbourne&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1663966237133520996&sttm=1663966238214&upk=1663966238.22454&hvsid=00001663966238214017418154099689&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D22%2Cpr%2C47%2Cj3%2C13l%2C150%2Cyf%2C133%2Chy%2Cy7%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2C12i%2Ci%2Ci2%2Ci5%2Cmz%2C12q%2Ciz%2Ccv%2C3%2C4%2C149%2C4k%2C13a%2Cji%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D140952&&vgd_vstrid=3069678381540985&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~eBMJ-Nv9.Au~e8QMQOvXFH~ONfvu~QNOve8N~eM1QzvuH9iXf~ejfLMQOvf9ff9ifAuH~8xLjMGviWuAX.HA~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.fA~8Evu_b76F~kGGv9~e8QMxLjMjvA9~L88Ex1vuHA%2CuHh~J7vu9~LNvf%2CF~LEQMQOvf9ff9ifAuH~e8QMGvAf9.fH~xLjMGv9.9u~xLjM7e8v9~QYYMBLvhf.XAhf~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9ifAuf~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOv9~x8OvuqJte6UePbl%20NAY%2Fcz~G7OvfHfWiXFhWufAHhfWWAXufFf9fiAfWFifAHiAiW9fhWXHXhhiH9uhiFhAWHuu9XuF9hWi9FuHFWuuhhhXXFHW~OfEMjvF9~AENkvuX.f~x8YvufiXh~myMYQwv9.9u~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.WH~myOfEMGv9.h~exLjMGv9.9h~QQvIK~x8BviW~NJv9~LEQMGvf9.XW~exLjMjvX9~%3DVvfhHu~z7QvA~7Gvou~N7vEmL7nYJjGmxLzJ~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvuH.9A~8Q8kv9~jNvf~G8Ov9.9f~ONvW~ejfLMGv9.Xf~8exLjMjvX9~QxEEj5M71yM8Ov~e8JB1G8j875v9.Au~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvfAFX9huH9i~QmGEv~N7Lvi.fhh9Xf4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220331&vgd_scsver=319&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=VIC&vgd_l1rhst=contextual.media.net&hvsid=00001663966238214017418154099689&subBdr=196&bdrid=4&rc=0&rand=1663966238857&acid=6f279b34f289407eba02067189f01947&matm=1663966238857&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&vgd_ltimesrc=1&vgd_ltime=1562&vgd_rtime=1558&vgd_etm=11&vgd_l1hcsd=A11%7C6299&vgd_l1ch=1&vgd_lhl=3507&vgd_pgid=p0757638078t202209232050&vgd_adprefflag=11&vgd_csip=rtb-common-istio-5db8d86554-tnj4x.SG&vgd_sbSup=1&vgd_nrrs=13273&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 23 Sep 2022 20:50:38 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=42390
content-length
15
generate_204
tpc.googlesyndication.com/ Frame A2F4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_yH-Zg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D827 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DTQ6zg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7EC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=4123384570853731&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B174 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=2204077460075277&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 58FC 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 58FC 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 58FC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 58FC 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5520&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QweJEMKroUAGQNR86n271gSCaG3MWUOw1HLyo154uW51LTn0o5YOjBL1DzwkIp6fCXtdrcoFDEcnFR59KZfAEnhI9HgaJa300&cme=CswkZTcPekYrdpcvsyB7zBkS6kMPYyKytXKSsj0_pJdm04vh3aQr_f-S_IlsWth1K0ro8ZR4DrzXatnEC01qomVQnrlRfDddnfn4cy_u8kXYKG-40DbOrpFCYYLbLHOeHTxXOhwqOtWVrT4ZIfr0sCj2oiRfqZIfPyuqHiouqJCNI_N4QUhM7fvMIbeosbLG6Xs0EI7_QUuDA7UwUZ88jg%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CH58gsiirI30dm57uEQRu5Pw2hPUxUbbaYYgW4t-hjuU9UHLYbfwJyMN4okVnHDYVThl4L22MWmYkYxI71KT4sc3Qwc-KUIAfuQ6h1BT3rba9HgfF6ADnrgIuAsUY2GmUv9sUp-Y5kGw%3D%7CNmPP6lAxKj6DcwU8eiMlsCTRKoMeTAMa-i3jngmWy7Mf-2W5dxIvSb9JDgI_o19j6aArpC_zCS-muWZjDtXClylcXtzWQ7Tv3EBc2rlTDC9fCUB-J71ERHLYNOlvvfHJLxKs917jwDgh9-kRG3Nwx7xz0KRrfsnFV62tHdVf9KklzQewmuwLUzTXyWkMUNl8K13XtaZ10VUXGlaHM3L7nSw7REiyQoNiEY2yK8otyZc%3D%7C&v=1&geo=-37.83%7C144.92&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785182&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Trendy+Clothes+for+Older+Women&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=329861602&kbc2[]=1%3D1.00%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D1.26%7C66%3D0.66%7C12%3D0.59%7C62%3D0.97%7C63%3D0.18%7Cps%3D0.501%7C3%3D0.26%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Trendy+Clothes+for+Older+Women&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=350575367&kbc2[]=1%3D1.22%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D1.23%7C66%3D0.44%7C12%3D0.37%7C62%3D2.07%7C63%3D0.18%7Cps%3D0.501%7C3%3D0.66%7C4%3D4.67&ktd[]=274894815488&ktrkt[]=Best+Stocks+to+Invest+in+2022&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=340189069&kbc2[]=1%3D0.33%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D0.33%7C66%3D0.84%7C12%3D0.19%7C62%3D0.51%7C63%3D0.18%7Cps%3D0.501%7C3%3D0.36%7C4%3D3.84&ktd[]=274894815488&ktrkt[]=Website+Maker+App&kwd[]=Best+Priced+Car+Insurance&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=48970281&kbc2[]=1%3D0.61%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D0.53%7C66%3D0.63%7C12%3D0.82%7C62%3D1.92%7C63%3D0.18%7Cps%3D0.482%7C3%3D0.38%7C4%3D4.36&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Vitamins+for+Hair+Loss&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=5&kid[]=30111142&kbc2[]=1%3D0.37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D4.92%7C60%3D0.42%7C66%3D0.82%7C12%3D0.17%7C62%3D1.72%7C63%3D0.18%7Cps%3D0.482%7C3%3D0.17%7C4%3D3.69&ktd[]=274911592704&ktrkt[]=Vitamins+for+Hair+Loss&cid=8CUABW64L&vi=1663966237874767125&tdAdd[]=ib%3D0&vsid=3069678381540929&tdAdd[]=asnum%3D140952&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=802&vgd_l3_sc=VIC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785182&vgd_nrrv=13273&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=port+melbourne&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1663966237109908241&sttm=1663966238414&upk=1663966238.4088&hvsid=00001663966238414017418154096566&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D22%2Cpr%2C47%2Cj3%2C13l%2C150%2Cyf%2C133%2Chy%2Cy7%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2C12i%2Ci%2Ci2%2Ci5%2Cmz%2C12q%2Ciz%2Ccv%2C3%2C4%2C149%2C4k%2C13a%2Cji%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D140952&&vgd_vstrid=3069678381540929&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~eBMJ-Nv9.WA~QYYMG8Ov9.9f~e8QMQOvXFH~ONfvu~QNOve8N~eM1QzvuH9iXf~ejfLMQOvf9ff9ifAuH~8xLjMGviWuAX.HA~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.fA~8Evu_b76F~kGGv9~e8QMxLjMjvA9~L88Ex1vuHA%2CuHh~J7vuu~LNvu~LEQMQOvf9ff9ifAuH~e8QMGvhuu.fX~xLjMGv9.9u~xLjM7e8v9~QYYMBLvhf.XAhf~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9ifAuf~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOv9~x8OvuqJte6UePbl%20G2lqCx~G7OvfHfWiXFhWufAHhAfWufhhuHXifffWhAAHfWWhWfHFfWhihWfX9iAW9uXhHFhFX9hAuH9WXWuFfiXH9WiFhFW~OfEMjvF9~AENkvuX.f~x8YvufiXh~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.WH~myOfEMGv9.h~exLjMGv9.9h~QQvIK~x8BviW~NJv9~LEQMGvf9.XW~exLjMjvX9~%3DVvfhHu~z7QvA~7Gvou~N7vEmL7nYJjGmxLzJ~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvuH.9A~8Q8kv9~jNvf~G8Ov9.9f~ONvW~ejfLMGv9.XX~8exLjMjvX9~QxEEj5M71yM8Ov~e8JB1G8j875v9.WA~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvfAFX9huH9i~QmGEv~N7Lvi.fhh9Xf4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220331&vgd_scsver=319&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=VIC&vgd_l1rhst=contextual.media.net&hvsid=00001663966238414017418154096566&subBdr=196&bdrid=313&rc=0&rand=1663966239070&acid=d68207c4424740d588ab6c4aaea4714a&matm=1663966239070&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&vgd_ltimesrc=1&vgd_ltime=1680&vgd_rtime=1675&vgd_etm=8&vgd_l1hcsd=A11%7C6299&vgd_l1ch=1&vgd_lhl=3500&vgd_pgid=p0757638078t202209232050&vgd_adprefflag=11&vgd_csip=rtb-common-istio-5db8d86554-v86rq.SG&vgd_sbSup=1&vgd_nrrs=13273&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 23 Sep 2022 20:50:39 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=42389
content-length
15
log
lg3.media.net/ Frame 3FF7 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUABW64L&vi=1663966237874767125&hvsid=00001663966238414017418154096566&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=615&l2s_downloadTime=21&l2s_total=636&l2s_start=1096&l2s_sslTime=0&l2s_trfSize=33.2&l2s_decSize=89.9&l2s_encSize=32.9&l2s_nhp=h2&l1s_dnsTime=0&l1s_connectionTime=0&l1s_waitTime=857&l1s_downloadTime=138&l1s_total=995&l1s_start=81&l1s_sslTime=0&l1s_trfSize=55.7&l1s_decSize=162.1&l1s_encSize=55.4&l1s_nhp=h2&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663966236&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663966236069&bpp=10&bdt=1551&idt=615&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=2945658279797&frm=23&ife=1&pv=1&ga_vid=642682573.1663966237&ga_sid=1663966237&ga_hid=386076842&ga_fc=0&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=734309068&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773167%2C44769661&oid=2&pvsid=779030455766948&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5s5dayr57bub&fsb=1&dtd=633
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:39 GMT
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 23 Sep 2022 20:50:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FEA0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
dd49efcf2016be7634ab43ebf91559d4d5e5e66d445030d092317be16409eb99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0FE5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
075d8972da441898736c859a0f54f950ba2dcdf94996d15939016d564ed1fb91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11010
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E7%96%B2%E6%86%8A%E9%80%80%E6%95%A3%EF%BC%81%E7%87%9F%E9%A4%8A%E5%B8%AB%E9%BB%9E%E5%90%8D%E3%80%8C8%E5%A4%A7%E9%A3%9F%E6%9D%90%E3%80%8D%E6%9C%89%E6%95%88%E6%8A%97%E7%96%B2%E5%8B%9E%EF%BC%8C%E8%97%8D%E8%8E%93%E4%B9%9F%E5%9C%A8%E5%85%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-N8I0g7HasEnTx_js5nTbpQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=6873&dns=5&tcp=405&rrt=0&srt=827&pdt=1&clt=1285&dit=1285&a=3493&z=0.12191553355162621&gtm=2pu000&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 09:04:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
42388
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FEA0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:39 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1646875276526712&correlator=2711368641215292&eid=31069829%2C44773130&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D7523f3a0af01cb4%26hb_ap_bidder%3Damx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D74c726fdc54675b%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3De6b809a264849de4-22d86e3e4dd7003e%3AT%3D1663966237%3ART%3D1663966237%3AS%3DALNI_MaGtdl1FrqyB0lEadB6IAFGx_dp4g&gpic=UID%3D000009d95d1a4c06%3AT%3D1663966237%3ART%3D1663966237%3AS%3DALNI_MasT43dKigZalWp1TYk0fG85hXI5A&arp=1&abxe=1&dt=1663966239309&lmt=1663966239&dlt=1663966233644&idt=3637&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=30709266.1663966239&ga_sid=1663966239&ga_hid=3493&ga_fc=false&ga_cid=amp-N8I0g7HasEnTx_js5nTbpQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
f4ae4fcf4bae3f81a991ad473dd027881023a736f4a02f1636d08e1f5d77f9cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24301
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
805239aa4c6bae5fc0d1db04afb193246107cd6085d79a6753697bd5817f2f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11128
x-xss-protection
0
container.html
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2552 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:39 GMT
expires
Sat, 23 Sep 2023 20:50:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B9F3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
392996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 07:40:43 GMT
expires
Tue, 19 Sep 2023 07:40:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 37C5 		783 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
e35eff4f59afe86999c04efa6eaa3a05d2ad027b6a32964e00aec029ca208f1f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pcIkab9ukqn5wnREhWk7sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-pcIkab9ukqn5wnREhWk7sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:39 GMT
expires
Fri, 23 Sep 2022 20:50:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
log
hblg.media.net/ Frame 3FF7 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Yy4cHAAOMNIBc8fHJQ9ksg&s_city=singapore&ugd=4&bcat%3C%3E=10368%23%2311841%23%2310437%23%2310058%23%231000004%23%2310508%23%2310445%23%231000031%23%231000030%23%2310130%23%2311669%23%2313525%23%2313589%23%231000024%23%2310648%23%2310137%23%2310080%23%2310086%23%2310088%23%2310089%23%231000037%23%2310539%23%231000036%23%2313612%23%2313740%23%2310031%23%2313423%23%2310544%23%2313425%23%2313428%23%2311321%23%2310106%23%2310366%23%2313566%23%2313439&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=9.277052E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=83432a40&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=83&renderer=1&be=0&rtime=12.0&adj0=0.0&tmax=300&s_ip=74.125.190.143&adj2=0.0&adj1=0.0&feedback_id=Yy4cHAAOMNIBc8fHJQ9ksg&adtypes=0&mx_aabpc=0&reqid=Yy4cHAAOMNIBc8fHJQ9ksg&sc=AU-VIC&mowxReqId=d68207c4424740d588ab6c4aaea4714a_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&bidrestime=1663966236956&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-39-2&coppa_enf=true&bdp=0.020&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=d68207c4424740d588ab6c4aaea4714a&actltime=20&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1663966837210&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=19.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=57539810541597_1615094559_52982010413131&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=25&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-7785899c56-lzvc4&currsrc_date=2022-09-23+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-23+20%3A50%3A36&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_Pnb8C__aZ0mcW0oGQ22kWSt1L6r0cAvxGyhdreaAj3RTiUrqi0YxGfGjLgQaQgNtTIq&dmm_ogerpm=false&csip=rtb-common-istio-5db8d86554-v86rq.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.83~smm_bid%3D0.02~vis_sd%3D564~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022092314~iurl_b%3D98135.43~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.23~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D30~riipua%3D143%2C147~et%3D11~rc%3D1~rps_sd%3D2022092314~vis_b%3D711.25~url_b%3D0.01~url_tvi%3D0~smm_wr%3D72.5372~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022092312~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3D1HeXvJkvUSzqbZzHKu~btd%3D242895678123473281277145922287334288782462879782509380157467650731408581629540896768~d2p_l%3D60~3pcf%3D15.2~uim%3D12957~dmm_strg%3Dno_strategy~d2p_b%3D0.84~ogd2p_b%3D0.7~vurl_b%3D0.07~ss%3DNA~uiw%3D98~ce%3D0~rps_b%3D20.58~vurl_l%3D50~CI%3D2741~nts%3D3~tb%3D-1~ct%3Dport%20melbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D14.03~isif%3D0~lc%3D2~bid%3D0.02~dc%3D8~vl2r_b%3D0.55~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.83%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D9.277052E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D253&utime=1462&sf=0&cpr=0.5734474656173221&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 23 Sep 2022 20:50:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0FE5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AAF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=2204077460075277&bg=!MjGlMXXNAAYIxsuQKMY7ACkAdvg8WmBdzUYkTKEbbY8ZIzCGqx2kGvDFpFVoIHEIxul20y_Hdl3JAQIAAACBUgAAAAJoAQcKABPoJmkBGxejJVD6z-UUerbLDCxumQLA26az7SaS8PG-QeF21dBmaxW7VlAgTwTyMIVKEwtCxL4vF4Df9FS3RR__MfFI1szvmg6R6DbZ3JYFSVfo8KhdeSKpbbWjrh2zKqSidT7s-TAqcL9eNuzYYovXrlrvCXCBGnDfmnd--ak5xQavS01PSNZwKI-KNkjgdssIS5p6Q3dCio-YH7gjuibkC7S7cUq2NEW6ZeB3ASPt1vb8n7MymgduE6xBgXxVJkoRbEqT6oSlBrIUKHpaDOtN0YjY1XViW5fL_ShOKYre-meXZqDVQ5FOGmVYb9dKvALE1iIkJ89h6eWFeU25uErPLk2XuQp5BEiO-cvJVA1SgWmaI4Cg7TSk-TI6xXTpFG80CCq3b7eHpzHVv_Z8PjJyd0rT3K4TrcSndvlJVgo4959qk0CLZafzelRGwTKDpg0c87F4XWLX-yWz6CoiEZhkMVK-RaliBNvU45zIpGZWFFYCyZH-Vc21zS001mcg7JOtwgRwlEBHdeOiOepqufRSAAUK43CB93G7nBj5INpxNIGLxL8YTjsRTGcZwnksN6qtU74EksU2urQe5dHmV7wXmi7kddnlzqPRSGIIkM3LBzAkeh5cuC9X9mAU2AcDiEwQEjwgO0_gqKtZHpPuz5l8yy4S1wwr67N-RNJwVZy1fPI6Y-X6KzPnvh5b2FodNFTb158BTCqSXfjTGaaf275mH2EPmPbupA6qkiSJucloqTJBqrGWQPcdvosWMvvK0ZMDiKFM0vVOyswvKIiIC4_v5ti5S9LgIxE0kCam4LVj8OgvsqTBYhcm6rMN1ANLcqp9Vda-f33a_EW1WE_9LHBwIIvo_9Zzna4VdqkoNziEDyDvqVXiqgSDCs0uFhG8dSeCK-UK0yTbmuc4VkBUIfYX2EkVU2KE1ScBiYuqdLNplLB4ddoBJWCabr-O9NujA-CJtxAcP5o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1249 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=4123384570853731&bg=!5Oel56PNAAYIxsuQKMY7ACkAdvg8Wod88gRk2q5JCLO6lgnn3tSKqF92rzEyf43tHSvYcCGqPBQUVQIAAAB9UgAAAAFoAQcKAL-sw2VyVQICNyj0XWDTx2RzvxdS68Z-7eg8b9fPb5qldOjB8qKj9zOKX1LT3IkeIrsh5_eavNGhftH5p7ATJhol8MswYDMpowD0-uMJ-8ejR2MO90z8n2vDts-tng8agkVFxHRtYF5dO_ObcLXSvQOu9WWeX6jWR_jCHw7uJA8C0laUbQQL6FTZmLd4HyQuIXMTxMp_0Acjv_7be4QP0BKeeqis6IWE6C7q0wEbz1GkE-kTfC9NqnJEVVkADpjwS5kCw63qDtsbNFZQJ_nyvAMdIbytH9NvhKF35Gojk_3f0LtaWaN3iUREoiBpzjU_qvmxQXAO3YLA1AnpcAdqk-hX3UDeD5qXTmD3ZBpGdcVFT1asIVq3XtiRct4UONIC7rLvgyLU9xy30zU4aU-EVpoBfDQLbQCIvm1b-U1mMf4f1VcewTC1d9y_rFbidcCm2syxzqhrk-DOBXcSvQ4_UIYsJ2IzbW1_clTpsRNdLc_XzNj9QMJIcqD02edA80cr7X8l7BR78rRTmzPxKpG3qtYn0CnQw28fJTFs-0POsidsA34yELErcc7VqUVtPlcEkz489LHy0dlynI542HcCYpK3tE9y3pPOuPb_4pvN16BFr-6dJZPKBBB07qdewkB8JZYQyaqYl1ZqrNl4FNYSxPiszknwjB2z7B8O8vsYCAsmw8suqc-gulcHO9-jVe-uvvy9ENhf8MXVs8faraTcDiju6BMXjQfKdUQoVl6dEkfukW_1YRPjOlbN_zLh9ySHag1_nggi-B6qsuXlUnSVhX3Nnwtp8xWu43K5t-hIKpYVCuLhndaalN7ptTfkofkudExz_bAKP-qoyX6SWB8q3l_gLpaiLgzyXQmjel7ykeOl_qepTuku72uuWiIhFpFt_d6Usg-BL1pR-gP254idwjckmqQvlqvjO2R2aUGeF8lX0gl8Hs5E_CWvvHQILz_l1YLUqcFCraRwAusnWJw666Wa954njEikatg9AFaLZxJRXkazHidI5jLvQy-vFltl998q7rPWe-S2JoSEqnxWFJUICh8HlZu9eZ8GNxhvxeOSkXpjlDT1NzHsS6I8UAWuEBKLcURRPsFJzB5fPEctsyrOavMw6xYwHMgf_vKG65ZQaAbh9qeM97T0FT2jgbFM7Y8gSrFW985AIGIiPOyjLmzUSWL_YrFrYyZPOVuFz2af3K0Mgjhd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame B9F3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:14:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A34 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
392996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 07:40:43 GMT
expires
Tue, 19 Sep 2023 07:40:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D0C9 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
40ebdfdca9dc4986b996b7b4c761147a7eed8f81d8ef9fbc6c76dd78af73debe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kaf6R1lCDuL8gYT4QgNihQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-kaf6R1lCDuL8gYT4QgNihQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:39 GMT
expires
Fri, 23 Sep 2022 20:50:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D535 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
392996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 07:40:43 GMT
expires
Tue, 19 Sep 2023 07:40:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7BEA 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
c89cb9ff33762c274e0ad9f27e27cac13fa6990f93f54e6607ab3e6c2628ffb7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jCcdw0J3AlCUZs0ilf0nNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-jCcdw0J3AlCUZs0ilf0nNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:39 GMT
expires
Fri, 23 Sep 2022 20:50:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 1A34 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:14:30 GMT
container.html
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F1C3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:39 GMT
expires
Sat, 23 Sep 2023 20:50:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3A25 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:39 GMT
expires
Sat, 23 Sep 2023 20:50:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A817 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:39 GMT
expires
Sat, 23 Sep 2023 20:50:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
027e46465c959498b495b69991cf9d0148ba760edfa7d3097f3d41f8727b2a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74935
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:50:40 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9waS1iZWktdHVpLXNhbi15aW5nLXlhbmctc2hpLWRpYW4tbWluZy04ZGEtc2hpLWNhaS15b3UteGlhby1rYW5nLXBpLWxhby1sYW4tbWVpLXllLXphaS1uZWkuaHRtbCIsInRpbWUiOjE2NjM5NjYyMzk5NjR9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
server
nginx/1.14.0 (Ubuntu)
generate_204
tpc.googlesyndication.com/ Frame B9F3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Dl3BHg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 37C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=1467528731530751&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame D535 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:14:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7BEA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=1646875276526712&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D0C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=779030455766948&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bqi.php
lg3.media.net/ Frame 3FF7 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3404&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8PO15GP54&katbid=-103&katen=1&cme=CswkZTcPekYrdpcvsyB7zBkS6kMPYyKytXKSsj0_pJdm04vh3aQr_f-S_IlsWth1K0ro8ZR4DrzXatnEC01qomVQnrlRfDddnfn4cy_u8kXYKG-40DbOrpFCYYLbLHOeHTxXOhwqOtWVrT4ZIfr0sCj2oiRfqZIfPyuqHiouqJCNI_N4QUhM7fvMIbeosbLG6Xs0EI7_QUuDA7UwUZ88jg==||u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|sj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U|H58gsiirI30dm57uEQRu5Pw2hPUxUbbaYYgW4t-hjuU9UHLYbfwJyMN4okVnHDYVThl4L22MWmYkYxI71KT4sc3Qwc-KUIAfuQ6h1BT3rba9HgfF6ADnrgIuAsUY2GmUv9sUp-Y5kGw=|NmPP6lAxKj6DcwU8eiMlsCTRKoMeTAMa-i3jngmWy7Mf-2W5dxIvSb9JDgI_o19j6aArpC_zCS-muWZjDtXClylcXtzWQ7Tv3EBc2rlTDC9fCUB-J71ERHLYNOlvvfHJLxKs917jwDgh9-kRG3Nwx7xz0KRrfsnFV62tHdVf9KklzQewmuwLUzTXyWkMUNl8K13XtaZ10VUXGlaHM3L7nSw7REiyQoNiEY2yK8otyZc=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&vi=1663966237874767125&ugd=4&cc=AU&sc=VIC&bdrid=313&subBdr=196&startTime=1663966238408&vgd_l1rakh=1663966237109908241&l1ch=1&sttm=1663966238414&upk=1663966238.4088&hvsid=00001663966238414017418154096566&acid=d68207c4424740d588ab6c4aaea4714a&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.83~smm_bid%3D0.02~vis_sd%3D564~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022092314~iurl_b%3D98135.43~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.23~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D30~riipua%3D143%2C147~et%3D11~rc%3D1~rps_sd%3D2022092314~vis_b%3D711.25~url_b%3D0.01~url_tvi%3D0~smm_wr%3D72.5372~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022092312~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3D1HeXvJkvUSzqbZzHKu~btd%3D242895678123473281277145922287334288782462879782509380157467650731408581629540896768~d2p_l%3D60~3pcf%3D15.2~uim%3D12957~dmm_strg%3Dno_strategy~d2p_b%3D0.84~ogd2p_b%3D0.7~vurl_b%3D0.07~ss%3DNA~uiw%3D98~ce%3D0~rps_b%3D20.58~vurl_l%3D50~CI%3D2741~nts%3D3~tb%3D-1~ct%3Dport%20melbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D14.03~isif%3D0~lc%3D2~bid%3D0.02~dc%3D8~vl2r_b%3D0.55~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.83%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D9.277052E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D253&matchstring=hr%3D0%7Cbcat%3D22%2Cpr%2C47%2Cj3%2C13l%2C150%2Cyf%2C133%2Chy%2Cy7%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2C12i%2Ci%2Ci2%2Ci5%2Cmz%2C12q%2Ciz%2Ccv%2C3%2C4%2C149%2C4k%2C13a%2Cji%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D22%2Cpr%2C47%2Cj3%2C13l%2C150%2Cyf%2C133%2Chy%2Cy7%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2C12i%2Ci%2Ci2%2Ci5%2Cmz%2C12q%2Ciz%2Ccv%2C3%2C4%2C149%2C4k%2C13a%2Cji%7Ccsh%3D1&vgd_sc=VIC&infr=1&twna=1&stime=1663966237404&vgd_ecrid=1700080812610100250025000000500&l1hcsd=l1!A11|6299&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p0757638078t202209232050&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 23 Sep 2022 20:50:40 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=40054
content-length
15
generate_204
tpc.googlesyndication.com/ Frame 1A34 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vtuGwQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D535 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?sDUKSQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3FF7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUYBVuXR6ag6AwbcfEbyHF9e_XSDzT4rOxJ1xrRahFyWj829KhbVkOpQ-EjnJVGz64mG4j-1W2RquX9rd-s_MPEOOP&sig=Cg0ArKJSzOjU1UipsUS-EAE&id=lidar2&mcvt=1000&p=0,0,254,250&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663966237323&rpt=1949&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0E27 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVvoymFwQOSzp8CEdofKIfxXqtQgNSknAzdhSmhmm9yuRBcNxCfFvznMrziK90JSf_yDxKqu6FZ5pUZfcq5vcXjZTmqzQ
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F1C3 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAqEfyILhgGWQg8dHLtW4andTXXibYDfikK9Gybs4UxTH-H1-uvSgKSqXTIScNiBGEl1DqH3e40JC_Zp_GNMiGXfQbGg&cry=1&dbm_d=AKAmf-DS1O4eSEQjsKioapghaeFYzRtYtKGGHqozomzrOPGMPqWgjJLgTOCVnt-zwIg-cQPR98Krkkci-c9R1uY2iTMGWqCgKNHXpQ-d0Dhq2z4Bq2ps-9RS2SF7RuC8F6xZ5Fvwmrr2L0jSnmHsjrkPovOIvDwdzQz8pWjDgg2Pj2sO1ZkuhD_Z1wwtC9P-5irNDA8KloZVSsiZ9bneDllq8MEqjO9ADTeKsLXfkSQPbxRLaqSv6fFgbtK2m3daaZ25rQekDSd82i3HkATrEYRuPIwm9u0CmSSd0iQ7H_EaRtZSRm_yl_fwjd9jRzmLOds2cOhoO1YfevaD4Kp9jLcl4ofb6tg-_6FnmMzR4z3MIxL6r-EqiEvLC10sQKuAJXaWXkyh3TH6wQz7CYUgvrtSoW_525O_GZnSgQgORJhhMJFjiYfR-H-fPnH77hV4HEXd9A6w73a1_v_10PVfi0ZVjDCE26utH0N6PbWWhxJH25BNPul6Aovb2YQ15Ry2YFzf3XgfM6T4WXsvcZosHrhOoBcaetSEdmCJtoP_Qgo9eyc0Tyoscc9a27tHW0vecwLmW3ZJqS2qx3rtLbt4HLG4p8AimHF6WUwo8sM9AMiMFjVXL8KRd7aec7DaBLDX1ZuXyO3wfmPrRCb8XFjqIAxW6AdsmYDKeo-tPz6_410MqsFmaJ9Tzg2tWTYmneSYWTQdI4zB667-xum9BJuQ9LqmoBRPE9kJLymL0JnDtGmk595qVOvtkqdOzQrERrjNgftTtaSod7nuRXqeuuDJ0TVNiIsn-Iw9-K93mWMXZNWUf4etm05-sYp0HTdDBWvAts57tyWzjVZ8_JsFDddbnj1TScmj6Ud13kr5JFVL16RM0JMXCRqVU8-Uv72QU-tOWz5XPnIRt7a5vn6-V_AmObiwCTdLcyDmG7uB8-oe68K3oyuLKDl8R31lxo6ti-9wu0_AplghMsDqSOAk8gqq7odq_Avf4m8UKKpQjwCqvDe0ObiAspIeES6mKTQlDYc2INp3wttF3qUM571R-BM-lYd-ETz5T_iEub4RPx0OVIZpXO_68TIipWR1Yli4_lutS1jGLJ2wqUybN-MTLxl-8Y7VDYRVUMAPEw2BOojGr-mf_OyELKr0NvVDvR04hec4cktZD7b-kbdW2iR3_6W74siku9LfB84t1qiI0bqMeXkuht7AEnNcKiLE88jhHztFl8e2-TK9TSUfHe2fOMUjdbWC7d6G9Tg5vxtxeWQDorvflVMUIJ0sLWd_Dl8NJfCUkxJNp2489sRkdzOVOcdpn8IQbB9jrhCAo4Hihs7Avjs6BZqTQLssvvdpkARCVdxDLDBNWQh3G7iJPaIRk7M7XWMDnB3159vRfTKBFpjQ81t9aTHK30izx_-tK5aCVqYSrypbcL2IfgwsKfDgVGxUVNPlpyYrQQAoHxB97eMAGJcavGEQc8ZpoXPEx3kOT53b6JpYAhBOfoJlKjGcily29hkat8RHFc137_QYXW8Ete8xQzV3t6TJ_4roPGuDFiY_GbdhclSbd_CkBvcUv1kLjwKn4XvPGl-wEMCKVsgmSwqh6lgj0aDtLGHwd_EOXfEhJeM8OKZuZ34ovYhqQ3GxqDlPxaZwMFu4udQzJmxqxuRBnxs32O-dJA2OnzFba9KohN6pTgymDolnurvTgKCz7ZU1p1E-5PsMboVkkZGwCwGeVdwtJe44-kXoZe_ADlWrSdAJ0Q1VHCrCXI4qccVv0RAI-Q2EvWXeznJy8GWptwy5qGp91KpVmm0uo02Rysmv_PQCkfhO2zi4LQlxlDoxsD_QbKjvY0P1aONuCeYjNyf7zCxDymH8Y8uj98hqJJmHUBuXn6mo-ZqTh8oZmVU_QUxoP4EJyG495i8mSwI-Vi2WV3uPYQO0tSoq1yYEa5I3nAewkBTUP0QdtUSulqmUf6W9dbcMx5CTITGozvCL3xRQjAw3cLOYYiBjJa-ZqeeqBM1CNDBhnwhp8HbyuZmxnJ49HCjn7qSJLFwY4T9BPqnF9Y9Y9NNniBxTzgEFPwt7fL_Dj--mMgjNAxQ3lRH7k2hGqaR7q_SHFnvdfZSyNIj2wDMBbk6coIEB7t_0U5k3YpOol8epnw2N6xrdfmSqpeRxfAc10G1P52-a5Jp2UbwImEC-eXRgwF_0Bu_WFhXlRnxOz-s0nnOux_hglpXLYBjGEoLc4j4VEeP9jUMcm1BKbQb-DLQm4UphE6LfgTd6JbPb-PixJ1CI8yNiPh4sPL3rT6NELcaslefC6KAKrUMavQ1-akTI2H6n4AzKMZENbMEaYneLBuu_g20rPWjmDKpLNG9xZkjB4dm4If_RBSNi5Vz4fboJK7rPfuutoM19oVwQ96L1y7QPOF4KVbdy0dojGnXSM3_FORM31P2LSN1fM9mRxpQWJLUWCJ78uJltVRra8T21sXu4vXNbNR-fu-bmzKr7CjfbdMj4pDqRUl5YSr3f-D47aNSOcsvbM-_4GAyxvTxq7CsHlIqchj-vdLGkbWr64GVRYV3s9NWGwlOTA3E3YBDcYQWfjll3r0kZXrUY4rfgdVsCVdwqn-Su_aiOKGdYqSdgaATC14JQTuhZVZBDc2ayO24HW_1Z__UpOQlUE-AjQc6Wbf7vFnIxYWynwSxD28B10fNYp7PGcqoDzlzlxZYhCf8w2Yf-Rg4IgMZR_w92r1HKQ6bROD9UmB7RTeOazcrbj7YvJeNM3FuJEuYfHe-rto4Stnfv0XxYaBVZXZZwAmAW2VxS9lpSnJVACsdRC4Jg7bEF7ugcX94Y_ZLOgXLoU1AnrcXOnLAJeFF9HhhwIKevu0HqQY9pxSI_Zaq0wRWi_Zgg10-8upBrLp14Jhmu1zciimEU8OV5qzJsuyDHNMDOsG8CUjFoPxAcbvNrvk7x0CVymTbWeXRJg9rbbWR2X0KDZqAusxEKAIwXcoO6OsXfRTniap5s-lentf2v5arV8MM5tR4UapQrtzDOCbVThtNtoufwKZud7OwgToGxZM0SaQHW7rHnMaUQyrDjvKmxHhfS87hcXJHXLirfkBi8_tD_XPFXzM04Ht5-XsYOJsMP2XSDeMSPgHizR7B_FLbhkFFB803rb8pFDRpHuARnY_7gTiL0e1RzDvM8JoceMeAdhwRVG4b24ojsvIP9zlBDJNkysS7qBTFWSVxFc68Du6lellrHSOCwXZBBhYThDwvzcHcDaIqK9pLxOJ2LnahaTGl-tj6JEXO0AvIBeco0xpS1ssCA_c19yLPiOrw2USWD2By5c_twYDmyqPprt9g62lLU76p23hxpZ_bLaW778E_wrGLhCuCvs6hccU8gPL2tGKiXbZ1i1Tr95DZpksDfSz9YRSXV4YE9mtrTo42LI5UKJyNJtsozzCJSlQV1QRxD&cid=CAASJeRojQlubxz14NTC9VLj8xZZe6sNhwQUNWMlOF5epC7CwaNLw7A&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
1cfd95e2224e6050da377589a6bd208192ce79bcdbfcfde371fe39214fa7c286
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34473
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F1C3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aj-qcTmWexkmvgwM_7N9gcQ0JyK6t9-qtzuLixx-t1ixjAx3VmxxSYxBhPekbeFbm2oAcbJ621-XrB4-hyeoVMUpQZWW4rnflVWkCF2h5vT97QP1Y
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F1C3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 18:50:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F1C3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:15:07 GMT
l
www.google.com/ads/measurement/ Frame F1C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaTCItWGQMVxj5wZ3Q0vBBbJdUs-zEj39P_geHNQemy1Lz3cUuec1II_o4dxvJ976g3mPB3E1xDj29ee4ktBaIzcQYmg
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F1C3 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:40 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FC28 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVsK7Mz4PNGW4F4WN_DtnUIhrdc6lU7RNGWKhmpAASDPflWeBKts45Xr7vCzlCIzFLMBCVHMA0k7tyZnx8T7g8Qh6KOYA
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3A25 		79 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2m9h_WAsBlLAqYIUBb8cfAUspu1IwHMfsjjstko4ZOWIcUlgMnHEuh3vWE4cUgFl1ols9HsNOuXuMHt6AVobIt8TBsA&cry=1&dbm_d=AKAmf-Dr3GqR2dz9e4vd21sgG6sAGQIkjQl5mIKtqFCc62Zq-3cmfQTsUUMcm_3Nlo2uVVraFRwhKu1gGh5Wy5_Sn1VZ-rJSZxof4LNurYaH6eAGahsp5cvWwxorq-oLWPWC0lfxNgYYcrZRG30PDtKdggl44Afk7sYWdNwXrh85ixK6PRWCH21alsFCIosztb-SZXW20aTMvasUqUiyK5gNQc2GhgUaiwLMl1IV58S4HFszE7FtCze3O9DuCwrMukKfe6SW0EJ5goAivf5lv5v3ki7BjUcTQZIrPfqcdZZGuOl3Sp3otyUFSPj5EGKoFopOsOh0iHBCwtB1Kx3b9PA6s_WVDGsJFuG3as13LFPh02UiHHE5Fiz-ndVAaJIAuvYYVhcDg5sSRCZa04d4C9RH1hBTlIsVHzIvXNsa7b8Cm9xZbkBIL42EF3Cn-YGoza2kB85HaEipHlIu9kvwh0OJ85S6uFe7R2KBtfRuebScHimGwgef06pDYHuwqGix_FCy7ez9BNj_qrGkRVXVkhnt1P5DiuA3WxUZejlxwEtlJnm3WbG95f7IozAyeryF5w5g9buG_Z1RZzfu1YlDRkDQZsax1_WMnntAMVMQ5oSE4dfXuUttdZqXPUDNiXlz8PKK0JJEeLMhSlRf3V09zTLnUft5fuy9TD8mq6BXonww9IBVgqJuAORgvXEvH9-u3OI7UQgudMD60Wh95I9low79-Y3yXaryyKUI_zlxkaT0DPvlKCBkhJRSMYQtTGVBT39aCcfUBOqT5NH96FX_AiRe03VXatQhovVA1Gtieawu7VRaqfZri40O6Z0n8RiN_lOFVxUozNp4Woh8y7KmSeu2aBUQtA9djmw04ROgCG8SWMhcOo3sTq_vINQ8zMcPme3SaN8rIeIP5Seq4dsTaxiWQrztOWQr7z0lvKvZnAHanSSULP7QiM8-Z5u_xBg9qkVtJ4db_wLwaiYwhogpX5qzZTU4djDpkaDmFMYLzpT_963h0sEuRcrA0ge318UtD8iZ6cdV8qBmp02QWVk_kJNNtLTo6qdhhEwOEDw1dnKCk2ucrLzFpqW8GSyM0aRxOmvL3R4dcmNqvzv9WhTDJlebPhoiT0KmQkDfVbFUOc93lE_XnPfVOVjI0xAjKP62wN0zQKzIkhM9CjLdoDZOuk63x0OIsQ-JBAaxAgKnnQYms9XjmlWP2W97qTfDIbrIE_PouR1pjHUvHAFfeCod7dRUdzFlM_brT8ydSHfo3bQqYoplpxJdpYIGdEWvyIdvkFnRl4o930algir2fgPE7-RqxanslYnsqKjSNGhND_Vm8649shDvnZRyfNQS7gzaIMqespkZE3UnQy53oflxKQ5CmHGgqWZf8c3GVkzh3YfNQB3OmZQ_OrrEkp7B5NA-I1fcguF5OiZk0UbX_BhMxeV51crzBw1r9BoBZh1FbSZa-ZSoMY2jP5L9-Uu24mq1B0vbFgUTm-uBh7ymXQ4hoCTj4AbPlVQS1uyApcR7BpoqPBqmNxj_pkVCB51PDBTiJ9i3DmIiHpZIUETChxoCcC8ZZV7XlXnrSSxWVTpgvgxoVQSiE-eJg32YXDKNyI4M_uR5DTsSmElTfY579uHvzjxnUZFaUnki5uXYb9PSu2hhPCmhIXzi0T6bANd0-ftDpnMhpcRcdDBXiIDU6kpPvv1i6vSgKjUGr6qw_DW0KBM0_MwLoZJ7YKGbUlwjyVSlNq8WII2CKxQW4RGzK3XdRtvWCKf_Hg_pU1UhhdxBrxC9j5bNBcr9AiaL0Dz2KMnmFq1y0I9O2JmA8O7dWEv7tB57cPGlAmAgS23UkWeGKWPt8R-D0zAc5axxBZPseRbcHZTH4d9HD0T68ZYbdajcVgy7Yby-BFy1l6DXSUDzwf7uab4AJ91oG5PzJKIXT_J67OyI1iJq_pj7wqeJ1dPOTaEQeamKmyWXLfHxR5rldvdpAIjden5kp1_22pgdNx669-3ouUdSeHxtSqzqxfmf6gkjbOv8s50iLhfRyarRjgq8qzzagDwDdln2M3nh7yNjHuRh2V2veLJRn30uo_yDLSl8-Mb2PK3imPQ-rhUrMKl002cT7dsCiXmyDslslMMEldhBnvlEYxs4vCPJWtGIO-74BhRGLwU3ihSXxi9rD2ynEEVFJr8BPLms6HwEWBWYu_iYX6u-6V-7WiIF1jsrTQwj80aJLsFJMyMjv7KAqlkbwfCJ_MksN63w9sdk_D8qiKrIOcwSnpfMdhsxVXkF07dvHRxGUehbPKrs-qaZ3yOyWOK2WY3Ccc5Ppezea9AZD5zjeIhN3IbRqoPdEX_kWDv4nupw0o3NnfYuna-6XQdAyDXSPF5sK1eMnL5eqUsVcbOl_fA8yx5IC1AvwKkIrTAydtwIf8sl0SBcekRd46Afq5MmKP9luiJbRQ0V-M7grFBpo6Q1QHLIku-CXA60ObR0M81Aiy5oguKtQv0JBpiWU12N7nffwlajsog_nCH3frNf1Y9bZAgPXxLVNG8u5cnzSsPNMNJO0ZM3s408GZh2nrlngpF4sC_XwaR7lvUKb1HHeepxW8-zdwNQ330-E8TbMYWCE2xPgQL4_AGSpGOB2Z53n48EsIAxudyUS5zGJIkauq32imOGZPalOs3uS-LFJ76ZxeekTOdU3L23IfeFfU54WuYF_sdNZwYQRdQ_RFup2m0XfkpBmfwJQdAjKYdAO24eEqC0ClcWmDdh6vwJH7xr2xhFrBSs1JttOJBCnhKVCTVXF4DQfCJPyf50-ahQPidGYXCg2jKfQyWTEXI6-iDOGNrFjOcuxir60MBag-s6iog8bXwf1uiU5ow2X5bFceb4MWUM1-FzCPbZwWvIwCISrFtloNEp_hm0Rsrd0t9RZp2ES7EKJq51-pVQRpL2MAtYxzJHcAIVvrz9fFhZcrk0cdRFFkCNQyC69_L_vq75ZT9HPBOXfSHPuCb0QVErBc8bnZb7wsmHvVdG-4IHtXg_ql_VFlxpTFgJXYShHhVQSpObZfO9UVQtMYvuZL5XHhRn591sD6FzVJnQnu0IATsWLL-aNVqAqxNSDvesUTDD5vldYxWYAie5NeLXgs0ivYjAo_ycGxTo42OFETGwomCG9SS2Mx33NDPwo8oKPJ6kUx1bWfNIHGzDMJrPf1AabBH2AYuRtpJBaQTuGEfLuTVaIxGnbEDwvXXq8UjgrBdfPNXl8vqYWoVZkZteqCb4wKrHMfKhZvqvH9YQ1aLmBt8u3o9lDbjo8xXwsiWVHbE8RrcDm5g5PzWkiIG3HayorokjTe8dnBn0ILxBxmKwxpH8l6VXYLXX6YgzfgECXzxps1W6CxV7T4X1PEoLc8H1RXB2NZwqIE7D9q6w-nuBoFTO54PGmjkpucNnNoYiep-kzjKP-e64pypeVUoP376HUg0SJG-c6Dtw-FyPkBxUm4W02hP2bTNjtggrYulLB8-xNbYu3gJfPztHeOn211l_rGj55VPRfq5O74Ajq4yryZr0FD5YEqNh8ta9c8kIgFnL-4A_7ryq5sxtiIjAmKZJLiSN6Qgx-iaSSdIYVR9ro7OzLoWnaTbq6Q6CILUSSnOTssLHxwIATryIlsLcSgNdG-Dbf-r3Hg&cid=CAASJeRoisKflayG6EwhQLF22NOA10N5FlLDuy5qyQLkAeLIiKwMbeY&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a95bf470e167bce13f4c89c5ecf84b56dc61e4c87667efe9b263c955990d5119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A25 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9skZNNtuR16GcoPzpOljRCObxwR147aZe0yeuSDSj-fCgnGKVCdTa10yiDLtc2CxM4Zzw_0g6EDAq9HRsahHZe_YB1_G2Jf7TzkDekge-y6W0_EQ
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 3A25 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 18:50:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 3A25 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:15:07 GMT
l
www.google.com/ads/measurement/ Frame 3A25 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXyOvlngdMP7dG3mNL06gommrcyBimtasQnMpwBGjdGnqeYDBWSpr7aJWtXTEEgW7BV4WAXr8a7amDv20DlkJ536cHLw
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A25 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:40 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A817 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkyK_HxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNkCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL4SPlZfbSH3m8YRX-y0bAYLALqE7s0SEe27NgCO7rVxI3KtKjtAm4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=66Xifrz5J5o&uach_m=[UACH]&cid=CAQSPACsnQUxS3dsCW7q__FDmFEhYzis98TDcD6zUm589Jp0Mfd63BnCqr8_KfBF2boti0NcN39JMGCYvANEIhgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame A817 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kefpCM7xBnjYBGL4LRICAAAA-ONZtFtuTcOupkbjEB8cLmN1m1ciWLN_PLhTIQASAAA&wp=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
server
Kestrel
server-processing-duration-in-ticks
170560
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame 425E 		200 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
8da1d5524d6312edecf30714dbd3c14afcb5958416aadbb5e574839530fe4429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=30gHkURLj-A5UDJJCyow51idcRtIf_uBZr1CSNlmeJKv1o5MxQW5VE884gVgBZ-452wz00kRWV2t6QtHMLPs8Pewob9A_09v24PkUlgWSWX3WC7LCxDlHiRMw8quP1rZKV8_6cFvqdfrIZopwGjxu1VR9fl65jx0YmpMLU_-RWZmOL65lz6aYHSrfreYpSaxY8JIbFhv_XG0eIY5xSuxogvl1dnGs7aEy04MO-vZ7A-MsfcxttvinwoNAeutqLd1J_5jL_mqUUMrEUtA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
86211723
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame A817 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 18:50:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2380 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
20405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 15:10:35 GMT
etag
48472445140208031
expires
Sat, 24 Sep 2022 15:10:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame A817 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:15:07 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A817 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Sep 2023 12:05:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A817 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:50:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FEA0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=1467528731530751&bg=!tLelt_PNAAYIxsuQKMY7ACkAdvg8Wgywt5yYRevKFkDXf1pmjwgwjP81WLC5uB8VDPNWWjtFaFu08gIAAACyUgAAAAJoAQeZAqHPxSiA2t8p7VJQJBVkwxq5Xof7wH1MgCUMBE8RYmd4NPIJaemRNoCbdcLEZAaU5AYOJE_5T8KhvUKP3QYGQHyLhORgRhPIR2hEdBU5cwL4c1vWANirYcOygSFhUpkAdoDgpSOyR8uCuRWfxn0V3T_fueVwRzx6ikdL_3ehdQRiIgfoPdjX2pIGELTohjSYkvU_d9u5onnNlqDcauw_RwShrNW3HkBOZALSRyoumTlM_DsHGZQNC-ER98aAlnj3o38btnsrYsxxgoKDQffZRZ7iwkWwiay9aKS38ePovpBJyzckAr3ZFmfB90lv4KqdPT3XCm_2TSHeok_PRSQ-W0sNq-cA2kbXTL56dcSJ-q-_9KaZ0fo0PziUyIEIB1TriEgDP5bxc7PSYPf9F8fVb_V6xAY7Blg3EHUgAMAf4u3pgMap0U_iRNtqbiC-BHvZFot8u_kBBJDFyPySrvMPitH7_Ll3zBTlUsawPoODEubSCaKmZZYc5XlD3gCtnBRQ7GH8N7sm9E0olNB-v7S16ZvBGEa5zB2PBGigRrUUGbJQs_mFqbsUW0XEl6tnWOag52S8ODkdRhCpIjGnFpEMW6aFo5sdv7mwWDJuGN_-viY73W7kmPaHzJvZToBhfLdzcZ0HpwKcqg4nh6WvO4sZ5vhG-JDFUGI2VanakB_g3w1wIIHFFCBgS89aOyCd15mroLRbKjTyBV12-NxkMRjEarqPRIxUiQajptaqvTxHT9YFmsC80XYTdZRtoQGqd1gv39m7zMEpk25uEFg3K0ImL2bLt1Sdz__ddvZyNen5YxDZHFkd9l3tMByu-joiBWdLi3Mfg_unTWjgpVI86_GooXMQiU7CvPAiSR13tUPUI90g8D-Hq0_LVPDVKeLFk1r8dGWQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 0E27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1&C=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVvoymFwQOSzp8CEdofKIfxXqtQgNSknAzdhSmhmm9yuRBcNxCfFvznMrziK90JSf_yDxKqu6FZ5pUZfcq5vcXjZTmqzQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f6276f684b5a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVBtl%2BCsTM0bkozmLPGllJAR8UzxjZ5ccmSUrNSFjDacbEIRf1%2FdeYfKJRzoLoMS%2BSXroPb8uKnqUG5vD26VfQ2nNiM3Lx%2FtwCg7HoF22muB9bxdqOMDNSP74EQ6zHj9iQ0kwFY3xTZmTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzrPwEDDWSCnyLBQWiq1CoCs%2Ba16Fyn507vZqYS%2BBw4Gpatnoiu4Oe9%2B0q29u7%2BbD3unAOtjOYxkPhQw0hlkluaVdgWTqcTCCynGCHRA1Ayox01W9DAcrxShhlxGdWyuha7%2BsJVe5aywXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1&C=1
cache-control
no-cache
cf-ray
74f6276d7f795aac-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0E27
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy4cILKEHw4EVhBn.HX6jwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1&google_hm=2
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVvoymFwQOSzp8CEdofKIfxXqtQgNSknAzdhSmhmm9yuRBcNxCfFvznMrziK90JSf_yDxKqu6FZ5pUZfcq5vcXjZTmqzQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f62772dbd55a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VYkXmm%2BSrSygmCn0mZxU2VTz6QX29tXHhdgBZ69miK7XHFJl9i%2BvcWcREn52A8wWVxP1nWcdGKljuqxltEUKKt7thPb91xWIq8SbjdRuMgiWymcMHuZUsqWu%2FZT8R%2FC3rJ69%2FTM6KSXMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPNceg-hX4oHunNs7jVnOUo&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0E27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_xgNQWQACUGEE5s5CG4Es&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_xgNQWQACUGEE5s5CG4Es&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVvoymFwQOSzp8CEdofKIfxXqtQgNSknAzdhSmhmm9yuRBcNxCfFvznMrziK90JSf_yDxKqu6FZ5pUZfcq5vcXjZTmqzQ
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:40 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
776be8f6-9366-4056-b833-58c223499016
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_xgNQWQACUGEE5s5CG4Es&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E27
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwNjY5MzcxMDQwODEwMzA0MQ%3D%3D
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwNjY5MzcxMDQwODEwMzA0MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVvoymFwQOSzp8CEdofKIfxXqtQgNSknAzdhSmhmm9yuRBcNxCfFvznMrziK90JSf_yDxKqu6FZ5pUZfcq5vcXjZTmqzQ
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:40 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a5596f07-644b-4717-998e-5dcf8426bf11
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwNjY5MzcxMDQwODEwMzA0MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FC28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIRDZMoTjn-LgbbMASqvB0A&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIRDZMoTjn-LgbbMASqvB0A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVsK7Mz4PNGW4F4WN_DtnUIhrdc6lU7RNGWKhmpAASDPflWeBKts45Xr7vCzlCIzFLMBCVHMA0k7tyZnx8T7g8Qh6KOYA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIRDZMoTjn-LgbbMASqvB0A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC28
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTkzMTQ3NWEtNTVkOC0yZTU4LWU0YjEtYjFhZDBhYmU5MTY2
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTkzMTQ3NWEtNTVkOC0yZTU4LWU0YjEtYjFhZDBhYmU5MTY2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVsK7Mz4PNGW4F4WN_DtnUIhrdc6lU7RNGWKhmpAASDPflWeBKts45Xr7vCzlCIzFLMBCVHMA0k7tyZnx8T7g8Qh6KOYA
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Sep 2022 20:50:40 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTkzMTQ3NWEtNTVkOC0yZTU4LWU0YjEtYjFhZDBhYmU5MTY2
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame FC28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFeMyg4zyu6iwOrFwFGm9K8&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFeMyg4zyu6iwOrFwFGm9K8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVsK7Mz4PNGW4F4WN_DtnUIhrdc6lU7RNGWKhmpAASDPflWeBKts45Xr7vCzlCIzFLMBCVHMA0k7tyZnx8T7g8Qh6KOYA
Protocol
H2
Server
23.207.37.41 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-37-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 23 Sep 2022 20:50:41 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFeMyg4zyu6iwOrFwFGm9K8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC28
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YWI2MzQ5ODMtMzU0MC00MGE4LTk2ZjAtZDY5NDg3OGUxMWQy
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YWI2MzQ5ODMtMzU0MC00MGE4LTk2ZjAtZDY5NDg3OGUxMWQy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVsK7Mz4PNGW4F4WN_DtnUIhrdc6lU7RNGWKhmpAASDPflWeBKts45Xr7vCzlCIzFLMBCVHMA0k7tyZnx8T7g8Qh6KOYA
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YWI2MzQ5ODMtMzU0MC00MGE4LTk2ZjAtZDY5NDg3OGUxMWQy
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 23 Sep 2022 20:50:40 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 2380 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBmTqNZSOe0ScZqnx9yR9vM&google_cver=1&google_push=AZmPxg88BFcZzvetE_1jLOPiyKOfYeTnOt5Hvc82hFcX4iQtViehY6-okDhCL-iwkcxKQqMEsswHWLzJdpgxQwVOF40W1zQF8LySKFBZvk-OUj5dMnZmpeVgNXvRDUCASp02Za9UhDpH_XY
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966241.909626,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11260-MEL
pixel
cm.g.doubleclick.net/ Frame 2380
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELoSdGlo-tIuv-U3CzDzm_4&google_cver=1&google_push=AZmPxg9Z0dLu2tKcOmpXLLKBYuWry9aruLJRiRbIWf8kokCx0budxAeGldMDHmR4TuMWH-AW0JweED2ZZbi1UQZ2pY...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzZjMmVhMGMtZDQwYy00YmY0LTgzYjctNDMxNmJiODg5YmE2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzZjMmVhMGMtZDQwYy00YmY0LTgzYjctNDMxNmJiODg5YmE2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzZjMmVhMGMtZDQwYy00YmY0LTgzYjctNDMxNmJiODg5YmE2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 2380
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBn2QG3wBw-yTpZIXMWt85k&google_cver=1&google_push=AZmPxg_HtD4GSO9xiEJez-zl18UxYuRCiX_Fa9A4gPCpanS3I7jMMTbelYBSrXbdKUSCiV1PF1ZFCyZpjjlmGkzFKqA5GM-M3nTA4...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_HtD4GSO9xiEJez-zl18UxYuRCiX_Fa9A4gPCpanS3I7jMMTbelYBSrXbdKUSCiV1PF1ZFCyZpjjlmGkzFKqA5GM-M3nTA4a4olQZ7htCm-3WuTOPRSLGQzHq72M2MS0...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_HtD4GSO9xiEJez-zl18UxYuRCiX_Fa9A4gPCpanS3I7jMMTbelYBSrXbdKUSCiV1PF1ZFCyZpjjlmGkzFKqA5GM-M3nTA4a4olQZ7htCm-3WuTOPRSLGQzHq72M2MS0GQLXYAT6E&google_hm=6ggerDUpydIXJaejE0VlvA==
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_HtD4GSO9xiEJez-zl18UxYuRCiX_Fa9A4gPCpanS3I7jMMTbelYBSrXbdKUSCiV1PF1ZFCyZpjjlmGkzFKqA5GM-M3nTA4a4olQZ7htCm-3WuTOPRSLGQzHq72M2MS0GQLXYAT6E&google_hm=6ggerDUpydIXJaejE0VlvA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
uispo8q397lc6qnf0c6bqn7hov6vtkf0
pixel
cm.g.doubleclick.net/ Frame 2380
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJCWmQWeK3paOWmSvU6KA6Q&google_cver=1&google_push=AZmPxg-J7P6UM4PxntZ6B9bl1Tihev5Z9xPJpPF6btITOWY0KKsNzCOuWXuZiGm1hZuCppG04fC6XgCBLujim...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJCWmQWeK3paOWmSvU6KA6Q&google_push=AZmPxg-J7P6UM4PxntZ6B9bl1Tihev5Z9xPJpPF6btITOWY0KKsNzCOuWXuZiGm1hZuCppG04fC6XgCBLujim...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-J7P6UM4PxntZ6B9bl1Tihev5Z9xPJpPF6btITOWY0KKsNzCOuWXuZiGm1hZuCppG04fC6XgCBLujimy0mkwdj0XaDkvE1elLD-7H5WuaDYekwwFZtZEed_JLvukY...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-J7P6UM4PxntZ6B9bl1Tihev5Z9xPJpPF6btITOWY0KKsNzCOuWXuZiGm1hZuCppG04fC6XgCBLujimy0mkwdj0XaDkvE1elLD-7H5WuaDYekwwFZtZEed_JLvukY4tY6ySAIwGUA&google_hm=YVlUbF94VEZTeXJqcFI1cDJkSS0=
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:42 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-J7P6UM4PxntZ6B9bl1Tihev5Z9xPJpPF6btITOWY0KKsNzCOuWXuZiGm1hZuCppG04fC6XgCBLujimy0mkwdj0XaDkvE1elLD-7H5WuaDYekwwFZtZEed_JLvukY4tY6ySAIwGUA&google_hm=YVlUbF94VEZTeXJqcFI1cDJkSS0=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
279
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2380
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKft-vkKcxQH1aF3ExbFHAk&google_cver=1&google_push=AZmPxg9pR3c8AARYiWZPsvftzkOUCo6yUop8jF92ok1FLIdRzFX8VnSs7Q4sLcGDVQVYuxc7m57HvSZ-9BhJllnTsX...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM4NzM0NTQzOTI4MDcwNDI2MjI&google_push=AZmPxg9pR3c8AARYiWZPsvftzkOUCo6yUop8jF92ok1FLIdRzFX8VnSs7Q4sLcGDVQVYuxc7m57HvSZ-9BhJllnTsXfl...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM4NzM0NTQzOTI4MDcwNDI2MjI&google_push=AZmPxg9pR3c8AARYiWZPsvftzkOUCo6yUop8jF92ok1FLIdRzFX8VnSs7Q4sLcGDVQVYuxc7m57HvSZ-9BhJllnTsXfl5B91g6EDgv6ZiRo1B-Fxmnd9lfsgQF4Qj9bgN0suU4-PokZa64E
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM4NzM0NTQzOTI4MDcwNDI2MjI&google_push=AZmPxg9pR3c8AARYiWZPsvftzkOUCo6yUop8jF92ok1FLIdRzFX8VnSs7Q4sLcGDVQVYuxc7m57HvSZ-9BhJllnTsXfl5B91g6EDgv6ZiRo1B-Fxmnd9lfsgQF4Qj9bgN0suU4-PokZa64E
Date
Fri, 23 Sep 2022 20:50:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pub
cs.chocolateplatform.com/ Frame 2380 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECWeodp6sUzYW4iSqX1wblc&google_cver=1&google_push=AZmPxg-3vIcvzK5QtyH-Kx121LWC4TnFybAsvdhon7OIMrTuyhKMjELaDjB5BY_2vq5Knyo7mWPLP_vdAWFWS2oq0bA-KdkogwNUwl-Cv-5IGygiBz2FLVcV9BRUKPvJcMdgceyfb_7MzQE
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 20:50:41 GMT
server
CookieSync Server
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame 2380
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEJ5B-XkNur7xFU4xD6KCWPE?ext-param=AZmPxg8ZQ0NY2ZvilQUj3G9aGE2-xz6gvqlbOMVXuUJuzRUsZ2t9ByDtMKwiqZvUqu5rxZZEkuHlQXc122C2b6VB99AN5kGCl-cBliVDcOVRcZpsYhYmSXvBxudL...
  • https://an.yandex.ru/mapuid/google/CAESEJ5B-XkNur7xFU4xD6KCWPE?redir-setuniq=1&ext-param=AZmPxg8ZQ0NY2ZvilQUj3G9aGE2-xz6gvqlbOMVXuUJuzRUsZ2t9ByDtMKwiqZvUqu5rxZZEkuHlQXc122C2b6VB99AN5kGCl-cBliVDcOVR...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJ5B-XkNur7xFU4xD6KCWPE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:42 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Fri, 08 Sep 2023 20:50:42 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2380 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBmjJdcBibqRMAx_RckUZjDgmSKLGsMOFDzCiqa0-U2eMu975xN27AaHBzMjv-cpVBRpuWXA
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 0FE5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=779030455766948&bg=!ZWalZiLNAAYIxsuQKMY7ACkAdvg8WnxGGaInwF1Ul0RWaItK-w_Wh71XyRjdpzMZPf3kfQBPnRReEQIAAABWUgAAAAFoAQcKABHwRnUwTldenzY0n_tE8B1iRJkCrxlVrHGNdAaPfRWi6Hvd_JYk_y0vfANOxfsGwB2R2FcQq3FCVePgD4SmaHFThEQZV_9eLmoI_kUcQnd9TUA4m_eP3qQVt4hd7fxkde1SapKkz3F7OswdJSTC7n8-V7lXRcsb3ppRHFWqAbKoE8KbESc5yr2ldX6tBFgNHCdXMWxse2mDY7__192CiDGoOIhTZpf4Fpvfd0jw2c0UwuXmOtgDI-Gk8xpGoYZyd0ygkn-ZsRwmIe84v2igDGmWU772cXG5VsGGKzuofQIPEQh_pI3g3O-lLWBy5zGfw3uPvvYjfy_wbB7YR1m9CYGSuMPrRWghFDFWxeaZ4kGD0HxNHMM3phZjkBfo6WhFtUeQ0rCKwAVF3ywZ8R7kQhmh5fhIkfIhdYyBlZDnjSfLNIRkrtX2TxcthWk3z5tZrbfmnTW7jFUsBXanV2-HimQLbmvb4uQ_WQb3F2fywgpmHWb_xpzahkEC_W7HIIY-UIcq4VPDiqihBD_5SRWx7UDrbQElTOwdMhX4JzZnndI0qMSEmQruyUeQNtCUgUgUJZ51LmklBYvyIKJWTgX00Z0UOTryeXMxD_sImSxgdMcy2ddM2TX2Rol1bfCNvTkVSV5hZyROsErIBFO851d6iMXdnNkOvEWmG3HUFiNi0gfWPj3I8dT2AcJdQwNLpZHDTTdL7SBXG5FPbl9v7CRqQy2_t79RPlmpBdjxnvXEuX0OBHkkvlc3ofYhFLQUzjPnHHvT8sZPqgXS-saeR6_vghbMsnMZkYKbaUm1lRbzJA-wfw2g5kd4n9itmw8s6PD-bB_8nT0Mp5_GJlR1EUH2aQ4i2RCZCr2hBb1xK4MRzXoj_6GBTSLX8rq-fQdGdGNsl0G9LSy-djoItkh52c5-s4T2tjmdoq14sn732TCTwykfNZIZJg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Sep 2022 20:50:41 GMT
truncated
/ Frame A817 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9877da08d685c71893cf2679c5cd1a849fec02bb120785d94d097fcba44eed7b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=1646875276526712&bg=!lZalltLNAAYIxsuQKMY7ACkAdvg8WpD_GY7BRYQHgRJw0LC-3yIwE5JGj2yNdKiQG_EYrsYB8NB7qwIAAABNUgAAAAJoAQeZApetNtP2M5bLRemSOsplbv-5pIBarygY81oWW5hOXEC7S-YyWM-jzkX4VFUsHDV6o1iFgmBk-OYK7D7Pw-XBkTJWibXxjLb_YUIzbO09H8BueW6-7EIiIyBnLlmlpOOAY_UYw5oF8ltEjWQHtiQZl0aoAglXIP8c-Zrkek2PvfnswufS8qO0f9SnQhFBxgNVySpsIgAmjQhmqIt84xtHTR2-vduy8537VdMgZxEWazawFDuI6L5cTCzppMswXeDAQ1KosIaiuwYfWkIrlvO6TXzq-xRub549pWtsmt2ivgzbK0tvjGIsv1HK4iBX2YePhxjuopg3L3nem3fijabpMbyf-62qEZyRyVFP9SnF2Y9gSPa5AlME6h1ZfPgpEg5rJxHLUxXqmrKpFSLME5ktHlNNyc5Z1ybUINBxzkXY2nEQjwY2d9KA9zYJqRn_llkkxt_pF1MKZXreS7P6cqX6u06a2BLLcVv2L6nAiCj6o6XtuRaRATIEkpQn7_Oq8hRnttkmga9WSoojr34sK7x1sz3ilXDPvICoScTu-wPEYKgXJReL6AVM3IjPL-EpxeQ9jeUZkMmOoCsdSEQprGS5_VvNU0e3jl4M1hIkRjaJ3hsqSo2CLpjxGEb4-U5f1WXmXDwBLv_jLLcTuEPQWnqi57q5eNK-mkpLfW-WX3DYVxTCmSGb54HhUYRiYkBMg_XlWMz6hiHoK_iKrZULIyk3dmEf3yOnoXutI3HtyjisPVozeW547oO3r0l4MxX0YQaz5quaUS1L-nyYNgAK_FRL57Y6pqtKJAbEXyFf6eOZiegk5uiqBd1ypbV58zispMJzvVcVMTq64IT0Lobv-oYVH_Zywd3tIZ2Uz8mavKO2qflDY_X5nY062j8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9l0&_p=3493&cid=30709266.1663966239&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663966240&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&dt=%E7%96%B2%E6%86%8A%E9%80%80%E6%95%A3%EF%BC%81%E7%87%9F%E9%A4%8A%E5%B8%AB%E9%BB%9E%E5%90%8D%E3%80%8C8%E5%A4%A7%E9%A3%9F%E6%9D%90%E3%80%8D%E6%9C%89%E6%95%88%E6%8A%97%E7%96%B2%E5%8B%9E%EF%BC%8C%E8%97%8D%E8%8E%93%E4%B9%9F%E5%9C%A8%E5%85%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F1C3 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Origin
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 02:05:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame F1C3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAqEfyILhgGWQg8dHLtW4andTXXibYDfikK9Gybs4UxTH-H1-uvSgKSqXTIScNiBGEl1DqH3e40JC_Zp_GNMiGXfQbGg&cry=1&dbm_d=AKAmf-DS1O4eSEQjsKioapghaeFYzRtYtKGGHqozomzrOPGMPqWgjJLgTOCVnt-zwIg-cQPR98Krkkci-c9R1uY2iTMGWqCgKNHXpQ-d0Dhq2z4Bq2ps-9RS2SF7RuC8F6xZ5Fvwmrr2L0jSnmHsjrkPovOIvDwdzQz8pWjDgg2Pj2sO1ZkuhD_Z1wwtC9P-5irNDA8KloZVSsiZ9bneDllq8MEqjO9ADTeKsLXfkSQPbxRLaqSv6fFgbtK2m3daaZ25rQekDSd82i3HkATrEYRuPIwm9u0CmSSd0iQ7H_EaRtZSRm_yl_fwjd9jRzmLOds2cOhoO1YfevaD4Kp9jLcl4ofb6tg-_6FnmMzR4z3MIxL6r-EqiEvLC10sQKuAJXaWXkyh3TH6wQz7CYUgvrtSoW_525O_GZnSgQgORJhhMJFjiYfR-H-fPnH77hV4HEXd9A6w73a1_v_10PVfi0ZVjDCE26utH0N6PbWWhxJH25BNPul6Aovb2YQ15Ry2YFzf3XgfM6T4WXsvcZosHrhOoBcaetSEdmCJtoP_Qgo9eyc0Tyoscc9a27tHW0vecwLmW3ZJqS2qx3rtLbt4HLG4p8AimHF6WUwo8sM9AMiMFjVXL8KRd7aec7DaBLDX1ZuXyO3wfmPrRCb8XFjqIAxW6AdsmYDKeo-tPz6_410MqsFmaJ9Tzg2tWTYmneSYWTQdI4zB667-xum9BJuQ9LqmoBRPE9kJLymL0JnDtGmk595qVOvtkqdOzQrERrjNgftTtaSod7nuRXqeuuDJ0TVNiIsn-Iw9-K93mWMXZNWUf4etm05-sYp0HTdDBWvAts57tyWzjVZ8_JsFDddbnj1TScmj6Ud13kr5JFVL16RM0JMXCRqVU8-Uv72QU-tOWz5XPnIRt7a5vn6-V_AmObiwCTdLcyDmG7uB8-oe68K3oyuLKDl8R31lxo6ti-9wu0_AplghMsDqSOAk8gqq7odq_Avf4m8UKKpQjwCqvDe0ObiAspIeES6mKTQlDYc2INp3wttF3qUM571R-BM-lYd-ETz5T_iEub4RPx0OVIZpXO_68TIipWR1Yli4_lutS1jGLJ2wqUybN-MTLxl-8Y7VDYRVUMAPEw2BOojGr-mf_OyELKr0NvVDvR04hec4cktZD7b-kbdW2iR3_6W74siku9LfB84t1qiI0bqMeXkuht7AEnNcKiLE88jhHztFl8e2-TK9TSUfHe2fOMUjdbWC7d6G9Tg5vxtxeWQDorvflVMUIJ0sLWd_Dl8NJfCUkxJNp2489sRkdzOVOcdpn8IQbB9jrhCAo4Hihs7Avjs6BZqTQLssvvdpkARCVdxDLDBNWQh3G7iJPaIRk7M7XWMDnB3159vRfTKBFpjQ81t9aTHK30izx_-tK5aCVqYSrypbcL2IfgwsKfDgVGxUVNPlpyYrQQAoHxB97eMAGJcavGEQc8ZpoXPEx3kOT53b6JpYAhBOfoJlKjGcily29hkat8RHFc137_QYXW8Ete8xQzV3t6TJ_4roPGuDFiY_GbdhclSbd_CkBvcUv1kLjwKn4XvPGl-wEMCKVsgmSwqh6lgj0aDtLGHwd_EOXfEhJeM8OKZuZ34ovYhqQ3GxqDlPxaZwMFu4udQzJmxqxuRBnxs32O-dJA2OnzFba9KohN6pTgymDolnurvTgKCz7ZU1p1E-5PsMboVkkZGwCwGeVdwtJe44-kXoZe_ADlWrSdAJ0Q1VHCrCXI4qccVv0RAI-Q2EvWXeznJy8GWptwy5qGp91KpVmm0uo02Rysmv_PQCkfhO2zi4LQlxlDoxsD_QbKjvY0P1aONuCeYjNyf7zCxDymH8Y8uj98hqJJmHUBuXn6mo-ZqTh8oZmVU_QUxoP4EJyG495i8mSwI-Vi2WV3uPYQO0tSoq1yYEa5I3nAewkBTUP0QdtUSulqmUf6W9dbcMx5CTITGozvCL3xRQjAw3cLOYYiBjJa-ZqeeqBM1CNDBhnwhp8HbyuZmxnJ49HCjn7qSJLFwY4T9BPqnF9Y9Y9NNniBxTzgEFPwt7fL_Dj--mMgjNAxQ3lRH7k2hGqaR7q_SHFnvdfZSyNIj2wDMBbk6coIEB7t_0U5k3YpOol8epnw2N6xrdfmSqpeRxfAc10G1P52-a5Jp2UbwImEC-eXRgwF_0Bu_WFhXlRnxOz-s0nnOux_hglpXLYBjGEoLc4j4VEeP9jUMcm1BKbQb-DLQm4UphE6LfgTd6JbPb-PixJ1CI8yNiPh4sPL3rT6NELcaslefC6KAKrUMavQ1-akTI2H6n4AzKMZENbMEaYneLBuu_g20rPWjmDKpLNG9xZkjB4dm4If_RBSNi5Vz4fboJK7rPfuutoM19oVwQ96L1y7QPOF4KVbdy0dojGnXSM3_FORM31P2LSN1fM9mRxpQWJLUWCJ78uJltVRra8T21sXu4vXNbNR-fu-bmzKr7CjfbdMj4pDqRUl5YSr3f-D47aNSOcsvbM-_4GAyxvTxq7CsHlIqchj-vdLGkbWr64GVRYV3s9NWGwlOTA3E3YBDcYQWfjll3r0kZXrUY4rfgdVsCVdwqn-Su_aiOKGdYqSdgaATC14JQTuhZVZBDc2ayO24HW_1Z__UpOQlUE-AjQc6Wbf7vFnIxYWynwSxD28B10fNYp7PGcqoDzlzlxZYhCf8w2Yf-Rg4IgMZR_w92r1HKQ6bROD9UmB7RTeOazcrbj7YvJeNM3FuJEuYfHe-rto4Stnfv0XxYaBVZXZZwAmAW2VxS9lpSnJVACsdRC4Jg7bEF7ugcX94Y_ZLOgXLoU1AnrcXOnLAJeFF9HhhwIKevu0HqQY9pxSI_Zaq0wRWi_Zgg10-8upBrLp14Jhmu1zciimEU8OV5qzJsuyDHNMDOsG8CUjFoPxAcbvNrvk7x0CVymTbWeXRJg9rbbWR2X0KDZqAusxEKAIwXcoO6OsXfRTniap5s-lentf2v5arV8MM5tR4UapQrtzDOCbVThtNtoufwKZud7OwgToGxZM0SaQHW7rHnMaUQyrDjvKmxHhfS87hcXJHXLirfkBi8_tD_XPFXzM04Ht5-XsYOJsMP2XSDeMSPgHizR7B_FLbhkFFB803rb8pFDRpHuARnY_7gTiL0e1RzDvM8JoceMeAdhwRVG4b24ojsvIP9zlBDJNkysS7qBTFWSVxFc68Du6lellrHSOCwXZBBhYThDwvzcHcDaIqK9pLxOJ2LnahaTGl-tj6JEXO0AvIBeco0xpS1ssCA_c19yLPiOrw2USWD2By5c_twYDmyqPprt9g62lLU76p23hxpZ_bLaW778E_wrGLhCuCvs6hccU8gPL2tGKiXbZ1i1Tr95DZpksDfSz9YRSXV4YE9mtrTo42LI5UKJyNJtsozzCJSlQV1QRxD&cid=CAASJeRojQlubxz14NTC9VLj8xZZe6sNhwQUNWMlOF5epC7CwaNLw7A&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 15:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 15:39:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame F1C3 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAqEfyILhgGWQg8dHLtW4andTXXibYDfikK9Gybs4UxTH-H1-uvSgKSqXTIScNiBGEl1DqH3e40JC_Zp_GNMiGXfQbGg&cry=1&dbm_d=AKAmf-DS1O4eSEQjsKioapghaeFYzRtYtKGGHqozomzrOPGMPqWgjJLgTOCVnt-zwIg-cQPR98Krkkci-c9R1uY2iTMGWqCgKNHXpQ-d0Dhq2z4Bq2ps-9RS2SF7RuC8F6xZ5Fvwmrr2L0jSnmHsjrkPovOIvDwdzQz8pWjDgg2Pj2sO1ZkuhD_Z1wwtC9P-5irNDA8KloZVSsiZ9bneDllq8MEqjO9ADTeKsLXfkSQPbxRLaqSv6fFgbtK2m3daaZ25rQekDSd82i3HkATrEYRuPIwm9u0CmSSd0iQ7H_EaRtZSRm_yl_fwjd9jRzmLOds2cOhoO1YfevaD4Kp9jLcl4ofb6tg-_6FnmMzR4z3MIxL6r-EqiEvLC10sQKuAJXaWXkyh3TH6wQz7CYUgvrtSoW_525O_GZnSgQgORJhhMJFjiYfR-H-fPnH77hV4HEXd9A6w73a1_v_10PVfi0ZVjDCE26utH0N6PbWWhxJH25BNPul6Aovb2YQ15Ry2YFzf3XgfM6T4WXsvcZosHrhOoBcaetSEdmCJtoP_Qgo9eyc0Tyoscc9a27tHW0vecwLmW3ZJqS2qx3rtLbt4HLG4p8AimHF6WUwo8sM9AMiMFjVXL8KRd7aec7DaBLDX1ZuXyO3wfmPrRCb8XFjqIAxW6AdsmYDKeo-tPz6_410MqsFmaJ9Tzg2tWTYmneSYWTQdI4zB667-xum9BJuQ9LqmoBRPE9kJLymL0JnDtGmk595qVOvtkqdOzQrERrjNgftTtaSod7nuRXqeuuDJ0TVNiIsn-Iw9-K93mWMXZNWUf4etm05-sYp0HTdDBWvAts57tyWzjVZ8_JsFDddbnj1TScmj6Ud13kr5JFVL16RM0JMXCRqVU8-Uv72QU-tOWz5XPnIRt7a5vn6-V_AmObiwCTdLcyDmG7uB8-oe68K3oyuLKDl8R31lxo6ti-9wu0_AplghMsDqSOAk8gqq7odq_Avf4m8UKKpQjwCqvDe0ObiAspIeES6mKTQlDYc2INp3wttF3qUM571R-BM-lYd-ETz5T_iEub4RPx0OVIZpXO_68TIipWR1Yli4_lutS1jGLJ2wqUybN-MTLxl-8Y7VDYRVUMAPEw2BOojGr-mf_OyELKr0NvVDvR04hec4cktZD7b-kbdW2iR3_6W74siku9LfB84t1qiI0bqMeXkuht7AEnNcKiLE88jhHztFl8e2-TK9TSUfHe2fOMUjdbWC7d6G9Tg5vxtxeWQDorvflVMUIJ0sLWd_Dl8NJfCUkxJNp2489sRkdzOVOcdpn8IQbB9jrhCAo4Hihs7Avjs6BZqTQLssvvdpkARCVdxDLDBNWQh3G7iJPaIRk7M7XWMDnB3159vRfTKBFpjQ81t9aTHK30izx_-tK5aCVqYSrypbcL2IfgwsKfDgVGxUVNPlpyYrQQAoHxB97eMAGJcavGEQc8ZpoXPEx3kOT53b6JpYAhBOfoJlKjGcily29hkat8RHFc137_QYXW8Ete8xQzV3t6TJ_4roPGuDFiY_GbdhclSbd_CkBvcUv1kLjwKn4XvPGl-wEMCKVsgmSwqh6lgj0aDtLGHwd_EOXfEhJeM8OKZuZ34ovYhqQ3GxqDlPxaZwMFu4udQzJmxqxuRBnxs32O-dJA2OnzFba9KohN6pTgymDolnurvTgKCz7ZU1p1E-5PsMboVkkZGwCwGeVdwtJe44-kXoZe_ADlWrSdAJ0Q1VHCrCXI4qccVv0RAI-Q2EvWXeznJy8GWptwy5qGp91KpVmm0uo02Rysmv_PQCkfhO2zi4LQlxlDoxsD_QbKjvY0P1aONuCeYjNyf7zCxDymH8Y8uj98hqJJmHUBuXn6mo-ZqTh8oZmVU_QUxoP4EJyG495i8mSwI-Vi2WV3uPYQO0tSoq1yYEa5I3nAewkBTUP0QdtUSulqmUf6W9dbcMx5CTITGozvCL3xRQjAw3cLOYYiBjJa-ZqeeqBM1CNDBhnwhp8HbyuZmxnJ49HCjn7qSJLFwY4T9BPqnF9Y9Y9NNniBxTzgEFPwt7fL_Dj--mMgjNAxQ3lRH7k2hGqaR7q_SHFnvdfZSyNIj2wDMBbk6coIEB7t_0U5k3YpOol8epnw2N6xrdfmSqpeRxfAc10G1P52-a5Jp2UbwImEC-eXRgwF_0Bu_WFhXlRnxOz-s0nnOux_hglpXLYBjGEoLc4j4VEeP9jUMcm1BKbQb-DLQm4UphE6LfgTd6JbPb-PixJ1CI8yNiPh4sPL3rT6NELcaslefC6KAKrUMavQ1-akTI2H6n4AzKMZENbMEaYneLBuu_g20rPWjmDKpLNG9xZkjB4dm4If_RBSNi5Vz4fboJK7rPfuutoM19oVwQ96L1y7QPOF4KVbdy0dojGnXSM3_FORM31P2LSN1fM9mRxpQWJLUWCJ78uJltVRra8T21sXu4vXNbNR-fu-bmzKr7CjfbdMj4pDqRUl5YSr3f-D47aNSOcsvbM-_4GAyxvTxq7CsHlIqchj-vdLGkbWr64GVRYV3s9NWGwlOTA3E3YBDcYQWfjll3r0kZXrUY4rfgdVsCVdwqn-Su_aiOKGdYqSdgaATC14JQTuhZVZBDc2ayO24HW_1Z__UpOQlUE-AjQc6Wbf7vFnIxYWynwSxD28B10fNYp7PGcqoDzlzlxZYhCf8w2Yf-Rg4IgMZR_w92r1HKQ6bROD9UmB7RTeOazcrbj7YvJeNM3FuJEuYfHe-rto4Stnfv0XxYaBVZXZZwAmAW2VxS9lpSnJVACsdRC4Jg7bEF7ugcX94Y_ZLOgXLoU1AnrcXOnLAJeFF9HhhwIKevu0HqQY9pxSI_Zaq0wRWi_Zgg10-8upBrLp14Jhmu1zciimEU8OV5qzJsuyDHNMDOsG8CUjFoPxAcbvNrvk7x0CVymTbWeXRJg9rbbWR2X0KDZqAusxEKAIwXcoO6OsXfRTniap5s-lentf2v5arV8MM5tR4UapQrtzDOCbVThtNtoufwKZud7OwgToGxZM0SaQHW7rHnMaUQyrDjvKmxHhfS87hcXJHXLirfkBi8_tD_XPFXzM04Ht5-XsYOJsMP2XSDeMSPgHizR7B_FLbhkFFB803rb8pFDRpHuARnY_7gTiL0e1RzDvM8JoceMeAdhwRVG4b24ojsvIP9zlBDJNkysS7qBTFWSVxFc68Du6lellrHSOCwXZBBhYThDwvzcHcDaIqK9pLxOJ2LnahaTGl-tj6JEXO0AvIBeco0xpS1ssCA_c19yLPiOrw2USWD2By5c_twYDmyqPprt9g62lLU76p23hxpZ_bLaW778E_wrGLhCuCvs6hccU8gPL2tGKiXbZ1i1Tr95DZpksDfSz9YRSXV4YE9mtrTo42LI5UKJyNJtsozzCJSlQV1QRxD&cid=CAASJeRojQlubxz14NTC9VLj8xZZe6sNhwQUNWMlOF5epC7CwaNLw7A&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 20:02:50 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3A25 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Origin
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 02:05:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 3A25 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2m9h_WAsBlLAqYIUBb8cfAUspu1IwHMfsjjstko4ZOWIcUlgMnHEuh3vWE4cUgFl1ols9HsNOuXuMHt6AVobIt8TBsA&cry=1&dbm_d=AKAmf-Dr3GqR2dz9e4vd21sgG6sAGQIkjQl5mIKtqFCc62Zq-3cmfQTsUUMcm_3Nlo2uVVraFRwhKu1gGh5Wy5_Sn1VZ-rJSZxof4LNurYaH6eAGahsp5cvWwxorq-oLWPWC0lfxNgYYcrZRG30PDtKdggl44Afk7sYWdNwXrh85ixK6PRWCH21alsFCIosztb-SZXW20aTMvasUqUiyK5gNQc2GhgUaiwLMl1IV58S4HFszE7FtCze3O9DuCwrMukKfe6SW0EJ5goAivf5lv5v3ki7BjUcTQZIrPfqcdZZGuOl3Sp3otyUFSPj5EGKoFopOsOh0iHBCwtB1Kx3b9PA6s_WVDGsJFuG3as13LFPh02UiHHE5Fiz-ndVAaJIAuvYYVhcDg5sSRCZa04d4C9RH1hBTlIsVHzIvXNsa7b8Cm9xZbkBIL42EF3Cn-YGoza2kB85HaEipHlIu9kvwh0OJ85S6uFe7R2KBtfRuebScHimGwgef06pDYHuwqGix_FCy7ez9BNj_qrGkRVXVkhnt1P5DiuA3WxUZejlxwEtlJnm3WbG95f7IozAyeryF5w5g9buG_Z1RZzfu1YlDRkDQZsax1_WMnntAMVMQ5oSE4dfXuUttdZqXPUDNiXlz8PKK0JJEeLMhSlRf3V09zTLnUft5fuy9TD8mq6BXonww9IBVgqJuAORgvXEvH9-u3OI7UQgudMD60Wh95I9low79-Y3yXaryyKUI_zlxkaT0DPvlKCBkhJRSMYQtTGVBT39aCcfUBOqT5NH96FX_AiRe03VXatQhovVA1Gtieawu7VRaqfZri40O6Z0n8RiN_lOFVxUozNp4Woh8y7KmSeu2aBUQtA9djmw04ROgCG8SWMhcOo3sTq_vINQ8zMcPme3SaN8rIeIP5Seq4dsTaxiWQrztOWQr7z0lvKvZnAHanSSULP7QiM8-Z5u_xBg9qkVtJ4db_wLwaiYwhogpX5qzZTU4djDpkaDmFMYLzpT_963h0sEuRcrA0ge318UtD8iZ6cdV8qBmp02QWVk_kJNNtLTo6qdhhEwOEDw1dnKCk2ucrLzFpqW8GSyM0aRxOmvL3R4dcmNqvzv9WhTDJlebPhoiT0KmQkDfVbFUOc93lE_XnPfVOVjI0xAjKP62wN0zQKzIkhM9CjLdoDZOuk63x0OIsQ-JBAaxAgKnnQYms9XjmlWP2W97qTfDIbrIE_PouR1pjHUvHAFfeCod7dRUdzFlM_brT8ydSHfo3bQqYoplpxJdpYIGdEWvyIdvkFnRl4o930algir2fgPE7-RqxanslYnsqKjSNGhND_Vm8649shDvnZRyfNQS7gzaIMqespkZE3UnQy53oflxKQ5CmHGgqWZf8c3GVkzh3YfNQB3OmZQ_OrrEkp7B5NA-I1fcguF5OiZk0UbX_BhMxeV51crzBw1r9BoBZh1FbSZa-ZSoMY2jP5L9-Uu24mq1B0vbFgUTm-uBh7ymXQ4hoCTj4AbPlVQS1uyApcR7BpoqPBqmNxj_pkVCB51PDBTiJ9i3DmIiHpZIUETChxoCcC8ZZV7XlXnrSSxWVTpgvgxoVQSiE-eJg32YXDKNyI4M_uR5DTsSmElTfY579uHvzjxnUZFaUnki5uXYb9PSu2hhPCmhIXzi0T6bANd0-ftDpnMhpcRcdDBXiIDU6kpPvv1i6vSgKjUGr6qw_DW0KBM0_MwLoZJ7YKGbUlwjyVSlNq8WII2CKxQW4RGzK3XdRtvWCKf_Hg_pU1UhhdxBrxC9j5bNBcr9AiaL0Dz2KMnmFq1y0I9O2JmA8O7dWEv7tB57cPGlAmAgS23UkWeGKWPt8R-D0zAc5axxBZPseRbcHZTH4d9HD0T68ZYbdajcVgy7Yby-BFy1l6DXSUDzwf7uab4AJ91oG5PzJKIXT_J67OyI1iJq_pj7wqeJ1dPOTaEQeamKmyWXLfHxR5rldvdpAIjden5kp1_22pgdNx669-3ouUdSeHxtSqzqxfmf6gkjbOv8s50iLhfRyarRjgq8qzzagDwDdln2M3nh7yNjHuRh2V2veLJRn30uo_yDLSl8-Mb2PK3imPQ-rhUrMKl002cT7dsCiXmyDslslMMEldhBnvlEYxs4vCPJWtGIO-74BhRGLwU3ihSXxi9rD2ynEEVFJr8BPLms6HwEWBWYu_iYX6u-6V-7WiIF1jsrTQwj80aJLsFJMyMjv7KAqlkbwfCJ_MksN63w9sdk_D8qiKrIOcwSnpfMdhsxVXkF07dvHRxGUehbPKrs-qaZ3yOyWOK2WY3Ccc5Ppezea9AZD5zjeIhN3IbRqoPdEX_kWDv4nupw0o3NnfYuna-6XQdAyDXSPF5sK1eMnL5eqUsVcbOl_fA8yx5IC1AvwKkIrTAydtwIf8sl0SBcekRd46Afq5MmKP9luiJbRQ0V-M7grFBpo6Q1QHLIku-CXA60ObR0M81Aiy5oguKtQv0JBpiWU12N7nffwlajsog_nCH3frNf1Y9bZAgPXxLVNG8u5cnzSsPNMNJO0ZM3s408GZh2nrlngpF4sC_XwaR7lvUKb1HHeepxW8-zdwNQ330-E8TbMYWCE2xPgQL4_AGSpGOB2Z53n48EsIAxudyUS5zGJIkauq32imOGZPalOs3uS-LFJ76ZxeekTOdU3L23IfeFfU54WuYF_sdNZwYQRdQ_RFup2m0XfkpBmfwJQdAjKYdAO24eEqC0ClcWmDdh6vwJH7xr2xhFrBSs1JttOJBCnhKVCTVXF4DQfCJPyf50-ahQPidGYXCg2jKfQyWTEXI6-iDOGNrFjOcuxir60MBag-s6iog8bXwf1uiU5ow2X5bFceb4MWUM1-FzCPbZwWvIwCISrFtloNEp_hm0Rsrd0t9RZp2ES7EKJq51-pVQRpL2MAtYxzJHcAIVvrz9fFhZcrk0cdRFFkCNQyC69_L_vq75ZT9HPBOXfSHPuCb0QVErBc8bnZb7wsmHvVdG-4IHtXg_ql_VFlxpTFgJXYShHhVQSpObZfO9UVQtMYvuZL5XHhRn591sD6FzVJnQnu0IATsWLL-aNVqAqxNSDvesUTDD5vldYxWYAie5NeLXgs0ivYjAo_ycGxTo42OFETGwomCG9SS2Mx33NDPwo8oKPJ6kUx1bWfNIHGzDMJrPf1AabBH2AYuRtpJBaQTuGEfLuTVaIxGnbEDwvXXq8UjgrBdfPNXl8vqYWoVZkZteqCb4wKrHMfKhZvqvH9YQ1aLmBt8u3o9lDbjo8xXwsiWVHbE8RrcDm5g5PzWkiIG3HayorokjTe8dnBn0ILxBxmKwxpH8l6VXYLXX6YgzfgECXzxps1W6CxV7T4X1PEoLc8H1RXB2NZwqIE7D9q6w-nuBoFTO54PGmjkpucNnNoYiep-kzjKP-e64pypeVUoP376HUg0SJG-c6Dtw-FyPkBxUm4W02hP2bTNjtggrYulLB8-xNbYu3gJfPztHeOn211l_rGj55VPRfq5O74Ajq4yryZr0FD5YEqNh8ta9c8kIgFnL-4A_7ryq5sxtiIjAmKZJLiSN6Qgx-iaSSdIYVR9ro7OzLoWnaTbq6Q6CILUSSnOTssLHxwIATryIlsLcSgNdG-Dbf-r3Hg&cid=CAASJeRoisKflayG6EwhQLF22NOA10N5FlLDuy5qyQLkAeLIiKwMbeY&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 15:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 15:39:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 3A25 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2m9h_WAsBlLAqYIUBb8cfAUspu1IwHMfsjjstko4ZOWIcUlgMnHEuh3vWE4cUgFl1ols9HsNOuXuMHt6AVobIt8TBsA&cry=1&dbm_d=AKAmf-Dr3GqR2dz9e4vd21sgG6sAGQIkjQl5mIKtqFCc62Zq-3cmfQTsUUMcm_3Nlo2uVVraFRwhKu1gGh5Wy5_Sn1VZ-rJSZxof4LNurYaH6eAGahsp5cvWwxorq-oLWPWC0lfxNgYYcrZRG30PDtKdggl44Afk7sYWdNwXrh85ixK6PRWCH21alsFCIosztb-SZXW20aTMvasUqUiyK5gNQc2GhgUaiwLMl1IV58S4HFszE7FtCze3O9DuCwrMukKfe6SW0EJ5goAivf5lv5v3ki7BjUcTQZIrPfqcdZZGuOl3Sp3otyUFSPj5EGKoFopOsOh0iHBCwtB1Kx3b9PA6s_WVDGsJFuG3as13LFPh02UiHHE5Fiz-ndVAaJIAuvYYVhcDg5sSRCZa04d4C9RH1hBTlIsVHzIvXNsa7b8Cm9xZbkBIL42EF3Cn-YGoza2kB85HaEipHlIu9kvwh0OJ85S6uFe7R2KBtfRuebScHimGwgef06pDYHuwqGix_FCy7ez9BNj_qrGkRVXVkhnt1P5DiuA3WxUZejlxwEtlJnm3WbG95f7IozAyeryF5w5g9buG_Z1RZzfu1YlDRkDQZsax1_WMnntAMVMQ5oSE4dfXuUttdZqXPUDNiXlz8PKK0JJEeLMhSlRf3V09zTLnUft5fuy9TD8mq6BXonww9IBVgqJuAORgvXEvH9-u3OI7UQgudMD60Wh95I9low79-Y3yXaryyKUI_zlxkaT0DPvlKCBkhJRSMYQtTGVBT39aCcfUBOqT5NH96FX_AiRe03VXatQhovVA1Gtieawu7VRaqfZri40O6Z0n8RiN_lOFVxUozNp4Woh8y7KmSeu2aBUQtA9djmw04ROgCG8SWMhcOo3sTq_vINQ8zMcPme3SaN8rIeIP5Seq4dsTaxiWQrztOWQr7z0lvKvZnAHanSSULP7QiM8-Z5u_xBg9qkVtJ4db_wLwaiYwhogpX5qzZTU4djDpkaDmFMYLzpT_963h0sEuRcrA0ge318UtD8iZ6cdV8qBmp02QWVk_kJNNtLTo6qdhhEwOEDw1dnKCk2ucrLzFpqW8GSyM0aRxOmvL3R4dcmNqvzv9WhTDJlebPhoiT0KmQkDfVbFUOc93lE_XnPfVOVjI0xAjKP62wN0zQKzIkhM9CjLdoDZOuk63x0OIsQ-JBAaxAgKnnQYms9XjmlWP2W97qTfDIbrIE_PouR1pjHUvHAFfeCod7dRUdzFlM_brT8ydSHfo3bQqYoplpxJdpYIGdEWvyIdvkFnRl4o930algir2fgPE7-RqxanslYnsqKjSNGhND_Vm8649shDvnZRyfNQS7gzaIMqespkZE3UnQy53oflxKQ5CmHGgqWZf8c3GVkzh3YfNQB3OmZQ_OrrEkp7B5NA-I1fcguF5OiZk0UbX_BhMxeV51crzBw1r9BoBZh1FbSZa-ZSoMY2jP5L9-Uu24mq1B0vbFgUTm-uBh7ymXQ4hoCTj4AbPlVQS1uyApcR7BpoqPBqmNxj_pkVCB51PDBTiJ9i3DmIiHpZIUETChxoCcC8ZZV7XlXnrSSxWVTpgvgxoVQSiE-eJg32YXDKNyI4M_uR5DTsSmElTfY579uHvzjxnUZFaUnki5uXYb9PSu2hhPCmhIXzi0T6bANd0-ftDpnMhpcRcdDBXiIDU6kpPvv1i6vSgKjUGr6qw_DW0KBM0_MwLoZJ7YKGbUlwjyVSlNq8WII2CKxQW4RGzK3XdRtvWCKf_Hg_pU1UhhdxBrxC9j5bNBcr9AiaL0Dz2KMnmFq1y0I9O2JmA8O7dWEv7tB57cPGlAmAgS23UkWeGKWPt8R-D0zAc5axxBZPseRbcHZTH4d9HD0T68ZYbdajcVgy7Yby-BFy1l6DXSUDzwf7uab4AJ91oG5PzJKIXT_J67OyI1iJq_pj7wqeJ1dPOTaEQeamKmyWXLfHxR5rldvdpAIjden5kp1_22pgdNx669-3ouUdSeHxtSqzqxfmf6gkjbOv8s50iLhfRyarRjgq8qzzagDwDdln2M3nh7yNjHuRh2V2veLJRn30uo_yDLSl8-Mb2PK3imPQ-rhUrMKl002cT7dsCiXmyDslslMMEldhBnvlEYxs4vCPJWtGIO-74BhRGLwU3ihSXxi9rD2ynEEVFJr8BPLms6HwEWBWYu_iYX6u-6V-7WiIF1jsrTQwj80aJLsFJMyMjv7KAqlkbwfCJ_MksN63w9sdk_D8qiKrIOcwSnpfMdhsxVXkF07dvHRxGUehbPKrs-qaZ3yOyWOK2WY3Ccc5Ppezea9AZD5zjeIhN3IbRqoPdEX_kWDv4nupw0o3NnfYuna-6XQdAyDXSPF5sK1eMnL5eqUsVcbOl_fA8yx5IC1AvwKkIrTAydtwIf8sl0SBcekRd46Afq5MmKP9luiJbRQ0V-M7grFBpo6Q1QHLIku-CXA60ObR0M81Aiy5oguKtQv0JBpiWU12N7nffwlajsog_nCH3frNf1Y9bZAgPXxLVNG8u5cnzSsPNMNJO0ZM3s408GZh2nrlngpF4sC_XwaR7lvUKb1HHeepxW8-zdwNQ330-E8TbMYWCE2xPgQL4_AGSpGOB2Z53n48EsIAxudyUS5zGJIkauq32imOGZPalOs3uS-LFJ76ZxeekTOdU3L23IfeFfU54WuYF_sdNZwYQRdQ_RFup2m0XfkpBmfwJQdAjKYdAO24eEqC0ClcWmDdh6vwJH7xr2xhFrBSs1JttOJBCnhKVCTVXF4DQfCJPyf50-ahQPidGYXCg2jKfQyWTEXI6-iDOGNrFjOcuxir60MBag-s6iog8bXwf1uiU5ow2X5bFceb4MWUM1-FzCPbZwWvIwCISrFtloNEp_hm0Rsrd0t9RZp2ES7EKJq51-pVQRpL2MAtYxzJHcAIVvrz9fFhZcrk0cdRFFkCNQyC69_L_vq75ZT9HPBOXfSHPuCb0QVErBc8bnZb7wsmHvVdG-4IHtXg_ql_VFlxpTFgJXYShHhVQSpObZfO9UVQtMYvuZL5XHhRn591sD6FzVJnQnu0IATsWLL-aNVqAqxNSDvesUTDD5vldYxWYAie5NeLXgs0ivYjAo_ycGxTo42OFETGwomCG9SS2Mx33NDPwo8oKPJ6kUx1bWfNIHGzDMJrPf1AabBH2AYuRtpJBaQTuGEfLuTVaIxGnbEDwvXXq8UjgrBdfPNXl8vqYWoVZkZteqCb4wKrHMfKhZvqvH9YQ1aLmBt8u3o9lDbjo8xXwsiWVHbE8RrcDm5g5PzWkiIG3HayorokjTe8dnBn0ILxBxmKwxpH8l6VXYLXX6YgzfgECXzxps1W6CxV7T4X1PEoLc8H1RXB2NZwqIE7D9q6w-nuBoFTO54PGmjkpucNnNoYiep-kzjKP-e64pypeVUoP376HUg0SJG-c6Dtw-FyPkBxUm4W02hP2bTNjtggrYulLB8-xNbYu3gJfPztHeOn211l_rGj55VPRfq5O74Ajq4yryZr0FD5YEqNh8ta9c8kIgFnL-4A_7ryq5sxtiIjAmKZJLiSN6Qgx-iaSSdIYVR9ro7OzLoWnaTbq6Q6CILUSSnOTssLHxwIATryIlsLcSgNdG-Dbf-r3Hg&cid=CAASJeRoisKflayG6EwhQLF22NOA10N5FlLDuy5qyQLkAeLIiKwMbeY&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 20:02:50 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F1C3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 12:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Sep 2023 12:36:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FEC0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
20406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 15:10:35 GMT
etag
48472445140208031
expires
Sat, 24 Sep 2022 15:10:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F1C3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96b7c96548f1be0e4a334eb524c92a630b814bdfa16040660fbd9442c7dd72ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3A25 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 12:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Sep 2023 12:36:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5D00 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
20406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 15:10:35 GMT
etag
48472445140208031
expires
Sat, 24 Sep 2022 15:10:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3A25 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83f42e068d5a1937469e6f1c3effa74883322bfe6e028043d2366c9164be06ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 425E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Sep 2023 20:50:41 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 425E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Sep 2023 20:50:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 425E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 18 Sep 2023 20:50:41 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 425E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 18 Sep 2023 20:50:41 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 425E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=OmQwZs0nSw3SlNPn3VOq0BbbWPHGR3tNosJRutnJ-FYToJGfqkaglINjQ_PBAXjZHbEZgpjbwGJuWhGzqF6pDEoTpOatqs0PPWAF-a9CDTLHEuG3J519KygtT7P6joe7r1hVrXeaDLslDKrWv5sCaFQWe38d2dvuVzP_vgfLJv8_EWCVy6mg9TF8yZVK-PR5lMWNdHX1MVvwS4mcGEwSF4oEAN-kueX2MTWfSudno5Z2240B5a1Lj_H_wxh16jVZN0WJlFf8VGWjI_VQHNd0FpLTbbnE-GquRrsD7ZJecnjDkXvAo_109RWLJqtcDMjvpcCEmTQHL-RoU4JoOMBHxja-hdDtx2WnkpgSrOdtoIXSgoJwQ6sQRhVzqkgNDLXrC9Zn-1vwkvn1ahKlTj7joDqAKsP7A39O2eu7ad-_I69WNQel9zgCgsbMTzhFxDt_mmxZlA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1720889
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 11CA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
560261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 09:13:00 GMT
expires
Sun, 17 Sep 2023 09:13:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame FEC0
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEO1qJMLUizB6iwGiNEnvBDw&google_cver=1&google_push=AZmPxg-smYoSUmQgDDvLcU98jP2SBIMg9JyuH77uwWajTvb4qI85pN5nrXgwZrGrcMT1LNaKM4zAf...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-smYoSUmQgDDvLcU98jP2SBIMg9JyuH77uwWajTvb4qI85pN5nrXgwZrGrcMT1LNaKM4zAfLoRTUA_02CBGtS2U5bya9f2VOT3IIBV87FDC1slgeVDb496G7qJz7...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-smYoSUmQgDDvLcU98jP2SBIMg9JyuH77uwWajTvb4qI85pN5nrXgwZrGrcMT1LNaKM4zAfLoRTUA_02CBGtS2U5bya9f2VOT3IIBV87FDC1slgeVDb496G7qJz7uVfKa0fBjIZL0&google_hm=MDQ0Zkw5amNLOUtFMTBqRk1QZ0ZtWlJwZm9j&from_google=sp1
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:41 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-smYoSUmQgDDvLcU98jP2SBIMg9JyuH77uwWajTvb4qI85pN5nrXgwZrGrcMT1LNaKM4zAfLoRTUA_02CBGtS2U5bya9f2VOT3IIBV87FDC1slgeVDb496G7qJz7uVfKa0fBjIZL0&google_hm=MDQ0Zkw5amNLOUtFMTBqRk1QZ0ZtWlJwZm9j&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame FEC0
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEO4jidh4RO6Tfv3satjcpa4&google_cver=1&google_push=AZmPxg-i55260BQY3Fx4ZWR_bxph2QCmOq2tV8niGXjBbSbD7FsMhIodffFg5IzvbW360wqSV5_MKTqAwYIsHs1rFnrBlj6nBGe3CUUuU...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Wm1vSkhSQ2FEVTI3d2E0UElSd3VZdw%3D%3D&google_push=AZmPxg-i55260BQY3Fx4ZWR_bxph2QCmOq2tV8niGXjBbSbD7FsMhIodffFg5IzvbW360wqSV5_MKTqAwYIsH...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Wm1vSkhSQ2FEVTI3d2E0UElSd3VZdw%3D%3D&google_push=AZmPxg-i55260BQY3Fx4ZWR_bxph2QCmOq2tV8niGXjBbSbD7FsMhIodffFg5IzvbW360wqSV5_MKTqAwYIsHs1rFnrBlj6nBGe3CUUuUjp1LmS1fud7Tx87q0NH4vjPd4xW0mVMqoeXNI8f
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Wm1vSkhSQ2FEVTI3d2E0UElSd3VZdw%3D%3D&google_push=AZmPxg-i55260BQY3Fx4ZWR_bxph2QCmOq2tV8niGXjBbSbD7FsMhIodffFg5IzvbW360wqSV5_MKTqAwYIsHs1rFnrBlj6nBGe3CUUuUjp1LmS1fud7Tx87q0NH4vjPd4xW0mVMqoeXNI8f
date
Fri, 23 Sep 2022 20:50:41 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
287
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
asr
aid.send.microad.jp/g/ Frame FEC0 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEPh8nDSdwmF0T4Cild_7fPI&google_cver=1&google_push=AZmPxg8l14pWInGpmX591HoWpkOM0dxxWGTUlRFs6vLTHA2HluaJDL77X5erDz4ESqSvfeYvQND7CoCMN2w1vvNx6CxCVwinsdUMeIW-Kcez-ieCOLZiwioiNeT_VpYebada9KnwkDBwNcAp
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:41 GMT
Server
Apache
Strict-Transport-Security
max-age=3600
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame FEC0
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENwSHSvR3vttqlY6A8xCUUk&google_cver=1&google_push=AZmPxg8UyCfRBIesf3osvYBHDuyviYd7uFW7NmfZ0XUUyl6DiapQi2lFUTpC4XIWawDh9wM2Qcm07KdffFezudQDgcP6y0_bbt...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8UyCfRBIesf3osvYBHDuyviYd7uFW7NmfZ0XUUyl6DiapQi2lFUTpC4XIWawDh9wM2Qcm07KdffFezudQDgcP6y0_bbtH...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D&google_push=AZmPxg8UyCfRBIesf3osvYBHDuyviYd7uFW7NmfZ0XUUyl6DiapQi2lF...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D&google_push=AZmPxg8UyCfRBIesf3osvYBHDuyviYd7uFW7NmfZ0XUUyl6DiapQi2lFUTpC4XIWawDh9wM2Qcm07KdffFezudQDgcP6y0_bbtHc-5_NmauzmNqNXLuFyOrsyGrvbwnyqNuRGWdNmwX2SPAW
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D&google_push=AZmPxg8UyCfRBIesf3osvYBHDuyviYd7uFW7NmfZ0XUUyl6DiapQi2lFUTpC4XIWawDh9wM2Qcm07KdffFezudQDgcP6y0_bbtHc-5_NmauzmNqNXLuFyOrsyGrvbwnyqNuRGWdNmwX2SPAW
date
Fri, 23 Sep 2022 20:50:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame FEC0
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESED9Jt4hdsXk5nsYqKyWqmcE&google_cver=1&google_push=AZmPxg9jgJi1V7St7_Tkb-yQqUf5RrkE_qPiNETixdkeSIHwW90fleGTLyw3FGIwJiFQNrmue9r8L0m098oLb6o...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9jgJi1V7St7_Tkb-yQqUf5RrkE_qPiNETixdkeSIHwW90fleGTLyw3FGIwJiFQNrmue9r8L0m098oLb6oX3fGUqI0GeS943Rsn23xjnZN3KaOKYEv...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9jgJi1V7St7_Tkb-yQqUf5RrkE_qPiNETixdkeSIHwW90fleGTLyw3FGIwJiFQNrmue9r8L0m098oLb6oX3fGUqI0GeS943Rsn23xjnZN3KaOKYEv0cIVx_mtvQkgo9v3jOcwde4JYeQ&google_hm=Nzc0ZGNkMGYtNGY2Ny0zYWQxLWFkNzYtNGJkZDhjNjg4ZTJl
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9jgJi1V7St7_Tkb-yQqUf5RrkE_qPiNETixdkeSIHwW90fleGTLyw3FGIwJiFQNrmue9r8L0m098oLb6oX3fGUqI0GeS943Rsn23xjnZN3KaOKYEv0cIVx_mtvQkgo9v3jOcwde4JYeQ&google_hm=Nzc0ZGNkMGYtNGY2Ny0zYWQxLWFkNzYtNGJkZDhjNjg4ZTJl
date
Fri, 23 Sep 2022 20:50:41 GMT
cache-control
no-store
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame FEC0
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEBrGXm4BPcMxTvRF7GmliM4&google_cver=1&google_push=AZmPxg-tSud2DTIdQwTBMG8rsVJJaeYIA8zwErbmiP3CiHoXMj_ValWMBa5xeAaSAzCAPAwAxnfvfZ1GNWNuvLKQz...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=N2I0ZDdjOTUtNmExMS00ZDk5LWI3NmEtYTA5ODU2NDU4N2Qx&google_push=AZmPxg-tSud2DTIdQwTBMG8rsVJJaeYIA8zwErbmiP3CiHoXMj_ValWMBa5xeAaS...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=N2I0ZDdjOTUtNmExMS00ZDk5LWI3NmEtYTA5ODU2NDU4N2Qx&google_push=AZmPxg-tSud2DTIdQwTBMG8rsVJJaeYIA8zwErbmiP3CiHoXMj_ValWMBa5xeAaSAzCAPAwAxnfvfZ1GNWNuvLKQzmV9C8W3FYz-8drX-_4MRa9_bR4_OiROWmCF4ZAEwB36V1Z_-l3cYIIeBQ
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=N2I0ZDdjOTUtNmExMS00ZDk5LWI3NmEtYTA5ODU2NDU4N2Qx&google_push=AZmPxg-tSud2DTIdQwTBMG8rsVJJaeYIA8zwErbmiP3CiHoXMj_ValWMBa5xeAaSAzCAPAwAxnfvfZ1GNWNuvLKQzmV9C8W3FYz-8drX-_4MRa9_bR4_OiROWmCF4ZAEwB36V1Z_-l3cYIIeBQ
date
Fri, 23 Sep 2022 20:50:41 GMT
content-length
0
/
onetag-sys.com/match/ Frame FEC0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1&google_push=AZmPxg9nAT53SwI-QhBQIZdFzmTNg0n0VZ4O2XmdqEF_RRyHPcPRXTjJCZzq9TsY6-aHVOPpSJwOAAlQ5no...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd4xJ8BqQHKH6b48e_E_IVv1EnQn50sA&google_push=AZmPxg9nAT53SwI-QhBQIZdFzmTNg0n0VZ4O2XmdqEF_RRyHPcPRXTjJCZzq9TsY6-aHVOPpSJwOAAlQ5n...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FEC0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IY4yoCbQeECDpTzLNGJ8IMtHSEu5cbkmoNZEqkBKMq-9jPpTqQLGBiYitv0W-mlszxQhE7pkuX
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 425E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5005697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIRhXDYVshBtB91CMhWLfD9EWIvfw7J9TzdUA0tCEslJWO62bhpT4MkiHbg3QRAuQTfc9EBzebTInufRciHdfL9N6Fi8ZZMEc%2FpnKH9D0MKkzY8TRM%2Bsg8MC6Y6Zn0UoJH9X8M2t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74f627716ccc3775-MEL
expires
Wed, 13 Sep 2023 20:50:41 GMT
6321736cfcde4d4dac7f881c583a1a7c_gibson-regular_1.woff
static.criteo.net/design/dt/ Frame 425E 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/6321736cfcde4d4dac7f881c583a1a7c_gibson-regular_1.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
47049ed2e8ae9a68deca5cb9452287ff5272edba1d7b7380f30f1047ed58599c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
last-modified
Thu, 12 May 2022 06:53:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"627caf02-577c"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Sep 2023 20:50:41 GMT
pixel
cm.g.doubleclick.net/ Frame 5D00
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPiUyiYpMftXf5SXolz_vWY&google_cver=1&google_push=AZmPxg-zgtKetmiNpVDDTCv0zKiUPoI7_SMwvBR60Bi8Wcl08h48pbg...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=347dce3f759520c4&is_secure=true&networkId=14000&version=1&google_gid=CAESEPiUyiYpMftXf5SXolz_vWY&google_cver=1&google_push=AZmPxg-zgtKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALoY2cZIuGQgNWIWTwAAAAAAA&expiration=1664052642&google_cver=1&is_secure=true&google_gid=CAESEPiUyiYpMftXf5SXolz_v...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALoY2cZIuGQgNWIWTwAAAAAAA&expiration=1664052642&google_cver=1&is_secure=true&google_gid=CAESEPiUyiYpMftXf5SXolz_vWY&google_push=AZmPxg-zgtKetmiNpVDDTCv0zKiUPoI7_SMwvBR60Bi8Wcl08h48pbgKj_kF3nTbxB5NjOBqBei_o6WO4gZGQuZbNRMdT08I8gR0
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALoY2cZIuGQgNWIWTwAAAAAAA&expiration=1664052642&google_cver=1&is_secure=true&google_gid=CAESEPiUyiYpMftXf5SXolz_vWY&google_push=AZmPxg-zgtKetmiNpVDDTCv0zKiUPoI7_SMwvBR60Bi8Wcl08h48pbgKj_kF3nTbxB5NjOBqBei_o6WO4gZGQuZbNRMdT08I8gR0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
i.match
s.tribalfusion.com/z/ Frame 5D00
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFTWQGWYVmLqkIR8G9ndZ34&google_cver=1&google_push=AZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTWQGWYVmLqkIR8G9ndZ34&google_cver=1&google_push=AZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUb...
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTWQGWYVmLqkIR8G9ndZ34&google_cver=1&google_push=AZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74f6277368905ab0-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
8263
cf-ray
74f627718df75ab0-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTWQGWYVmLqkIR8G9ndZ34&google_cver=1&google_push=AZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg83WDB1eBn63HsRC7hmYEJcpU8oKRpvEbsASLld8Vl-Y46CG7jq_8WpoNTHEm0A0hFdIJMvh-ulVj536pobn6oswSoAUUbU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync
cs.media.net/ Frame 5D00
Redirect Chain
  • https://cs.media.net/cksync?type=g&cma=1&google_gid=CAESEMJ3VoURrzyaJhWIGqysbN4&google_cver=1&google_push=AZmPxg8aPLLAaNmxLsSK8QfJkFHNGGWoNK7TgHgXmo3HumdfymW1S4Q0Wrd-IEjpIsegqNMAj87AwaZHfV9YRJDbLZ9...
  • https://cs.media.net/cksync?cs=40&type=wun&chng=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT}&redirect=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3D8m33zk4%26ttd_tpi%3D1%26gdpr%3D...
44 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=40&type=wun&chng=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT}&redirect=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3D8m33zk4%26ttd_tpi%3D1%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}https%3a%2f%2fcs.media.net%2fcksync%3ftype%3dwun%26vsid%3d3069678381540929000V10%26cs%3d12%26ovsid%3d%26google_push%3dAZmPxg8aPLLAaNmxLsSK8QfJkFHNGGWoNK7TgHgXmo3HumdfymW1S4Q0Wrd-IEjpIsegqNMAj87AwaZHfV9YRJDbLZ9-V4xo2KT_&gdpr=&gdpr_consent=
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
44
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:41 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cs.media.net/cksync?cs=40&type=wun&chng=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT}&redirect=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3D8m33zk4%26ttd_tpi%3D1%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}https%3a%2f%2fcs.media.net%2fcksync%3ftype%3dwun%26vsid%3d3069678381540929000V10%26cs%3d12%26ovsid%3d%26google_push%3dAZmPxg8aPLLAaNmxLsSK8QfJkFHNGGWoNK7TgHgXmo3HumdfymW1S4Q0Wrd-IEjpIsegqNMAj87AwaZHfV9YRJDbLZ9-V4xo2KT_&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:41 GMT
pixel
cm.g.doubleclick.net/ Frame 5D00
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEPlxe7VydKdNmpthJvHpPZs&google_cver=1&google_push=AZmPxg9-yD8p1DRj7-8aeZvnEugme4mBcrH9Oc2lQfUmaPwXuQ4ENZHr0TaCRIZTT-xCdug2pHJX9HLyDojjH-A7S2BOvhEZkKYL
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9-yD8p1DRj7-8aeZvnEugme4mBcrH9Oc2lQfUmaPwXuQ4ENZHr0TaCRIZTT-xCdug2pHJX9HLyDojjH-A7S2BOvhEZkKYL&google_hm=1876a028e70a2f85d1b...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9-yD8p1DRj7-8aeZvnEugme4mBcrH9Oc2lQfUmaPwXuQ4ENZHr0TaCRIZTT-xCdug2pHJX9HLyDojjH-A7S2BOvhEZkKYL&google_hm=1876a028e70a2f85d1bef01b6eeaa9c2
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9-yD8p1DRj7-8aeZvnEugme4mBcrH9Oc2lQfUmaPwXuQ4ENZHr0TaCRIZTT-xCdug2pHJX9HLyDojjH-A7S2BOvhEZkKYL&google_hm=1876a028e70a2f85d1bef01b6eeaa9c2
date
Fri, 23 Sep 2022 20:50:41 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 5D00
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEBrGXm4BPcMxTvRF7GmliM4&google_cver=1&google_push=AZmPxg8W2GphnS76SdWboekyfRnHx3VFGKjCAm9YHZSFMeqAnPjmzDu9tcQnVJLDx3wOHrpuVhdQ8RwQlRdkDqoIO...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWRjYjM2NTctOWU1Ny00MWYyLWJhMGMtNmYxMDg1ZDc2MjY5&google_push=AZmPxg8W2GphnS76SdWboekyfRnHx3VFGKjCAm9YHZSFMeqAnPjmzDu9tcQnVJLD...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWRjYjM2NTctOWU1Ny00MWYyLWJhMGMtNmYxMDg1ZDc2MjY5&google_push=AZmPxg8W2GphnS76SdWboekyfRnHx3VFGKjCAm9YHZSFMeqAnPjmzDu9tcQnVJLDx3wOHrpuVhdQ8RwQlRdkDqoIO_rfAXEXLQLk
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWRjYjM2NTctOWU1Ny00MWYyLWJhMGMtNmYxMDg1ZDc2MjY5&google_push=AZmPxg8W2GphnS76SdWboekyfRnHx3VFGKjCAm9YHZSFMeqAnPjmzDu9tcQnVJLDx3wOHrpuVhdQ8RwQlRdkDqoIO_rfAXEXLQLk
date
Fri, 23 Sep 2022 20:50:41 GMT
content-length
0
gobRedirectFromId5
sync.inmobi.com/ Frame 5D00
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEEThY7uqnfVIjn6-NVnFz9M&google_cver=1&google_push=AZmPxg_LfOqWReFm7vAaqntgsTIbPUcOE22feVIV6Ue7AAnJuZiWiaHrw2vlY_VNAWIabHPDGaPd7fDldgvK-kUzxON9na4h2URh
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg_LfOqWReFm7vAaqntgsTIbPUcOE22feVIV6Ue7AAnJuZiWiaHrw2vlY_VNAWIa...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOwmLyZP3jhRtZVTHPe27nZR9RlC8xcktDZJznMg&google_push=AZmPxg_LfOqWReFm7vAaqntgsTIbPUcOE22feVIV6Ue7AAnJuZiWiaHrw2vlY_VNAWIabHPDGaPd7fDldgvK-kUzxON9...
0
0
/
b1sync.zemanta.com/usersync/googleadx/ Frame 5D00
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEP-NzvxlmrmFdi01mWY_Zhk&google_cver=1&google_push=AZmPxg9tH6lES4zke07W-dyGGMNvVaUlrMqv5J-o4Wy3MTOiQ8W387KBXl0KotNQW5XiFr2Llp0if05Nb0TtA...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEP-NzvxlmrmFdi01mWY_Zhk&google_push=AZmPxg9tH6lES4zke07W-dyGGMNvVaUlrMqv5J-o4Wy3MTOiQ8W387KBXl0KotNQW5XiFr2Llp0if05Nb0TtA...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9tH6lES4zke07W-dyGGMNvVaUlrMqv5J-o4Wy3MTOiQ8W387KBXl0KotNQW5XiFr2Llp0if05Nb0TtAW2REGfnN4eM1WSC0A&google_hm=LU9GRW52dWhMZzBqTG...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
64.74.236.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:42 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5D00 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lyew3Ugz5j221129nRMNEZwPq0YAb6Fx8W1GNlz2-GZhLTP253OrXOuBgVtnjrsjT0xPW1-NuN
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1F82 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
560261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 09:13:00 GMT
expires
Sun, 17 Sep 2023 09:13:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame DF3A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:40 GMT
server
Kestrel
server-processing-duration-in-ticks
888723
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Sep 2022 20:50:41 GMT
animejs.js
static.criteo.net/animejs/ Frame 425E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Sep 2023 20:50:41 GMT
542993.png
static.criteo.net/design/dt/3336/140731/ Frame 425E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/3336/140731/542993.png
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
bbc11ea532afa6e112838ab439ecb2a8a9ccdfb4a616ee68ca118ae6b491e934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Thu, 31 Jul 2014 01:21:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"53d99a07-17f6"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
6134
expires
Mon, 18 Sep 2023 20:50:41 GMT
img
pix.as.criteo.net/img/ Frame 425E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=3336&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3336%2F161115%2Ff0131178b44e48df939196f910cb694a_logo_all_horizontal.png&v=3&w=236&s=BeIGkBvZh3BrqKNt4CVpk7lG
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
78cc90ad6edbab01ff82512f4a689c035dd3310e281f38e3dcecf50e1dd6f7b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28958721
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8678
expires
Fri, 25 Aug 2023 00:56:03 GMT
img
pix.as.criteo.net/img/ Frame 425E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ13001PVDLE_4.jpg&v=3&w=400&s=f2MOKWxkJ16IERD4mM3Rst21&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bc005d69930e2883f8c4dffc0bac1fd88122890e46fc1ef8f218f7f6e76c4170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=360551
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15606
expires
Wed, 28 Sep 2022 00:59:53 GMT
img
pix.as.criteo.net/img/ Frame 425E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ16910POGLE_4.jpg&v=3&w=400&s=AJkZeXl11ziNxBLVBHrFUUkw&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a42f548400991d72d1cc9e42ff3ac7a7901341bdd19ded66a6a692235ad894cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=214124
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11234
expires
Mon, 26 Sep 2022 08:19:25 GMT
img
pix.as.criteo.net/img/ Frame 425E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FZ%2FR%2FZR10155NGELE_4.jpg&v=3&w=400&s=QpFdFMl4XmVoAH8MbvjwtMJT&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
7196d3c73cafa7f5c4d3c82434dfaa7733b52c3309bab8cec3cba4872434acda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=189101
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6330
expires
Mon, 26 Sep 2022 01:22:23 GMT
img
pix.as.criteo.net/img/ Frame 425E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FS%2FU%2FSU11357H15SU_4.jpg&v=3&w=400&s=zRhKaO0fzAzme8tHp2NkRF51&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
36a465c1ae84e92bebe1d93bac6afe236ff509429b187e71e988a83a71c67b45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=213688
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9342
expires
Mon, 26 Sep 2022 08:12:10 GMT
img
pix.as.criteo.net/img/ Frame 425E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ18013TAOLE_4.jpg&v=3&w=400&s=_skuEWRf3v-NNuWc01KRgZM3&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c7c325dc8d93c414a78eb3e5b92f93ad55b1abea4ac96fd2a4e661aa7f3b3a1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=216102
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5472
expires
Mon, 26 Sep 2022 08:52:24 GMT
img
pix.as.criteo.net/img/ Frame 425E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ15233PK1LE_4.jpg&v=3&w=400&s=1X38kFPvxXBONPi2y-sUCukC&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
920737905abf2a99d696005c329e5169c72687d4988b4ae6fa29483477a6d841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=567090
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11314
expires
Fri, 30 Sep 2022 10:22:12 GMT
img
pix.as.criteo.net/img/ Frame 425E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FC%2FF%2FCF10776N6TCA_4.jpg&v=3&w=400&s=yiTbAsUZPC53PJVfb6j7BDqo&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
5f746da18d46ab0d2b0e4d0ee70418c9369d92154ea23bcee063c20415d86102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=306033
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9942
expires
Tue, 27 Sep 2022 09:51:15 GMT
img
pix.as.criteo.net/img/ Frame 425E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FI%2FL%2FIL11835NDUSM_4.jpg&v=3&w=400&s=ztdos7ngzkVhZuSOv76YQHfc&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bef1e22dca3a21ec48c52c83a75413073077730b0c2e94086d2106153e97c872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=98519
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4882
expires
Sun, 25 Sep 2022 00:12:41 GMT
img
pix.as.criteo.net/img/ Frame 425E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ17909WHILE_4.jpg&v=3&w=400&s=c30FzKrrbkZer85g4T2B6vl3&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c40c7eb4af98bc81b1a73a2c17fabba5685e465ba367ad56eef3e7f2d44ff31c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=213940
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11058
expires
Mon, 26 Sep 2022 08:16:22 GMT
img
pix.as.criteo.net/img/ Frame 425E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FI%2FL%2FIL10673M63SM_4.jpg&v=3&w=400&s=thXdYiyD3nEijIJ9IZmLtIZR&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
74acdbf52f3781b227daf7341ca3e8dd3edc7833232243f3ab320ecb5adbf636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=276026
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8952
expires
Tue, 27 Sep 2022 01:31:08 GMT
img
pix.as.criteo.net/img/ Frame 425E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ15830P28LE_4.jpg&v=3&w=400&s=2irREHZJOqem0rffcryRc2Ni&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f12f9006090ae41a6f5bb0a223f56f6379968eccb90ff43788854bcb04cd2383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=292693
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7336
expires
Tue, 27 Sep 2022 06:08:55 GMT
img
pix.as.criteo.net/img/ Frame 425E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FT%2FO%2FTO12224BLAFT_4.jpg&v=3&w=400&s=We3lZB_UIzGKGxmhf530gh0A&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c4ab44029bc98c71d763ba62f4fe156d7b5cf635479f75e97d99ce681441cb72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=294934
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3724
expires
Tue, 27 Sep 2022 06:46:16 GMT
img
pix.as.criteo.net/img/ Frame 425E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FZ%2FR%2FZR10132GACLE_4.jpg&v=3&w=400&s=RLnB85l-la5bpninBI0pbNfp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0204e46bc07b43b273527df58d0abda3dffc04f627a26568e03bc743bf96a86e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5554
expires
Fri, 23 Sep 2022 20:50:42 GMT
img
pix.as.criteo.net/img/ Frame 425E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ17355BLAFD_4.jpg&v=3&w=400&s=yiDlu3TJf_aIlVgeIhojO7Fv&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
168d0280d34425ecf7257f03bf084e2976eb698f80d1531cb12df80a2fcbd801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=365996
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5266
expires
Wed, 28 Sep 2022 02:30:38 GMT
img
pix.as.criteo.net/img/ Frame 425E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FC%2FF%2FCF10908ECKQB_4_.jpg&v=3&w=400&s=idsPR9Gk6fSVhBF_IVTlwuM1&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
2e4a32504323b1dcab1f46be651ae7fefe4fe4b307534581b74e6810f377a170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=217312
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8330
expires
Mon, 26 Sep 2022 09:12:34 GMT
all
csm.as.criteo.net/ Frame 425E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=30gHkURLj-A5UDJJCyow51idcRtIf_uBZr1CSNlmeJKv1o5MxQW5VE884gVgBZ-452wz00kRWV2t6QtHMLPs8Pewob9A_09v24PkUlgWSWX3WC7LCxDlHiRMw8quP1rZKV8_6cFvqdfrIZopwGjxu1VR9fl65jx0YmpMLU_-RWZmOL65lz6aYHSrfreYpSaxY8JIbFhv_XG0eIY5xSuxogvl1dnGs7aEy04MO-vZ7A-MsfcxttvinwoNAeutqLd1J_5jL_mqUUMrEUtA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 20:50:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 425E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Sep 2023 20:50:41 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 425E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Sep 2023 20:50:41 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 11CA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:14:30 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 1F82 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:14:30 GMT
index.html
s0.2mdn.net/sadbundle/10977312179645291841/ Frame EB78 		365 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
8773c1b13cce7cb3a4f2a918f796c5ed7efe77572cacd73911f47d29457ec3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
83807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
72938
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 21:33:54 GMT
expires
Fri, 22 Sep 2023 21:33:54 GMT
last-modified
Fri, 02 Sep 2022 01:22:05 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3A25 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsup_gBWfn2dDH_SsDoXbSA1j2NmEKLyL2mFBGKoQoKh2Ky7Ptm2hi6_X4SDg-9qa99f7ygtH0qwoT0Vw-qGOU7F4mb7LYKw8lrFsrV1WPfQyK38J8iqG29RYpzy7mcc4_cak2Y7-CsVMlTn29iyYTt4CsfZ9xDw9dLybI2sNp9k1Kx-f7wD8ZXGl7QEjzCGsS9r5Yihsm5bpScQ7xym499_ohlt2YzqyBYM7H8yWh27O9uUvy4O845awdWSGS1e48d_-XdWP3BDfGVvxm4vhCaWGUYUrLZaO3et_taf0132b1yU5BkxgxJSEIZk95CKhcmU7CFlglxRzYaTcjvf7atV28tQclePpPMnuNXp0NHj9Hn8qzxJLrKuxev6yQClUXq2pgUjUseKoE1LpaAxpRvUFbR7xrH7wLpoWx7n_0sSEZhcYcH-HekFW0d0jltVLMVcyrM1aueYR4UKP2ftsQoXy_Im286WWfsFx6YgGtoZNd3MjwPN8_AdTBc5UZwn0P6BBaPUM5InRdFPMJ31qLo2FZAPyb_vSbGc1zJ1WUWEVco4rJtgvTHougsVKV4VPbuC6QIVWiPZLRFfbMyqQw-1neOohbnVjkY8bNCcYMNsIEicd8NVE0DyUih6pdPJHwrLlTF0nBDt5XhKpGVdNbAXZcpAg301ZKBsxRQuKGPd1GzkvBhWxLjs_9rcovBBDBv2pSU3vu8Aiwr5g7m1vTxbHxryI3ohcEUnMN0qAIvo3HbwmFja0JNzllI9LSjdusQdsNeahnrlYJ0eEXJevVtGSSsbukiESg2nQkSx2tC7iibaLvL8sunkIduvvsw-Z8YxDhkqOTtKWWGZMeGJjSDVHB4TUD94tcMg7DKXL1Y52QDHEpPEpQgfBhsFjMEK_dm0pJulkoDrvM6nz1lb4_1qnfF5OUk_90xNKED2cSK1dOhufGtg4U8973wnFWG-Pt_R6Xt6nKUow40r-nv_X_STc0sA-ItZXQeRLgmkYoVS8oI59UbuAzSoNVyXuXIRBAmSD6k7eMbcY80EKmT-xZem6RYLGMoXgH1LK6GLSuNiiYqwxc0DiQPpOf3OHsryWxLpC8s4a-7OyKBecr_-7M7EwAyiaMn0tUXAPsS9nNa44xqb9spvxod_wALBiSLmbQPVLr5KOXSdheBYwW-j2wY7w6508cybkzAgCBy3PXWlXizujDcMQUeF4Mm5VvjJTUfW3RWFUqacvDAL4Pnwy359qmC8n3BTtb29BqomN2ij3PvZ41vzD1PN1fgxGKNBrPNbY7VtTE8Y1pHB5xDNM5qzZ3JugPxqqKeE3ov2CQ&sai=AMfl-YQBxYpFOTDB5A8xrN5_ZIge00J-6bV93a5eu7JNUnbFWN0YxpZ5EUBoQupWdK1xmqSMZexOeT6lAvyYHXfTK6UBWiB4viagri6GEklgbgLbTd86__nxcbqu7zvvw1yGFeRabs92yIaO-YgnQHU4VuRmGGycwEFQfpAW06rEKmTB7IJae4I06Y4shJVgPoefPkXAir4mDZZb2SlOzmR7TzPr&sig=Cg0ArKJSzDX5Wx1p0CDkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=682&cbvp=1&cstd=679&cisv=r20220921.24494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 23 Sep 2022 20:50:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/18175197109097881812/ Frame 75D7 		83 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
1f7ae19fdd7838b4f34c714a5aa8a8c8c6d5b7f17a8c462a02d1cc2efa0f3584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
21366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20358
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 14:54:35 GMT
expires
Sat, 23 Sep 2023 14:54:35 GMT
last-modified
Mon, 12 Sep 2022 05:31:25 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F1C3 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7Qp-gbkTdLZ05d193FwC3v1gjrjf1LQWbFe19QcwRPsdoY9pu85WYNEG5NPmXUdX76pqPGy7Qc4_rN3Plus6nXTj0gq4naI_3kjzQha_sJckEtCA6-gGVpb3JTJA7iQcYJogoeaddTEu3Vvp5O9_lMzsBbKyPS22eN3H0RPf-hzzdML2IrFpkZzmboSZBWBcqNv2bU6yF24Je6xdghlnVxClegjMRMN4FtK0h7dDx6XtgSl-IIKD1_qGI7KdTwbCZWOqG7V_6h5ueDI4zFTi3yoPaRuZlCXSJq681XkApuhaI5pD-mMp3xuoO0yBkW7n6d0dB_wzkw4qlv2yDfwwSBv4iQy5Xp3kb-f8r4a_jERTA95wFukLsugY_MfeuJ3lOO_DiIx3iLNvka-06E6jrEyASSvxwqbQSS7xEJn-AttnH3mF_GNDkPe8mpZRmV2Xu4BZ6hyjyo2FMbA4NJO5LfyIUMWk9OFF_ClkBzlDoslpyej7wH-Pn0i4KBa58ky1yPr6-8SIY1v4rg9IxFcrATehCBdBz5N2cF3Ca3O38OJF3OUtau8VKEpYpTUa4h5PSZlnnTdGOAoWrTvjdeI1LIluvpy-DsDxlEt-oyDRAS6TBepi03kAmkpund1Qzml_SU9MacuCVIqjAlBlZDdaGQVyzH-7LcDGKGShC4lGApYm0VgnnbemUZt9oA5LCeS6baPzKFBXCOjh2noCtppY0DQxbGX8MfLKMUD1l8uh3Tv2UAgPp651zpRB4FRcuo2zckfpSLJuEOBffpmDOwf4Kr2cpGzGDPmLVS6MyKmTsFpwRItUUCKFhDczKxrT-iAN8oJCGkj9M1NYWbkgu9NFjW_2PIh566nIquZyszXuPa281wtNte-rQ5eMAwX1d_8GaBxOTypEL_ibcZUt9hLw-pcQT85FUwn0YD8g4P7P3lfgGTRE4mKYd0N68gHwLOtA8LOh_zkyZWHWYRqP5FSQtiZeAusTRwP4XpST94LepV79wxcwisYguFHNaVRE9GRZaM4gZow-qH8dmdpmcAwK2ZBrl1PkKE3JQYK9_feH-McLGz-mr9n6v5P2rceaD0fAxTRLlaQipQdaie-bcGnSddjgNCKLoU6547yzoTG1RqURNfKLeFzq0RnNrT9TX-6ZtoHfQJg9I1xyGx4gkKHQcuUamdTg5Cyzde7CrSTWD2G-VAN7AlQkX2Y3oIjWJjkvon1mBaeaRoTJWCLezzR4d0EFsrrZp4Kg4XalJk6jLtAv61mWWgxz69k5pqjPveMmRfp1J16oEOM994ApRqIZRPt27DeMEpxWtAGziaMk&sai=AMfl-YTFSntIHYwOZ7gShWeB00DoFLMfk_V_GpHditQgBJvlmEXW6xZd1jPv4x36WdULIjvf6YY7E99UbLN5-lPItUd_FzKtS7pB6UHLwQBkEFZ2QhYE8K0DYxZnKA5-kkiJNXUwegvt0kdlJXP24-m9dKO6F-zeOjNDAqE3LYwlCWBnusRc43eoMGNBoD0vXSVa74g8Yn9JrqG8oCu_gs3PYyDi&sig=Cg0ArKJSzF0wzsoLZ21QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=899&cbvp=1&cstd=897&cisv=r20220921.63838&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 23 Sep 2022 20:50:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame A817 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkqwz1RQHA4vDKQn3cPHcdjHPOePkM3cB5_YXLlCXVK9gOrxU3nyondyrHPHeGpc73j9Xfhq0gT9H3ZwOtyyV_N6Co&sig=Cg0ArKJSzCV5Qo-mJHnLEAE&cid=CAASFeRoA7rjwoln1GSMbmNi18r5Ff9hUg&id=lidar2&mcvt=1011&p=300,5,900,125&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663966239958&rpt=797&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 11CA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLB9QIBwuY83iINm4vgT0jrT4CwAAAAA4AeAEAg&bg=!8fKl8rbNAAYIxsuQKMY7ACkAdvg8WkaQB8RYaVwacHyVvZNn85Id5oaPJNZvEsukgRPVyZdlqlpVUAIAAACKUgAAAAFoAQeZAuSy8A9jmTlSR53jjTicYVEA6fJIWIKk19qXeJD4AKwGh35bbkR0qIsGwTJA0RevEw1HdDLbPF_iptgWEzSoJ0uRk_7nVuRsApxGay1mkTVCVsk_r6sucwFvwffn2KUe2GAAL6c9zEk2mMVMqamXEjmcTNwQoPE3m-Z3KPUhV0RM23Ku2KEuaZDiJL10QrX5ui_Zprl8vTWykJ-rXPWOi52EkAE8j-zUJyW2n0e2hKdd47C0RGdtk53vTvT0TO1fNlQy2Ctgxeuzm_Hrh9HaN1oSnfChnRZZZQPeNQ0zSHyq5Zqjm-iSl9SuJ-Dt7XdGBiNeMYSZCExdS5cGxIi2sqzFQfCjuObPHr7iS6fWNQ9btM1hnQowVnXzNYldcwGVf5h5dGdk0XVlxeG7-tqOOzM6OczVeb_RNm6PKetVpH1y0c30KU8MvI4lPkUvCjiAgSDBmewGYGVnZtDjWk3aBvLYl78sLMbULtk_NiFLf4YAe4LKwEhEu1xHlwdMCLKz7oSWrfW8rky4zyewrI_qHPzfs9s4Isp3MvAMcndNFhyNC849sTliiStnNYTbc6XbxoK8waPczbFdCRqvTHy7HdTqEOGLkV5uKCieJj9dgNjPAsuwBqJf9sT0E2zIeMe6vMIn4ovuJ1Gg_5FpMGHlDCXi1a_R58wVyFmX7WcLlyYeZBsk2_ljPrBgK_flkdPFnWDCF1hwdi4G9YKcV_HnCUkAuNgnU0GssLeUsp1hDeNOcmgfS3yma8xh-pr5491JE47kH4-Gz_wMO6M6Ovj2evYeDFy9YiLIO98X-Mdyb5t-ZpSH8Dl6Fe3S8Vk71kMFuA1Xy4OlGcMTuFBxUTJtcIkamZsdXq18ks_Ge5x3cYYfPJXUqvLDpbr_4hqUawKsa6R4gt3cqRF3ix7NaOqI735teHAPOtGqY8PYfiwToROkqdKhNYJ64Q6dR4seG8hzUpfLydP9chYbQzZ_aMatZMysCwmSHA
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F82 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCeruIBwuY-DMIp2M9fwPnJut-AEAAAAAOAHgBAI&bg=!mZqlmt7NAAYIxsuQKMY7ACkAdvg8Wpg-CCXIKzPGYK5ftdS3ipnXr7bOnAiR0cGwbMcggtQkxvkqoQIAAAB_UgAAAAJoAQeZAu8hRNb5V_2-lV4VwrTbJPFgqGVkbmDcGp3cJO6rmnWfxTItN_4Sd-yTTvH7dGES54bjXjBBIjR5v9D5GYijYZTFKGJ6XqxEoJ4TgrPZ28VKWGIt-2HKXyalU5avXkda6ANj2us9XO28URm5IM6-3ONN5kD-C5b8jgtIt5euKWjFTt0ewEdBbFUt_XSdmNU1esB5DSr1JRW3DX5iYdoUyS2FMHHbhKx_B7O46-evQJcBO-4K0n22tqpHIsHqU8E2fV3DU321ETb1-goPtZ5gNrTq3RH6jRmfDQ5jJpQ07IOvVhyv5u3Yol0RK9xW-6n0L7rxTkrp4Y7SwHHcrGH0ajTEDkTmNNPOdWHkrKYYwn6hJ4BUgbvlriIXEvMgnqSQ-FPJeNU_8ufNFnQkMt2Wm5uki449CwfTkSWfDaaZwIB8BJH0sYVsOBj863IiHM3jgEJzQuPx3V-arT9xS-SwU2n-hJDK3izTbjmfFB5rH0p49W7MW7zaJTPGLvWZoDrSIfZopJ9sHdMAW2dk21xL5PgyYWL3IIRWqHdLOQt5eZyFcDBBWEtDg9Hxn84vbceTZhjNBhREadiB54pcjxLB8WR0CWJSwEX3w48tg2ooJbKteFUYR9VSBmeXaB6KqyPBLpOuoka56bJlpnGlIc7Vda1GmG7jzWFmGvNTUalnKCr3Jl2nPtKt3wt5v2NTCtoA7Yy54Px-sEOLxDfl0mHyjywmmDqf57EBO2s7nq_g5VZfM9SWjSPvOSFaOecX2gtWHkG142e0PY2DAtXvY_61-qofw_hJ4IuXSQOxvuGMC_iuv2H7rzwMiMVC4HOeeTtMKmIxq72OUQxOhXjxKJVaFcVoDluz-SbcepYQaDOeXJj4eygce7JVETncFjrQCC-GXWM8mDvepKvvxdeHkrEizjXpP184i8u9TarSmwu8mWBavieTWvY5DXscAmWCl0w8VeT2g8DhPfnbFWM0yAWLYAfLFASaGWpYBdJ3BVruUM-M
Requested by
Host: 4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame DF3A 		417 B
549 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
310dda664802036c3f2d501f19d8b86e2f7a5b1a28d358437a5a8e4fb69b726e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2089674
strict-transport-security
max-age=31536000; preload;
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F1C3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzC8VAWnhVdXa7SAm_JDa-u-T7AjOfcCAe0bAZEy8UwHDBwcyNxwtXnru3CqI-S900csLGCekZ1qZN7lKLYm_M9pTKBB_t7pPZMmeMyrSHIyd6_0BbP8A9reKQnksHAarbut4&sai=AMfl-YRsp0lIPiiOkJNAxhEmIFJzEvup1kNyLJbeM7FW5-DcZqdMkh2UM4pXzM-MiUpDLrYm1knr6ROeWQRmdnsonr05vcLK_4kmHjAR4hsX4Zhy43Z_FGqh7Bp0LR25&sig=Cg0ArKJSzOuna8h1a5b-EAE&cid=CAASJeRojQlubxz14NTC9VLj8xZZe6sNhwQUNWMlOF5epC7CwaNLw7A&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663966239946&rpt=1088&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A25 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9Ao12GG37brye-INv9Q2KDpyB6D4sWOa0M7DuQVXu6eIZU441ETm6DywxcVu0aP6dFrevqyucU4SJuQRyxJZe_23LErYyRXE7boih2nF5-DhD0i-PJdVc73Bq-bN0MEnCAMA&sai=AMfl-YSrN7egIVq7pL1PIrHt_7AE5K-t_aDnbCsEmONNkVT-zpZJ5Ex98DG57zPK_X2gP3DN-7-eEopMet2LSKLbdLH0SvRS3_RDMPdikt57T-QmQUVCNYVc9PEyZSU7&sig=Cg0ArKJSzOR0P0cKJhqqEAE&cid=CAASJeRoisKflayG6EwhQLF22NOA10N5FlLDuy5qyQLkAeLIiKwMbeY&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663966239951&rpt=1142&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 75D7 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 11:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 11:05:38 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame EB78 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 11:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 11:05:38 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 23 Sep 2022 20:50:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
343953
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		426 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3bcbf3e9478cf14212c847639c8a1b30fd963677b8393f8e4be1cb5ce2c0af8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1628359
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
060495108f6d5323a22886efe814771e0d59b48004383de0ca8d5e6f96f161ea

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 23 Oct 2022 20:50:42 GMT
/
onetag-sys.com/usync/ Frame B8DC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663966238525
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
28bc7dba9400341e4d696f57c365a370840d3399988074e4001539d2931f5c81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1374
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 3309 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
22af572b7ebbad1e17b35f14f659a7086fcfd85f010b39cf729ab3d02b9b421d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
458
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 20:50:42 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1352 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44210
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 20:50:42 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 26202
X-Served-By
cache-lga21981-LGA, cache-mel11241-MEL
X-Timer
S1663966243.517863,VS0,VE0
checksync.php
contextual.media.net/ Frame C9CA 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cfa8f47125a56d077a4099df80368e006faf9384a1c7d610838b6b32e8448c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 20:50:42 GMT
expires
Sun, 25 Sep 2022 20:50:42 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 9DA5 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-7.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
49281
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 07:09:23 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e79b73e5f9ad915693bd9b6946372e82.cloudfront.net (CloudFront)
x-amz-cf-id
dCtVnNkBzQoodTwkFmqkdVmPSRDgVI6kBn75fSGyoVsSQxee_Mfr0A==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 8D43 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.240 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 20:50:42 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9C5E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 20:50:42 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 7C4D 		533 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9087797279ec6162c658e5625fc590c2f2e56890c7b29ea00c3955a0ad2e5315

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Fri, 23 Sep 2022 20:50:42 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D8190a844-dd57-40df-abe0-c057a059d881&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1281%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D8190a844-dd57-40df-abe...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1281%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D8190a844-dd57-40df-abe0-c057a059d881%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD04MTkwYTg0NC1kZDU3LTQwZGYtYWJlMC1jMDU3YTA1OWQ4ODE%253D%26uid%3D%24UID
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 23 Sep 2022 20:50:43 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1281%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D8190a844-dd57-40df-abe0-c057a059d881%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD04MTkwYTg0NC1kZDU3LTQwZGYtYWJlMC1jMDU3YTA1OWQ4ODE%253D%26uid%3D%24UID
date
Fri, 23 Sep 2022 20:50:41 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=8190a844-dd57-40df-abe0-c057a059d881&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=8190a844-dd57-40df-abe0-c057a059d881&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=311ef306-2d9e-4ffe-8a74-68fbe2b7b141&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528852980624694037&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10528852980624694037&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528852980624694037&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208950804283005789868&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980624694037&ssp=adaptmx&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980624694037&ssp=adaptmx&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:45 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980624694037&ssp=adaptmx&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L8EYJALY-6-9Q7D&gdpr=0&us_privacy=1---
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L8EYJALY-6-9Q7D&gdpr=0&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L8EYJALY-6-9Q7D&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=8190a844-dd57-40df-abe0-c057a059d881
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=8190a844-dd57-40df-abe0-c057a059d881&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-bek6mZJE2uFse1GTDYORSYzyzFNpVaSwjPyMOK4-~A&gdpr=0&gdpr_consent=
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-bek6mZJE2uFse1GTDYORSYzyzFNpVaSwjPyMOK4-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-bek6mZJE2uFse1GTDYORSYzyzFNpVaSwjPyMOK4-~A&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 20:50:42 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
null
s0.2mdn.net/sadbundle/18175197109097881812/ Frame 75D7 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18175197109097881812/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:50:43 GMT
Disclaimer_2.svg
s0.2mdn.net/sadbundle/18175197109097881812/ Frame 75D7 		80 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18175197109097881812/Disclaimer_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
8336984c43cf428f18a1f3bc59c1c746905df8c6c176cd41c5247bd0a136048f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11862
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 16:15:40 GMT
Text_1.svg
s0.2mdn.net/sadbundle/18175197109097881812/ Frame 75D7 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18175197109097881812/Text_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
39493498e2963b7fa4a00f0f0b423d9527f16d969b8e1441d32f2433a6ff84c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2995
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 16:15:40 GMT
Text_2.svg
s0.2mdn.net/sadbundle/18175197109097881812/ Frame 75D7 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18175197109097881812/Text_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
5241a1663567c42d254d310d1c8f3f5ce4b08e3b4d06209bf1c8db6c7b71a2c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3505
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 16:15:40 GMT
Text_3.svg
s0.2mdn.net/sadbundle/18175197109097881812/ Frame 75D7 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18175197109097881812/Text_3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
3dd4b8288bcb2aad3eca1a784727c8943586f2a9fcf6015a9bfe54d5c3d41352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3528
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 16:15:40 GMT
Illustration_2.svg
s0.2mdn.net/sadbundle/18175197109097881812/ Frame 75D7 		42 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18175197109097881812/Illustration_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
dd409ff51be597a5d7d13c53b8e6ec8a6fc12b69aea269793f7215444e26fcf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12541
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 16:15:40 GMT
Background.svg
s0.2mdn.net/sadbundle/18175197109097881812/ Frame 75D7 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18175197109097881812/Background.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
aad3814c0796363c8b3e769647d5238493388c93b8ef384e7700bac3fe45a946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18175197109097881812/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5628
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 16:15:40 GMT
truncated
/ Frame 75D7 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame EB78 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23fd75b7439727bc3a808979dbb1450953dfc55c8ce81442672ec609e8aa60c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
null
s0.2mdn.net/sadbundle/10977312179645291841/ Frame EB78 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10977312179645291841/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:50:43 GMT
truncated
/ Frame EB78 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 7C4D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4035254839846314974&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4035254839846314974&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4035254839846314974&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 7C4D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=355e9490-9caf-70fc-f151-eb14c05c5f06&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&ttd_puid=355e9490-9caf-70fc-f151-eb14c05c5f06&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&ttd_puid=355e9490-9caf-70fc-f151-eb14c05c5f06&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&ttd_puid=355e9490-9caf-70fc-f151-eb14c05c5f06&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 7C4D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yy4cI8Co8X0AAN64m8AAAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yy4cI8Co8X0AAN64m8AAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
3
Date
Fri, 23 Sep 2022 20:50:43 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":3,"gdpr":false,"ipv4":"103.209.254.113","key":"Yy4cI8Co8X0AAN64m8AAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad323"}
X-SO-Ads-Time
2
X-SO-Key
Yy4cI8Co8X0AAN64m8AAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad323
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yy4cI8Co8X0AAN64m8AAAAAA
Cache-Control
private
X-SO-HostName
m-ad323.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
103.209.254.113
sd
jp-u.openx.net/w/1.0/ Frame 7C4D
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afz716lt_Q2rks8ADsWuIP40ec8AAAGDbB3pkw
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afz716lt_Q2rks8ADsWuIP40ec8AAAGDbB3pkw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
via
1.1 423016d18a128e118b016383665b6de8.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Afz716lt_Q2rks8ADsWuIP40ec8AAAGDbB3pkw
cache-control
no-cache
content-length
0
x-amz-cf-id
82mGla5lSzhsXsvWQiByZYUJFHsaDKRNX9d674dWbUI4NWDvGX6U-Q==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 7C4D 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTkzMTQ3NWEtNTVkOC0yZTU4LWU0YjEtYjFhZDBhYmU5MTY2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7C4D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIRDZMoTjn-LgbbMASqvB0A&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIRDZMoTjn-LgbbMASqvB0A&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIRDZMoTjn-LgbbMASqvB0A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3309
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 3309
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3309
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBDKwQqBrAzQnYmvKbg2-tE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBDKwQqBrAzQnYmvKbg2-tE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBDKwQqBrAzQnYmvKbg2-tE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3309
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgzMTkyODM5NjUwNzEzMTg5OTc4Ng%3D%3D
date
Fri, 23 Sep 2022 20:50:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 3309
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1831928396507131899786&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1831928396507131899786&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d1b31243-b705-40a3-9d88-ac4d86d5cd8d&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d1b31243-b705-40a3-9d88-ac4d86d5cd8d&_noobservation=1&_expected_cookie=3eafc74...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d1b31243-b705-40a3-9d88-ac4d86d5cd8d&_noobservation=1&_expected_cookie=3eafc74c74efe4a86bd027e852f107d9
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Fri, 23 Sep 2022 20:50:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74f6277fa9c517cf-MEL
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d1b31243-b705-40a3-9d88-ac4d86d5cd8d&_noobservation=1&_expected_cookie=3eafc74c74efe4a86bd027e852f107d9
date
Fri, 23 Sep 2022 20:50:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74f6277e58b017cf-MEL
content-length
0
xuid
eb2.3lift.com/ Frame 3309
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1831928396507131899786&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1831928396507131899786&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=6d4f9c140fa54516bb99918dbf687b9f&ssp=triplelift&bsw_param=594e175c-b93a-484e-8662-079e65dbfa3c&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=594e175c-b93a-484e-8662-079e65dbfa3c&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=594e175c-b93a-484e-8662-079e65dbfa3c&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=594e175c-b93a-484e-8662-079e65dbfa3c&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 23 Sep 2022 20:50:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 3309
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1831928396507131899786?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-O8cDO7NE2oSbKT5IwOAzj9W7pIb9bE3QX3tyB_Piyg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-O8cDO7NE2oSbKT5IwOAzj9W7pIb9bE3QX3tyB_Piyg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 23 Sep 2022 20:50:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-O8cDO7NE2oSbKT5IwOAzj9W7pIb9bE3QX3tyB_Piyg--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 3309
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1831928396507131899786
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1831928396507131899786&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1831928396507131899786&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
AM67PR8WR9PJN0ZRK896
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1831928396507131899786&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 3309 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1831928396507131899786&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:41 GMT
etag
"8766f3fc1fc7d81:0"
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B72BC2E1F78F4D7FB09F3DC58F50371D Ref B: MEL01EDGE1509 Ref C: 2022-09-23T20:50:42Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 3309
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=aYTl_xTFSyrjpR5p2dI-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFMVI3C7PBKEM...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aYTl_xTFSyrjpR5p2dI-
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aYTl_xTFSyrjpR5p2dI-
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aYTl_xTFSyrjpR5p2dI-
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
all
csm.as.criteo.net/ Frame 425E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=30gHkURLj-A5UDJJCyow51idcRtIf_uBZr1CSNlmeJKv1o5MxQW5VE884gVgBZ-452wz00kRWV2t6QtHMLPs8Pewob9A_09v24PkUlgWSWX3WC7LCxDlHiRMw8quP1rZKV8_6cFvqdfrIZopwGjxu1VR9fl65jx0YmpMLU_-RWZmOL65lz6aYHSrfreYpSaxY8JIbFhv_XG0eIY5xSuxogvl1dnGs7aEy04MO-vZ7A-MsfcxttvinwoNAeutqLd1J_5jL_mqUUMrEUtA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy4cHwAHAJIJnUZNAAXM_RKKAWY9OvBOltnmWA&u=%7CtmUpvkU3inMXIGF512d%2B09rL2%2Bx1OsLuTkioOvQfvMU%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AvQzTadRkZ6u5UQGUB6emzlcJB1zXXwpBB8dYD6gEbiWGvc3GinVtifmqHDYJW6JclMI7YgUk2KiP_Jype9gq4ddaWmG2y2FCNbmuJLhLag0S6oRdj7a-Cw0_IeH-sGzkngR8HPScuovTBJsl-d3rmeC4VB06ZcagoNPTyGu2v05HYRvmyQ3ggB34bX2DdlhtXgY8fVlNrLzYenZ4b8w1YKU32aV1Of4eFdKIOre08uju2AEl01ogOh4JVsm_h3G1mNyl6qCX1-7d1Fuxaeu_Kwk7HQ1GeQsDaGQMZ7XVZTnpzn7LUDsSKfB0mpOUVs0Us-KHoQ1UFnr1F-4JsSq3QUx3RYLnz5Lt4uG8VPBfpAC9OAqM-rcc9kTL3K6xxrSw3gtFZEM5QyVdwWzL2GUsHPE0EFPZi0FNQ4khmEbiNsHYHhP6el1-XYyTMkR9_bMkDWs76F1MakVCQg3fRbe09NopXBdvmpPSNogW5xHx25WtP69cc-TXtFIfuio7U560T2QNfZ__bFQtgILpu0zOetHeaV2ZqzGUWUaMlU3Kvh1U4VqR3SR1SYYbYjKaAhfAg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTH-PHxwuY5KBHM2M9fwP_ZmX0AOY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCpn7VQb7ypT7gAgCoAwGqBNwCT9BaJxNBxkkQZ-XsWgFQmtAmbR9idDvF7YeuP73kuMWPNB1poondQv1pivi2X8q_keYfkr4s895q_SQePwV3deC0yxm_vxuWrH4uOC4urZShInvfAN5suS--zALGxSNXQGglKt5fCVoA0ciDtVUWN5s36FQkGtaMA4zIfDce5eM-ZjXSdx3fg-o9XffqLednMgW3T1TVN4f9RRrBaYmoDjKt4h8c-zEGQGLONQPqULmqPnLLiESooTCHlcZicjscN_aZ5RuO0wMF8ANv7cJaEXfJO_31fW0Y0K6JVI11e_jMGnha85-DPhhBrOTiEEkBgnYKstr9r2WdK8FUeZTQslS8IeKa6epzI6vcoU4UMRN7xVzAQmWfvVjo-EWCT0TH6i2TZlSZ1LlpC-aRoNkg_02EL8aNtAU-hvSYDg0mZcZNm0HpOqusuWqck-Y-1rlyE0JkxEyhH67Z3Gcw4AQBgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0meFam3zVRvMdXMtWPP6gkMG8GRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 20:50:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sync
gum.criteo.com/ Frame C9CA 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3760aa5e59844f4df21430b505b85f4a387ac2205a76c510accc63a48ed1a762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1605206
strict-transport-security
max-age=31536000; preload;
expires
60
usync.html
eus.rubiconproject.com/ Frame 87EF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 20:50:43 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Sep 2022 20:50:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame B0C4
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Drkt%26refUrl%3D%26vid%3D396624253130696783815409290...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=rkt&refUrl=&vid=39662425313069678381540929000V10&ovsid=1921700045832649417
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=rkt&refUrl=&vid=39662425313069678381540929000V10&ovsid=1921700045832649417
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 23 Sep 2022 20:50:44 GMT
expires
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 23 Sep 2022 20:50:43 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=rkt&refUrl=&vid=39662425313069678381540929000V10&ovsid=1921700045832649417
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C365 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147665
content-encoding
gzip
content-length
5549
content-type
text/html
date
Fri, 23 Sep 2022 20:50:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 25 Sep 2022 13:51:48 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame C9CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dapx%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=apx&refUrl=&vid=39662425313069678381540929000V10&ovsid=7006693710408103041
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=apx&refUrl=&vid=39662425313069678381540929000V10&ovsid=7006693710408103041
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 23 Sep 2022 20:50:42 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:42 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:42 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e3f09915-1163-4a9e-89dd-933e326d8e0e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=apx&refUrl=&vid=39662425313069678381540929000V10&ovsid=7006693710408103041
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame C9CA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3069678381540929...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=opx&refUrl=&vid=39662425313069678381540929000V10&ovsid=fd72fd0f-37af-4a1c-921e-957a72b3cdda
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=opx&refUrl=&vid=39662425313069678381540929000V10&ovsid=fd72fd0f-37af-4a1c-921e-957a72b3cdda
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 23 Sep 2022 20:50:42 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:42 GMT

Redirect headers

date
Fri, 23 Sep 2022 20:50:42 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3069678381540929000V10&type=opx&refUrl=&vid=39662425313069678381540929000V10&ovsid=fd72fd0f-37af-4a1c-921e-957a72b3cdda
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame C9CA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dr1%26refUrl%3D%26vid%3D39662425313069678381...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dr1%26refUrl%3D%26vid%3D39662425313069...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8900097423
  • https://sync.1rx.io/usersync/tradedesk/c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
  • https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=r1&refUrl=&vid=39662425313069678381540929000V10&ovsid=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=r1&refUrl=&vid=39662425313069678381540929000V10&ovsid=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:44 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=r1&refUrl=&vid=39662425313069678381540929000V10&ovsid=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2806ba6c65d242d58f9bc5830d56ca33004
content-type
text/html
cksync.php
contextual.media.net/ Frame C9CA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Ddxu%26refUrl%3D%26vid%3D39662425313069678381540...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Ddxu%26refUrl%3D%26vid%3D39662425313069678...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=dxu&refUrl=&vid=39662425313069678381540929000V10&ovsid=4CnqC0zZ1OBPDd5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=dxu&refUrl=&vid=39662425313069678381540929000V10&ovsid=4CnqC0zZ1OBPDd5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 23 Sep 2022 20:50:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:43 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:42 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-02f7611d9bf2e5b40@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=dxu&refUrl=&vid=39662425313069678381540929000V10&ovsid=4CnqC0zZ1OBPDd5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame C9CA 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
383506
content-type
image/gif
expires
Fri, 23 Sep 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame C9CA 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame C9CA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dzem%26refUrl%3D%26vid%3D39662425313069678381540929...
  • https://stags.bluekai.com/site/23178?id=aYTl_xTFSyrjpR5p2dI-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBLFKGYX3YKRDFG6LSNJYFENLQGJSES...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=aYTl_xTFSyrjpR5p2dI-&refUrl=&type=zem&vid=39662425313069678381540929000V10&vsid=3069678381540929000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=aYTl_xTFSyrjpR5p2dI-&refUrl=&type=zem&vid=39662425313069678381540929000V10&vsid=3069678381540929000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:44 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=aYTl_xTFSyrjpR5p2dI-&refUrl=&type=zem&vid=39662425313069678381540929000V10&vsid=3069678381540929000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame C9CA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3069678381540929000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3069678381540929000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=62fb11c8-c09d-4f77-aa1d-f8102a3658e9&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=62fb11c8-c09d-4f77-aa1d-f8102a3658e9&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:44 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=62fb11c8-c09d-4f77-aa1d-f8102a3658e9&cs=1
Date
Fri, 23 Sep 2022 20:50:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame C9CA 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Demx%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.149.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-149-157.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
async_usersync
ib.adnxs.com/ Frame 1352 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:42 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dccdf40f-b728-4c03-a79e-897ec10b1c37
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame B8DC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 23 Sep 2022 20:50:43 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Sep 2022 20:50:42 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame B8DC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
/
onetag-sys.com/match/ Frame B8DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7006693710408103041
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7006693710408103041
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:42 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
da64d7f9-8d99-4afe-bbdd-997619ba41f8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7006693710408103041
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B8DC 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=nLg9HlcXmjYn7EqOVRzL8Bgxxh1fPnduPDieKRxaGx8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame B8DC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd5_ZY1lsjaZUJY0MSv47eg1PCCR6xWQ
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd5_ZY1lsjaZUJY0MSv47eg1PCCR6xWQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd5_ZY1lsjaZUJY0MSv47eg1PCCR6xWQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame B8DC 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
content-length
0
/
onetag-sys.com/match/ Frame B8DC
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCKK4uJkGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Fri, 23 Sep 2022 20:50:43 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame B8DC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KMhJRRaV-4NG-f2vVDRRY9Bgd87SI6Y5fHfoesNpFy8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KMhJRRaV-4NG-f2vVDRRY9Bgd87SI6Y5fHfoesNpFy8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
HSEVP7HAMVBXGDVAG7GC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KMhJRRaV-4NG-f2vVDRRY9Bgd87SI6Y5fHfoesNpFy8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame B8DC 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
content-length
0
/
onetag-sys.com/match/ Frame B8DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame B8DC 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:42 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame B8DC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
sync
x.bidswitch.net/ Frame B8DC 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663966238525
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
log
c21lg-d.media.net/ Frame C9CA 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=K3H0AAWJdh7ALmcmK32zuewSKcDoTH81&cs=15&vsid=3069678381540929000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 23 Sep 2022 20:50:43 GMT
usync.js
eus.rubiconproject.com/ Frame 9C5E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65298
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Sat, 24 Sep 2022 14:59:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6E46 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86c8a4c3088c36a6a0f4da55e0b07a58854437d9260ef72f695c5883701339ca

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f6277c8d9b5a4f-MEL
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 20:50:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sx5iLaCXMyW0QraU1QasHBTeRLGaMvIViiGPPXXKZeYwsDL8XLfS4mu0HUzwZsHjKg%2BG6HqWBn8X%2B502YA0kN38WGJWaC4%2F3OyAa5S%2BRT3HhQpoVxKyT6ToedtxraMbdWTn6keWw7WnEZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame C365 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18380993&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f48934f96dbfbb79c4f6d346549be62698d688a1cd9581dd206421d08dc9947e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 9C5E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vQ5-8fKbRwqZOHZKnjHnWg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vQ5-8fKbRwqZOHZKnjHnWg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vQ5-8fKbRwqZOHZKnjHnWg
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:44 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
1V5ZGBCQZVQSTXF2RP5V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vQ5-8fKbRwqZOHZKnjHnWg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFWUpBTFktNi05UTdE
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFWUpBTFktNi05UTdE
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFWUpBTFktNi05UTdE
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9C5E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame 9C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzM4NjY5YThlNDI4MWZmNTI1OTI4NmQ1NDRhOWM1ZGUwMjJhMWVhYg
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzM4NjY5YThlNDI4MWZmNTI1OTI4NmQ1NDRhOWM1ZGUwMjJhMWVhYg
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzM4NjY5YThlNDI4MWZmNTI1OTI4NmQ1NDRhOWM1ZGUwMjJhMWVhYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9C5E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HFka-p-FSpeI-awvYxJjTQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HFka-p-FSpeI-awvYxJjTQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HFka-p-FSpeI-awvYxJjTQ
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
JJPR0HDSY72XC68TP89K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HFka-p-FSpeI-awvYxJjTQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/TOK_yZC0HBuot1do43aJpQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7217229268336238396
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7217229268336238396
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Content-Type
image/gif

Redirect headers

date
Fri, 23 Sep 2022 20:50:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7217229268336238396
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 9C5E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=L8EYJALY-6-9Q7D&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L8EYJALY-6-9Q7D&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
65117J9J0PD7A4M9YVDW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L8EYJALY-6-9Q7D&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
setuid
px.ads.linkedin.com/ Frame 9C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EYJALY-6-9Q7D
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EYJALY-6-9Q7D
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 43932023FC794D048FAE4732FAA90111 Ref B: MEL01EDGE1915 Ref C: 2022-09-23T20:50:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpXlTlhVUws5ovMnIZFA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EYJALY-6-9Q7D
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame 87EF 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65298
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Sat, 24 Sep 2022 14:59:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0015 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147665
content-encoding
gzip
content-length
5549
content-type
text/html
date
Fri, 23 Sep 2022 20:50:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 25 Sep 2022 13:51:48 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 7BE4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.74.137.60 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-137-60.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c0ac59ec797206a3d9fe6ac761ede4702ab59a9555534fcf376e0592196fbd83

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 23 Sep 2022 20:50:44 GMT
etag
W/"05dab15fd19df95d567787b4efcad2d04"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 9EA3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
d03c86719796187ca364a0715a38b1819271c0c6e526016dcc5a44767e418c04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1397
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 420F 		947 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
150dc8dd80c4424ae2bedf778f9543091de43406f8cbc23c0796c8bbbae2cdef

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
947
content-type
text/html
date
Fri, 23 Sep 2022 20:50:43 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 954C 		1 KB
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9d86cb4a6bf5fc2784d5ea4c5cac75c0e1f2008be254b59e5c478477ee6f7a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f6277e4faa5a4f-MEL
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 20:50:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8M9nt%2BYiU%2BQ2JeEYtsvQuq5JWjtSxPj8Fh%2FwPCfMvXUGkKgzXaf2dv6jsDLOzRzRXslAxS3avoDZGEl%2Ftzhwjiokzw%2FkRhaye0NTWxrZHt%2FdG3AtpwU9C3Pz3ezBtXjP%2B%2FKwVx4yt%2B50mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9C93
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 20:50:43 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Sep 2022 20:50:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame 9DA5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8EYJALY-6-9Q7D&gdpr=0&us_privacy=1YN-
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8EYJALY-6-9Q7D&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
44.194.177.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-177-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:44 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8EYJALY-6-9Q7D&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
sync
ads.servenobid.com/ Frame 9DA5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7006693710408103041
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7006693710408103041
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
009fc7a6-e25e-4bdb-9e8d-d8b13b379c85
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=7006693710408103041
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 9DA5
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FXbiERZH9qdFTGi5TxKv4iNN
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FXbiERZH9qdFTGi5TxKv4iNN
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:44 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FXbiERZH9qdFTGi5TxKv4iNN
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 9DA5
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FXbiELZHxp0kwOdGT6SO2Dsn
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FXbiELZHxp0kwOdGT6SO2Dsn
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 23 Sep 2022 20:50:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FXbiELZHxp0kwOdGT6SO2Dsn
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 9DA5
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=3addc1ab-9fdc-49a3-b328-ef1262f503e8
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=3addc1ab-9fdc-49a3-b328-ef1262f503e8
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=3addc1ab-9fdc-49a3-b328-ef1262f503e8
Date
Fri, 23 Sep 2022 20:50:44 GMT
Connection
keep-alive
Content-Length
119
Vary
Origin
Content-Type
text/html; charset=utf-8
RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
sync.targeting.unrulymedia.com/csync/ Frame 9DA5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004&rndcb=2882063519
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6500381675878024568&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/594e175c-b93a-484e-8662-079e65dbfa3c?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:45 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sync
ads.servenobid.com/ Frame 9DA5
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1972084067388365219
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1972084067388365219
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1972084067388365219
Date
Fri, 23 Sep 2022 20:50:43 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 9DA5 		0
0
partner=adaptmx
ssp.disqus.com/ Frame 9DA5
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D8190a844-dd57-...
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D8190a844-dd57-40df-abe0-c057a059d881%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
44.198.244.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-244-56.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
content-length
0

Redirect headers

location
https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D8190a844-dd57-40df-abe0-c057a059d881%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Fri, 23 Sep 2022 20:50:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 9DA5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
date
Fri, 23 Sep 2022 20:50:43 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 9DA5
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-1e9c7540-4f44-3201-b19a-38a6c88cd9d8
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-1e9c7540-4f44-3201-b19a-38a6c88cd9d8
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-1e9c7540-4f44-3201-b19a-38a6c88cd9d8
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 9DA5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
date
Fri, 23 Sep 2022 20:50:43 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 1352 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cc1f70e2-6497-4caf-a3e2-d28a91c9f402
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 87EF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8EYJALY-6-9Q7D
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8EYJALY-6-9Q7D
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8EYJALY-6-9Q7D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 23 Sep 2022 20:50:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 23 Sep 2022 20:50:43 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8EYJALY-6-9Q7D
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
dcm
s.amazon-adsystem.com/ Frame 6E46
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:44 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
BTPRYFYAWKGZ0ZT1N6R8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
QW5FCGNNVN895EDD7KCF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6E46
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&expiration=1666558243&gdpr=0&gdpr_consent=
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&expiration=1666558243&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f6277f991e5a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSz%2B9USyUkkbfNFzkl9LPjAPyEKH19l9YK6Dt4sa1sf5xoz5pBkFoaiLo0WwtHRlv12uMurRgp7XFiZR7vkWyQpBU0nXrw85hxkaXLYL9Bp7XC45SiUwILRdpNh35wlg6GwIEwpkN3IG3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&expiration=1666558243&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 6E46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBAudE6NDdtOJ0ivdgieAHw&google_cver=1
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBAudE6NDdtOJ0ivdgieAHw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f62780aa135a6d-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhLMIcFK2NWQisxd1JmEfN9a94atRJFEZr%2BaktapDnCW4ONQMfWNMpg6AoFkYe0d252IV9Ns0pJxBFI%2FJCv8ptt5oCA8%2BnfzQw1nkquov0ydnVvzeGXqCpm4qkbGzA4RLmkDr4ktw5PoPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBAudE6NDdtOJ0ivdgieAHw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6E46
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7006693710408103041
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7006693710408103041
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f627832c485a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8M80seOPmyupq8p%2FXfBTh1uoXnwj6wQRBwVCMuu6hvMEKTzwbbO4AUV2DJwpty12phmcIt7Yp3L%2Fn6NNHi0PXk%2Fm8ewABVMvFUTAp2XOAAlyUdJtlggeWPzpg08DQQcegWNrrYrcyG110w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:44 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b0e85b9b-d623-48d3-b319-784b0ac25ead
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7006693710408103041
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 6E46 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966244.655678,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11260-MEL
rum
dsum-sec.casalemedia.com/ Frame 6E46
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=39XVY9iF1mPEhdc22t_KZd-FhmDE0oRljdVOjGnR
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=39XVY9iF1mPEhdc22t_KZd-FhmDE0oRljdVOjGnR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f6277fe97a5a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhUClSk5ywoaPX%2FIiZPj%2BjD0yGmQJwR8hAQhLpMSl4J0Sct%2Bo%2BrwycA%2FVFwFOP7m46dQnODDlqXOQd7ovfOBw2O5MKorvdhmyl5sj1BTSy8J2IHRWG4y0htNQCdILUNEY3IUsOcUW6%2F53A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=39XVY9iF1mPEhdc22t_KZd-FhmDE0oRljdVOjGnR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 6E46 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.170.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-170-163.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 6E46
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=MdSSz0JtS3lE2l2JxISRkWfR_nE
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=MdSSz0JtS3lE2l2JxISRkWfR_nE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f627861fa25a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fb52xOdBY5vH6EgZG8LMtf8dhrSWWYKV%2BrS6N62giBX3VQxu9MkzyJWnYUUajxFqjr9hRkTuGCy5vK%2FevNwc9cBZDPDFwUJQxxPhsRqz7PatmwAHuf30Lz4Y3hW3UIZo%2F%2Fsu%2FIeApF4r9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=MdSSz0JtS3lE2l2JxISRkWfR_nE
Date
Fri, 23 Sep 2022 20:50:44 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6E46 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yy4cILKEHw4EVhBn.HX6jwAA%264736
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f627800d643771-MEL
date
Fri, 23 Sep 2022 20:50:43 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
51
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Sat, 24 Sep 2022 00:50:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F1C3 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7Qp-gbkTdLZ05d193FwC3v1gjrjf1LQWbFe19QcwRPsdoY9pu85WYNEG5NPmXUdX76pqPGy7Qc4_rN3Plus6nXTj0gq4naI_3kjzQha_sJckEtCA6-gGVpb3JTJA7iQcYJogoeaddTEu3Vvp5O9_lMzsBbKyPS22eN3H0RPf-hzzdML2IrFpkZzmboSZBWBcqNv2bU6yF24Je6xdghlnVxClegjMRMN4FtK0h7dDx6XtgSl-IIKD1_qGI7KdTwbCZWOqG7V_6h5ueDI4zFTi3yoPaRuZlCXSJq681XkApuhaI5pD-mMp3xuoO0yBkW7n6d0dB_wzkw4qlv2yDfwwSBv4iQy5Xp3kb-f8r4a_jERTA95wFukLsugY_MfeuJ3lOO_DiIx3iLNvka-06E6jrEyASSvxwqbQSS7xEJn-AttnH3mF_GNDkPe8mpZRmV2Xu4BZ6hyjyo2FMbA4NJO5LfyIUMWk9OFF_ClkBzlDoslpyej7wH-Pn0i4KBa58ky1yPr6-8SIY1v4rg9IxFcrATehCBdBz5N2cF3Ca3O38OJF3OUtau8VKEpYpTUa4h5PSZlnnTdGOAoWrTvjdeI1LIluvpy-DsDxlEt-oyDRAS6TBepi03kAmkpund1Qzml_SU9MacuCVIqjAlBlZDdaGQVyzH-7LcDGKGShC4lGApYm0VgnnbemUZt9oA5LCeS6baPzKFBXCOjh2noCtppY0DQxbGX8MfLKMUD1l8uh3Tv2UAgPp651zpRB4FRcuo2zckfpSLJuEOBffpmDOwf4Kr2cpGzGDPmLVS6MyKmTsFpwRItUUCKFhDczKxrT-iAN8oJCGkj9M1NYWbkgu9NFjW_2PIh566nIquZyszXuPa281wtNte-rQ5eMAwX1d_8GaBxOTypEL_ibcZUt9hLw-pcQT85FUwn0YD8g4P7P3lfgGTRE4mKYd0N68gHwLOtA8LOh_zkyZWHWYRqP5FSQtiZeAusTRwP4XpST94LepV79wxcwisYguFHNaVRE9GRZaM4gZow-qH8dmdpmcAwK2ZBrl1PkKE3JQYK9_feH-McLGz-mr9n6v5P2rceaD0fAxTRLlaQipQdaie-bcGnSddjgNCKLoU6547yzoTG1RqURNfKLeFzq0RnNrT9TX-6ZtoHfQJg9I1xyGx4gkKHQcuUamdTg5Cyzde7CrSTWD2G-VAN7AlQkX2Y3oIjWJjkvon1mBaeaRoTJWCLezzR4d0EFsrrZp4Kg4XalJk6jLtAv61mWWgxz69k5pqjPveMmRfp1J16oEOM994ApRqIZRPt27DeMEpxWtAGziaMk&sai=AMfl-YTFSntIHYwOZ7gShWeB00DoFLMfk_V_GpHditQgBJvlmEXW6xZd1jPv4x36WdULIjvf6YY7E99UbLN5-lPItUd_FzKtS7pB6UHLwQBkEFZ2QhYE8K0DYxZnKA5-kkiJNXUwegvt0kdlJXP24-m9dKO6F-zeOjNDAqE3LYwlCWBnusRc43eoMGNBoD0vXSVa74g8Yn9JrqG8oCu_gs3PYyDi&sig=Cg0ArKJSzF0wzsoLZ21QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2814&vt=11&dtpt=1915&dett=3&cstd=897&cisv=r20220921.63838&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
match
c1.adform.net/serving/cookie/ Frame 9E9F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 23 Sep 2022 20:50:44 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 23 Sep 2022 20:50:44 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 839A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:43 GMT
Expires
Fri, 23 Sep 2022 20:50:42 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master nrt-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 0A3E 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 23 Sep 2022 20:50:43 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11260-MEL
x-timer
S1663966244.747778,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame BC03
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x67uju45lba
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x67uju45lba
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 20:50:44 GMT
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Fri, 23 Sep 2022 20:50:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x67uju45lba
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
ImgSync
image8.pubmatic.com/AdServer/ Frame DCCB
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=ZmoJHRCaDU27wa4PIRwuYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 23 Sep 2022 20:50:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame A98C 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:44 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame FFB7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:43 GMT
expires
Fri, 23 Sep 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1080794
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
/
onetag-sys.com/match/ Frame C47F
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=d7176d43ab594ca5a2aa8c758ae27fb7
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 20:50:44 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pxd
dps.jp.cinarra.com/ Frame DF66 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.32.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-32-10.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Fri, 23 Sep 2022 20:50:44 GMT
usersync
usersync.gumgum.com/ Frame C08A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004&rndcb=5244719263
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=594e175c-b93a-484e-8662-079e65dbfa3c&google_hm=NTk0ZTE3NWMtYjkzYS00ODRlLTg2NjItMDc5ZTY1ZGJm...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJom-Va-7xUSaYU_HaULQb0&google_cver=1&ssp=adconductor&bsw_param=594e175c-b93a-484e-8662-079e65dbfa3c
  • https://sync.1rx.io/usersync/bidswitch/594e175c-b93a-484e-8662-079e65dbfa3c?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-type
text/html
date
Fri, 23 Sep 2022 20:50:44 GMT
etag
RX2806ba6c65d242d58f9bc5830d56ca33004
location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame 6ACB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4CnqC0zZ1OBPDd5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4CnqC0zZ1OBPDd5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Sep 2022 20:50:43 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4CnqC0zZ1OBPDd5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-05e9653613838233f@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E42A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64b07e16-3b81-11ed-93f9-d07437c7098f
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64b07e16-3b81-11ed-93f9-d07437c7098f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Sep 2022 20:50:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:44 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=64b07e16-3b81-11ed-93f9-d07437c7098f
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
aws-apsoutheast1b-delivery-2
server
Cowboy
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 72FF
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=178b3bc8-1da6-44f3-a7ce-277c49c9b37f-tucta27a1a4&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=178b3bc8-1da6-44f3-a7ce-277c49c9b37f-tucta27a1a4&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Fri, 23 Sep 2022 20:50:44 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11282-MEL
x-timer
S1663966244.131812,VS0,VE142

Redirect headers

accept-ranges
bytes
content-length
0
date
Fri, 23 Sep 2022 20:50:44 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=178b3bc8-1da6-44f3-a7ce-277c49c9b37f-tucta27a1a4&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11282-MEL
x-timer
S1663966244.949533,VS0,VE94
x-vcl-time-ms
94
141
match.deepintent.com/usersync/ Frame 322C 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Fri, 23 Sep 2022 20:50:43 GMT
server
a
cookiesync
core.iprom.net/ Frame 52F2 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:45 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-85e303312211@version_1.526
X-core-time
0ms
X-server-arch
v2
/
csync.loopme.me/ Frame D1B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.173.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74f62780cbcb17cc-MEL
date
Fri, 23 Sep 2022 20:50:44 GMT
server
cloudflare
ImgSync
image8.pubmatic.com/AdServer/ Frame C638
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2566F278A4884DA9ACFEC98DA3577A05
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 23 Sep 2022 20:50:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 23 Sep 2022 20:50:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cksync.php
contextual.media.net/ Frame 7E93 		45 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3069678381540929000V10&type=pba&refUrl=&vid=39662425313069678381540929000V10&ovsid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 23 Sep 2022 20:50:43 GMT
expires
Fri, 23 Sep 2022 20:50:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C365
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7FO96eRcSD2G5HSMyzceTg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=147664
accept-ranges
bytes
content-type
text/html
content-length
5549
expires
Sun, 25 Sep 2022 13:51:48 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame C365
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9dbe4992fd5bbfeacc29bf9c9a6dda34c343c5a196b4e7c992ca534052750685791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5ZGJlNDk5MmZkNWJiZmVhY2MyOWJmOWM5YTZkZGEzNGMzNDNjNWExOTZiNGU3Yzk5MmNhNTM0MDUyNzUwNjg1NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5ZGJlNDk5MmZkNWJiZmVhY2MyOWJmOWM5YTZkZGEzNGMzNDNjNWExOTZiNGU3Yzk5MmNhNTM0MDUyNzUwNjg1NzkxNDI2YjU0MTdkY2UyMRAAGgwIpLi4mQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=f5850bd2-a8f4-4b71-8005-4d65bb4382c0
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=f5850bd2-a8f4-4b71-8005-4d65bb4382c0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:45 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=f5850bd2-a8f4-4b71-8005-4d65bb4382c0
date
Fri, 23 Sep 2022 20:50:45 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0abf632e-1c23-4d00-a1f7-554fbd238090
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0abf632e-1c23-4d00-a1f7-554fbd238090
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 23 Sep 2022 20:50:44 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0abf632e-1c23-4d00-a1f7-554fbd238090
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Sep 2022 20:50:43 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUM1M0JERTktRTQ1Qy00ODNELTg2RTQtNzQ4Q0NCMzcxRTRF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN_JdwaL2N_KVDBR3DW9DYE&google_cver=1
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN_JdwaL2N_KVDBR3DW9DYE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN_JdwaL2N_KVDBR3DW9DYE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E0DED384687F48F79322C592D3E05F2F
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
EC53BDE9-E45C-483D-86E4-748CCB371E4E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C365 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/EC53BDE9-E45C-483D-86E4-748CCB371E4E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.228.209 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-228-209.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
42 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
sync
x.bidswitch.net/ Frame C365
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=453&bidswitch_ssp_id=pubmatic
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=453&bidswitch_ssp_id=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//x.bidswitch.net/sync?dsp_id=453&bidswitch_ssp_id=pubmatic
Date
Fri, 23 Sep 2022 20:50:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hkMAuvxE2uWj83fuMpaIZOV5fTXiMIo-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hkMAuvxE2uWj83fuMpaIZOV5fTXiMIo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hkMAuvxE2uWj83fuMpaIZOV5fTXiMIo-~A&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 20:50:43 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DggaJAlYGSQVWBhxCwIFIg5YSScVD0siXAgZK9p4
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DggaJAlYGSQVWBhxCwIFIg5YSScVD0siXAgZK9p4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DggaJAlYGSQVWBhxCwIFIg5YSScVD0siXAgZK9p4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3891623332221362898
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7006693710408103041&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7006693710408103041&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
48e55f3c-32b1-4212-9c10-1fbc2fc5ada7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7006693710408103041&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4035254839846314974&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4035254839846314974&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4035254839846314974&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame C365
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7006693710408103041
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame C365
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5dc29f8de8e520bd&is_secure=true&networkId=17100&version=1&nuid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMT6LZ8H6rGwMV-5NAAAAAAAA&expiration=1664052644&nuid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
d1ba4609
rtb.gumgum.com/getuid/ Frame C365 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.159.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-159-169.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
rum
dsum-sec.casalemedia.com/ Frame 954C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&expiration=1666558243&gdpr=0&gdpr_consent=
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&expiration=1666558243&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f6278049d05a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e4EHod49Oh1BE0zRIbzzS5WWlJa2v3FEe9U6yPhKodmEBrScvJHlUPqNsy5dCYuMhH8VSCmlkVwke2jbYbxKB2B7N9gWMkCie9NW8gM6OcVNOC7%2FDYeKZGSV5itBgdTzmjfI9Ra5cryjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&expiration=1666558243&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame 954C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:44 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
GM8K0BB049TY4Z15H6N4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 954C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBAudE6NDdtOJ0ivdgieAHw&google_cver=1
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBAudE6NDdtOJ0ivdgieAHw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f62780da2a5a6d-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFXP5Zhe79FWluyG%2BIFJVTqQ3vMYZRGFf87cyHSgk6SvPA42%2FcQaVId%2F7ZO0G6wCbM1%2Fs6GzNSexIJlcGWlJPGzXTKQgYW%2BI%2FGE9ZmU7ySPUAolZotEovCUhp0PADOepwSLL29Ua8Pogng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBAudE6NDdtOJ0ivdgieAHw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 954C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7006693710408103041
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7006693710408103041
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f627840d375a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXBBGVgaInBm49v7pipTJar32EsXWC9CR9EJrNGRglNWZ4VDIQTwcRrbdhJOzk64gbUVyPnUC%2B7FzcNYz8ZDFu8dMLV42EnruNSYBTuw8fD2jqUhZLOJ6fvKA6T7vtFOljXnWYoN8nwjUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:44 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
af6a309f-cd07-485d-b7ec-ec0047cccf59
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7006693710408103041
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ium
dsum-sec.casalemedia.com/ Frame 954C
Redirect Chain
  • https://id.rlcdn.com/711587.gif
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
0
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFGnvBqjaOWib8PSgqfBQSfTUwq7k8y0UH1xVfMgoxXuagGY62ATm1o2yoplpCxR0AnLpi5y1ms6pcrVlL8ybd6mQmpdcVK%2BCUo5ZwKEeConhCu3A0wB2EkbQSyc7O1G7WC7QcPMLQv4Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
cf-ray
74f627817ac15a4f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Fri, 23 Sep 2022 20:50:44 GMT

Redirect headers

date
Fri, 23 Sep 2022 20:50:43 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 954C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=M_Gn-p1AS9Nl03qGZxIWEGfR_nE
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=M_Gn-p1AS9Nl03qGZxIWEGfR_nE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f62787086e5a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7JGDubKN3kEgGYJp7tl2go3iANM0SKS32qp916IcOnTKyuAIKy7Jub0%2Bvqvn5%2Bf4%2BPE6c%2BvZt16dNpfh3FsBw5hPV4Sy0pCWrNfFh2umoQ6FC2FLl95jJdAPisNVwhw2gkta82%2FJx8rOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=M_Gn-p1AS9Nl03qGZxIWEGfR_nE
Date
Fri, 23 Sep 2022 20:50:44 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 954C
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_632e1c242d513&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632e1c242d513
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632e1c242d513
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74f627841d555a4f-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=El%2BUdFfPFz8dEgexUn8BFxvFiOGAIakQ4VadGkF086skgsSYG8SoHF4vpP3L%2Fy39I16XprCEpPSt2c%2FmWvXXqU2t%2BOwNL9DBOZ4lIfqhGZXcV%2FZwz8wGY%2FGKOdp6pTyWS8qAnksQoCJynQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 20:50:44 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632e1c242d513
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
demconf.jpg
dpm.demdex.net/ Frame 954C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy4cILKEHw4EVhBn.HX6jwAA%264736?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yy4cILKEHw4EVhBn.HX6jwAA%264736
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yy4cILKEHw4EVhBn.HX6jwAA%264736
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.40.183.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-02f331cfe.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UjWWfuWgQ+4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v038-045a940a1.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
AGUIfXakSHw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yy4cILKEHw4EVhBn.HX6jwAA%264736
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
ads.servenobid.com/ Frame 954C 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:43 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3A25 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsup_gBWfn2dDH_SsDoXbSA1j2NmEKLyL2mFBGKoQoKh2Ky7Ptm2hi6_X4SDg-9qa99f7ygtH0qwoT0Vw-qGOU7F4mb7LYKw8lrFsrV1WPfQyK38J8iqG29RYpzy7mcc4_cak2Y7-CsVMlTn29iyYTt4CsfZ9xDw9dLybI2sNp9k1Kx-f7wD8ZXGl7QEjzCGsS9r5Yihsm5bpScQ7xym499_ohlt2YzqyBYM7H8yWh27O9uUvy4O845awdWSGS1e48d_-XdWP3BDfGVvxm4vhCaWGUYUrLZaO3et_taf0132b1yU5BkxgxJSEIZk95CKhcmU7CFlglxRzYaTcjvf7atV28tQclePpPMnuNXp0NHj9Hn8qzxJLrKuxev6yQClUXq2pgUjUseKoE1LpaAxpRvUFbR7xrH7wLpoWx7n_0sSEZhcYcH-HekFW0d0jltVLMVcyrM1aueYR4UKP2ftsQoXy_Im286WWfsFx6YgGtoZNd3MjwPN8_AdTBc5UZwn0P6BBaPUM5InRdFPMJ31qLo2FZAPyb_vSbGc1zJ1WUWEVco4rJtgvTHougsVKV4VPbuC6QIVWiPZLRFfbMyqQw-1neOohbnVjkY8bNCcYMNsIEicd8NVE0DyUih6pdPJHwrLlTF0nBDt5XhKpGVdNbAXZcpAg301ZKBsxRQuKGPd1GzkvBhWxLjs_9rcovBBDBv2pSU3vu8Aiwr5g7m1vTxbHxryI3ohcEUnMN0qAIvo3HbwmFja0JNzllI9LSjdusQdsNeahnrlYJ0eEXJevVtGSSsbukiESg2nQkSx2tC7iibaLvL8sunkIduvvsw-Z8YxDhkqOTtKWWGZMeGJjSDVHB4TUD94tcMg7DKXL1Y52QDHEpPEpQgfBhsFjMEK_dm0pJulkoDrvM6nz1lb4_1qnfF5OUk_90xNKED2cSK1dOhufGtg4U8973wnFWG-Pt_R6Xt6nKUow40r-nv_X_STc0sA-ItZXQeRLgmkYoVS8oI59UbuAzSoNVyXuXIRBAmSD6k7eMbcY80EKmT-xZem6RYLGMoXgH1LK6GLSuNiiYqwxc0DiQPpOf3OHsryWxLpC8s4a-7OyKBecr_-7M7EwAyiaMn0tUXAPsS9nNa44xqb9spvxod_wALBiSLmbQPVLr5KOXSdheBYwW-j2wY7w6508cybkzAgCBy3PXWlXizujDcMQUeF4Mm5VvjJTUfW3RWFUqacvDAL4Pnwy359qmC8n3BTtb29BqomN2ij3PvZ41vzD1PN1fgxGKNBrPNbY7VtTE8Y1pHB5xDNM5qzZ3JugPxqqKeE3ov2CQ&sai=AMfl-YQBxYpFOTDB5A8xrN5_ZIge00J-6bV93a5eu7JNUnbFWN0YxpZ5EUBoQupWdK1xmqSMZexOeT6lAvyYHXfTK6UBWiB4viagri6GEklgbgLbTd86__nxcbqu7zvvw1yGFeRabs92yIaO-YgnQHU4VuRmGGycwEFQfpAW06rEKmTB7IJae4I06Y4shJVgPoefPkXAir4mDZZb2SlOzmR7TzPr&sig=Cg0ArKJSzDX5Wx1p0CDkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2857&vt=11&dtpt=2175&dett=3&cstd=679&cisv=r20220921.24494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame 9EA3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd7LUSB8Od08U3l9CNS3k1PQi8ZDNDxg
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd7LUSB8Od08U3l9CNS3k1PQi8ZDNDxg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wd7LUSB8Od08U3l9CNS3k1PQi8ZDNDxg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 9EA3 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:44 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 23 Sep 2022 20:50:44 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x6 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Sep 2022 20:50:43 GMT
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=L8EYJALY-6-9Q7D&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=L8EYJALY-6-9Q7D&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://onetag-sys.com/match/?int_id=2&uid=L8EYJALY-6-9Q7D&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7006693710408103041
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7006693710408103041
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:43 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4f852c91-a2d4-4fe8-9c9b-4d65ec15372f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7006693710408103041
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9EA3 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=KMhJRRaV-4NG-f2vVDRRY9Bgd87SI6Y5fHfoesNpFy8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6506743396448035559
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6506743396448035559
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6506743396448035559
date
Fri, 23 Sep 2022 20:50:43 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 9EA3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=nVJyWtt_N8UQWx1xUIiKNIYsgg0b30XZvHtwHzkvyeQ
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=nVJyWtt_N8UQWx1xUIiKNIYsgg0b30XZvHtwHzkvyeQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:44 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
F4YWJRSS65GKBC06AH4Y
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=nVJyWtt_N8UQWx1xUIiKNIYsgg0b30XZvHtwHzkvyeQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
date
Fri, 23 Sep 2022 20:50:43 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJ6iavqIOjSxEpjZYb5X4H4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
date
Fri, 23 Sep 2022 20:50:43 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
/
onetag-sys.com/match/ Frame 9EA3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=594e175c-b93a-484e-8662-079e65dbfa3c&ssp=onetag&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528852980624694037&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf&ssp=onetag&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528852980624694037&ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208950804283005789892&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980624694037&ssp=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=30&uid=594e175c-b93a-484e-8662-079e65dbfa3c&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=594e175c-b93a-484e-8662-079e65dbfa3c&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=594e175c-b93a-484e-8662-079e65dbfa3c&gdpr=0&gdpr_consent=&us_privacy=
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 9EA3 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=KMhJRRaV-4NG-f2vVDRRY9Bgd87SI6Y5fHfoesNpFy8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 9C93 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65297
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Sat, 24 Sep 2022 14:59:01 GMT
sync
ads.servenobid.com/ Frame 420F 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5142224890575151820&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
711890.gif
id.rlcdn.com/ Frame 420F 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:50:44 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
rtb-csync.smartadserver.com/redir/ Frame 420F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=qZFsD0752BnT&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=qZFsD0752BnT&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:44 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=qZFsD0752BnT&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6db8fcb759-qdcqq
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 420F
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=5142224890575151820&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=5142224890575151820&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
XZMZ6QN45HK1PV8KN4NY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=5142224890575151820&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
csync.loopme.me/ Frame 420F 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.173.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74f627820ca017cc-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync
ads.servenobid.com/ Frame 9C93
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8EYJALY-6-9Q7D
  • https://ads.servenobid.com/sync?pid=323&uid=L8EYJALY-6-9Q7D
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L8EYJALY-6-9Q7D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.servenobid.com/sync?pid=323&uid=L8EYJALY-6-9Q7D
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7006693710408103041
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7006693710408103041
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:44 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d29383c-8927-448c-9d2d-66147384b27b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=7006693710408103041
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_4f97c14a-6827-4221-9982-048ae063fead&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3209392846824037581&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=594e175c-b93a-484e-8662-079e65dbfa3c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=594e175c-b93a-484e-8662-079e65dbfa3c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=594e175c-b93a-484e-8662-079e65dbfa3c
Date
Fri, 23 Sep 2022 20:50:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 7BE4
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28oCmk0VJ3wjiGxAAFPo875yag9Wb3Jx5-QsLltDuvsweep-lGqb9vX8R_p8qfK9L7%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_4f97c14a-6827-4221-9982-048ae063fead&obuid=ENC(oCmk0VJ3wjiGxAAFPo875yag9Wb3Jx5-QsLltDuvsweep-lGqb9vX8R_p8qfK9L7)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
38.133.127.127 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:46 GMT
Cache-Control
no-cache
X-TraceId
b96c6ecdb4be7886b6fabdcf306f2df6
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
date
Fri, 23 Sep 2022 20:50:46 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c26330e0-b4ba-48aa-962a-fbf9080c5e40
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=c26330e0-b4ba-48aa-962a-fbf9080c5e40
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 23 Sep 2022 20:50:44 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=c26330e0-b4ba-48aa-962a-fbf9080c5e40
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0bed572d-4ca6-4c4f-4b64-2f998115e402$ip$103.209.254.113
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-0bed572d-4ca6-4c4f-4b64-2f998115e402$ip$103.209.254.113
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-0bed572d-4ca6-4c4f-4b64-2f998115e402$ip$103.209.254.113
Date
Fri, 23 Sep 2022 20:50:44 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Dzs8wr9E2pfTxmR67Offdp.1zm6Osrk..S0K~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Dzs8wr9E2pfTxmR67Offdp.1zm6Osrk..S0K~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 23 Sep 2022 20:50:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Dzs8wr9E2pfTxmR67Offdp.1zm6Osrk..S0K~A
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=ad942239-660a-429a-b4bc-1096ac97e8af
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=ad942239-660a-429a-b4bc-1096ac97e8af
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=ad942239-660a-429a-b4bc-1096ac97e8af
Date
Fri, 23 Sep 2022 20:50:45 GMT
X-CI-RTID
ea70e1cc-49a7-40c6-a36f-2b873f298a44
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 7BE4 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
436023495
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 7BE4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_4f97c14a-6827-4221-9982-048ae063fead&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=aYTl_xTFSyrjpR5p2dI-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKZKRWF66CUIZJXS4TKOBJDK4BSMRES2...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aYTl_xTFSyrjpR5p2dI-&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aYTl_xTFSyrjpR5p2dI-&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aYTl_xTFSyrjpR5p2dI-&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=9255aa1a-008e-44ce-b50d-bd5c4abcd5c6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=9255aa1a-008e-44ce-b50d-bd5c4abcd5c6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=9255aa1a-008e-44ce-b50d-bd5c4abcd5c6
date
Fri, 23 Sep 2022 20:50:44 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
sync.targeting.unrulymedia.com/csync/ Frame 7BE4
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004&rndcb=715231789
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=594e175c-b93a-484e-8662-079e65dbfa3c
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=594e175c-b93a-484e-8662-079e65dbfa3c
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6977c0cd-e8cb-41e0-b03d-651cefe5ebaa&user_group=1&ssp=adconductor&bsw_param=594e175c-b93a-484e-8662-079e65dbfa3c
  • https://sync.1rx.io/usersync/bidswitch/594e175c-b93a-484e-8662-079e65dbfa3c?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:46 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004
pragma
no-cache
date
Fri, 23 Sep 2022 20:50:46 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=AaIM3b9KDQpe&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=AaIM3b9KDQpe&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://usersync.gumgum.com/usersync?b=pln&i=AaIM3b9KDQpe&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6db8fcb759-qstlj
expires
-1
usersync
usersync.gumgum.com/ Frame 7BE4
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5142224890575151820
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5142224890575151820
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5142224890575151820
date
Fri, 23 Sep 2022 20:50:44 GMT
content-length
0
sync
ads.servenobid.com/ Frame 7BE4 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_4f97c14a-6827-4221-9982-048ae063fead
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame BB1A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:44 GMT
Expires
Fri, 23 Sep 2022 20:50:43 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master nrt-pixel-x20 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=0abf632e-1c23-4d00-a1f7-554fbd238090&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 4F31 		0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 23 Sep 2022 20:50:44 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11260-MEL
x-timer
S1663966244.304437,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 5C33 		170 B
192 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV80Zjk3YzE0YS02ODI3LTQyMjEtOTk4Mi0wNDhhZTA2M2ZlYWQ=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:50:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CDC3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147664
content-encoding
gzip
content-length
5549
content-type
text/html
date
Fri, 23 Sep 2022 20:50:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 25 Sep 2022 13:51:48 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 2023
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 23 Sep 2022 20:50:44 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame 274B 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.149.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-149-157.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 23 Sep 2022 20:50:44 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame F6C2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Yy4cJMCo8X0AAN64m9wAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Yy4cJMCo8X0AAN64m9wAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Sep 2022 20:50:44 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Yy4cJMCo8X0AAN64m9wAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
8
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40316.dc2p.scaleout.jp
X-SO-IP
103.209.254.113
X-SO-Key
Yy4cJMCo8X0AAN64m9wAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"103.209.254.113","key":"Yy4cJMCo8X0AAN64m9wAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40316"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40316
usersync
usersync.gumgum.com/ Frame 08E0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Yy4cILKEHw4EVhBn.HX6jwAA%264736
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Yy4cILKEHw4EVhBn.HX6jwAA%264736
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f62782fbaa5a6d-MEL
content-length
0
date
Fri, 23 Sep 2022 20:50:44 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Yy4cILKEHw4EVhBn.HX6jwAA%264736
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNKs%2BcgXw8v%2FvsaLcuE%2F8lxSuV07bgN6mX4ANNwwJDVTrxOPmejQ9qlBO%2Fy%2Bdn6KzFne4B9RsvSpUOMW6OJ4VkzrkjoIPVEaZVs8RoATlXTQwE%2FUHV8O9kc44ApgX2i8gcow9M0rAjB65w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame AD22
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=60aY5ISNziYG5IrXmRIN&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=60aY5ISNziYG5IrXmRIN&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:50:46 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 23 Sep 2022 20:50:45 GMT Fri, 23 Sep 2022 20:50:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=60aY5ISNziYG5IrXmRIN&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 14D6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 20:50:44 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 23 Sep 2022 20:50:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 14D6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:50:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65297
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Sat, 24 Sep 2022 14:59:01 GMT
usersync
usersync.gumgum.com/ Frame 14D6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L8EYJALY-6-9Q7D
  • https://usersync.gumgum.com/usersync?b=mag&i=L8EYJALY-6-9Q7D
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L8EYJALY-6-9Q7D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:50:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L8EYJALY-6-9Q7D
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
542993.png
static.criteo.net/design/dt/3336/140731/ Frame 425E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/3336/140731/542993.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
bbc11ea532afa6e112838ab439ecb2a8a9ccdfb4a616ee68ca118ae6b491e934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:45 GMT
last-modified
Thu, 31 Jul 2014 01:21:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"53d99a07-17f6"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
6134
expires
Mon, 18 Sep 2023 20:50:45 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C365 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3069678381540929000V10%26type%3Dpba%26refUrl%3D%26vid%3D39662425313069678381540929000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9l0&_p=3493&cid=30709266.1663966239&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1663966240&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html&dt=%E7%96%B2%E6%86%8A%E9%80%80%E6%95%A3%EF%BC%81%E7%87%9F%E9%A4%8A%E5%B8%AB%E9%BB%9E%E5%90%8D%E3%80%8C8%E5%A4%A7%E9%A3%9F%E6%9D%90%E3%80%8D%E6%9C%89%E6%95%88%E6%8A%97%E7%96%B2%E5%8B%9E%EF%BC%8C%E8%97%8D%E8%8E%93%E4%B9%9F%E5%9C%A8%E5%85%A7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:50:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0015 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24157921&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c0c8897c07ccdb5eab86f2f2cb0f56d844b3e44dbd693ef435827aa782a31140

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
747
content-type
text/html; charset=UTF-8
i.match
a.tribalfusion.com/ Frame 3445 		0
0
setuid
x.yieldlift.com/ Frame F78A 		0
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=EC53BDE9-E45C-483D-86E4-748CCB371E4E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.177.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-177-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Fri, 23 Sep 2022 20:50:47 GMT
Vary
Origin
info
uipglob.semasio.net/pubmatic/1/ Frame 0015 		0
0
qmap
sync.crwdcntrl.net/ Frame 0015 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame 0015
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=EC53BDE9-E45C-483D-86E4-748CCB371E4E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&ttd_puid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf%2C
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOwmLyZP3jhRtZVTHPe27nZR9RlC8xcktDZJznMg&google_push=AZmPxg_LfOqWReFm7vAaqntgsTIbPUcOE22feVIV6Ue7AAnJuZiWiaHrw2vlY_VNAWIabHPDGaPd7fDldgvK-kUzxON9na4h2URh
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EC53BDE9-E45C-483D-86E4-748CCB371E4E&sInitiator=external&gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EC53BDE9-E45C-483D-86E4-748CCB371E4E&gdpr=0&gdpr_consent=
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&ttd_puid=80ce08ee-0a9f-4f93-9360-6dfb7a048dcf%2C

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| ucf object| request string| paramsString object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover function| setImmediate function| clearImmediate number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery function| jqAlias object| google_reactive_ads_global_state string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| descriptionPage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| dataLayer function| gtag object| google_image_requests object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

188 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ1sz34LYwCgoIgQIQ1sz34LYwCgoI4gEQ1sz34LYwCgoI5gEQ1sz34LYwCgoIhwIQ1sz34LYwCgkICRDWzPfgtjAKCQg6ENbM9-C2MAoJCAsQ1sz34LYwCgoIjAIQ1sz34LYwCgkIXxDWzPfgtjA=
.aralego.com/ Name: sspid
Value: b11e89c6-0886-3c65-9730-ffc5bea94fae
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 5ee390f7-5302-47a2-a74a-0648293b9bc4
.adpushup.com/ Name: ap_uid
Value: 600d0780-3b81-11ed-a2e1-000d3aa0267e
.adpushup.com/ Name: ap_usid
Value: 600d0781-3b81-11ed-a2e1-000d3aa0267e
.bg3.co/ Name: __gpi
Value: UID=000009d95d1a4c06:T=1663966237:RT=1663966237:S=ALNI_MasT43dKigZalWp1TYk0fG85hXI5A
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: e6f2abc9-3528-4f0b-ab87-23fca47b6cfb
.doubleclick.net/ Name: IDE
Value: AHWqTUnjuFK1Ibb89AgjwX13N0elZlUOXkHUjlFIn_dgHiJE9FfWT4Mhmtproi7OvXw
.openx.net/ Name: i
Value: e6f2abc9-3528-4f0b-ab87-23fca47b6cfb|1663966237
.rubiconproject.com/ Name: khaos
Value: L8EYJALY-6-9Q7D
.teads.tv/ Name: tt_viewer
Value: ab634983-3540-40a8-96f0-d694878e11d2
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwnri4mQY4AUABSAEQnri4mQYYAA..
.adnxs.com/ Name: uuid2
Value: 7006693710408103041
.omnitagjs.com/ Name: ayl_visitor
Value: a0da8c46a094fafaf1577e178a28043f
www.bg3.co/ Name: qcSxc
Value: 1663966238700
.adsrvr.org/ Name: TDID
Value: c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
.quantserve.com/ Name: mc
Value: 632e1c1e-c0039-c6caf-4ccd3
.bg3.co/ Name: __qca
Value: P0-1056483351-1663966238697
.prebid.a-mo.net/ Name: __amc
Value: 1_1663966238_1663966238
.a-mo.net/ Name: amuid2
Value: 8190a844-dd57-40df-abe0-c057a059d881
.prebid.a-mo.net/ Name: sd_amuid2
Value: 8190a844-dd57-40df-abe0-c057a059d881
.media.net/ Name: visitor-id
Value: 3069678381540929000V10
.media.net/ Name: data-ttd
Value: c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6~~1
.bg3.co/ Name: __gads
Value: ID=e6b809a264849de4:T=1663966237:S=ALNI_MbRxiDkPjdP4W7YF5U5kjIZ6TKruQ
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1663966240.1.0.1663966240.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.30709266.1663966239
.casalemedia.com/ Name: CMID
Value: Yy4cILKEHw4EVhBn.HX6jwAA
.casalemedia.com/ Name: CMPS
Value: 4736
.casalemedia.com/ Name: CMPRO
Value: 4736
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?]dmYwO!]tbPl1M>e)ZlrFUfJ+tGXxoDLuyZVD!NCBJ2_cS]*jn@_g+)3_.yw67*ghn3If)y3KL9D3I?+^<N]8g
.media.net/ Name: data-g
Value: CAESEMJ3VoURrzyaJhWIGqysbN4~~3
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A3873454392807042622
.3lift.com/ Name: tluid
Value: 1831928396507131899786
.c.appier.net/ Name: _auid
Value: ZmoJHRCaDU27wa4PIRwuYw
.c.appier.net/ Name: _gu
Value: CAESEO4jidh4RO6Tfv3satjcpa4
.sharethrough.com/ Name: stx_user_id
Value: adcb3657-9e57-41f2-ba0c-6f1085d76269
.criteo.com/ Name: uid
Value: 35fe275b-3602-4d08-ba8b-285f34b83b93
.send.microad.jp/ Name: TR
Value: d63aa07b9a27ea98546e413fcd84ce962af96f08d9663761
.fout.jp/ Name: uid
Value: 044fL9jcK9KE10jFMPgFmZRpfoc
.dap.fw-ad.jp/ Name: user
Value: 774dcd0f-4f67-3ad1-ad76-4bdd8c688e2e
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1663966241825000
.yandex.ru/ Name: yuidss
Value: 9252495421663966241
.yandex.ru/ Name: yandexuid
Value: 9252495421663966241
.adingo.jp/ Name: ID
Value: 1876a028e70a2f85d1bef01b6eeaa9c2
.tribalfusion.com/ Name: ANON_ID
Value: aMnseFR3YWi7UXuRvsr7Zb4ZbbrwtQHZaOG2xcNr2SkC6FaRF4ZcbxQoX2sRCWSZa6Zbk59t7wvES90UPUMfGwTgNf
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-23T20%3A50%3A42%22%7D
.openx.net/ Name: pd
Value: v2|1663966242|jElYiuvOiahI
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6|1663966242679859
.zemanta.com/ Name: zuid
Value: aYTl_xTFSyrjpR5p2dI-
.bing.com/ Name: MUID
Value: 12FC33E6A2946C270BAC21CEA3F46DD2
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-o
Value: fd72fd0f-37af-4a1c-921e-957a72b3cdda~~8
.bg3.co/ Name: cto_bundle
Value: KVVbxl9Jcm03VUF0QmVCSXN1SFRBOGw2QWtmV3lqRDZSa2FCbXV5MWt4Z3JIUE80c0twWkQzTUJYSTFoMGZsbGNLRGVqMEYyM2E1QThFVjIwTTR5JTJCTUlTZSUyRkhXVlQyaGJ6Qm96aWxFdlFFZzJsejVvQ0JaJTJGcEJHOVQyUDdpR29XWlZaWGhMa3JhcGZpREJROHNzQXZxQmx5TkElM0QlM0Q
.bg3.co/ Name: cto_bidid
Value: ToliyF84a3hWWERMVlFkZmpiZGxqWHBDJTJGTzU1JTJCQXJYSzUlMkJGek5wMVZ3bXF6OGp3Wks5Q255aXdXZ3FJdXIlMkJ4MXRsVVZoajZjTTJTS0haZ3IybDlHUmtXUHM5JTJGU2kzR1NpclYyVThSeWZLUmVGdlElM0Q
.media.net/ Name: data-a
Value: 7006693710408103041~~8
.linkedin.com/ Name: li_sugr
Value: d1b31243-b705-40a3-9d88-ac4d86d5cd8d
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&83218385-4497-4bb9-820a-0ab8020589aa"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2484:u=1:x=1:i=1663966242:t=1664052642:v=2:sig=AQFbBtm0Q9PjHkEeGsc20s2Zzzce3BxO"
.yahoo.com/ Name: A3
Value: d=AQABBCIcLmMCEMlTfWE0qkxwGfihhFZX-vQFEgEBAQFtL2M3YwAAAAAA_eMAAA&S=AQAAApIRVvWq3q_DzFzDrZ7389g
.turn.com/ Name: uid
Value: 4035254839846314974
.ladsp.com/ Name: cr
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidswitch.net/ Name: c
Value: 1663966243
.bidswitch.net/ Name: tuuid_lu
Value: 1663966243
.mathtag.com/ Name: uuid
Value: 0abf632e-1c23-4d00-a1f7-554fbd238090
.w55c.net/ Name: wfivefivec
Value: 4CnqC0zZ1OBPDd5
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYzOTY2MjQzfQ
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.ladsp.com/ Name: smn_uid
Value: HxBYGt6XKsKM-CXGJDWFUQ7FriD-NHk
.ladsp.com/ Name: lum
Value: CJPT9-C2MBIFCAMQ0AU
.bidswitch.net/ Name: tuuid
Value: 594e175c-b93a-484e-8662-079e65dbfa3c
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-xu
Value: 4CnqC0zZ1OBPDd5~~8
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EC53BDE9-E45C-483D-86E4-748CCB371E4E
.pubmatic.com/ Name: DPSync3
Value: 1665100800%3A201_197%7C1664496000%3A164%7C1663977600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1665100800%3A13_222_234_7_247_5_22_96_165_3_204_231_189_238_71_209_99_179_220_21_54_8_56_107%7C1669075200%3A69%7C1664755200%3A63%7C1664496000%3A15_2_223%7C1665187200%3A35
.mookie1.com/ Name: id
Value: 10528852980624694037
.mookie1.com/ Name: mdata
Value: 1|10528852980624694037|1663966243587
.mookie1.com/ Name: ov
Value: 9e6d014752360cf35ccdee3815768fa6
.adsymptotic.com/ Name: U
Value: 3eafc74c74efe4a86bd027e852f107d9
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
.admixer.net/ Name: am-uid
Value: 6d4f9c140fa54516bb99918dbf687b9f
.quantserve.com/ Name: d
Value: EPIBCwGVJ_ijAA
.media.net/ Name: data-pba
Value: EC53BDE9-E45C-483D-86E4-748CCB371E4E~~8
.media.net/ Name: data-r
Value: L8EYJALY-6-9Q7D~~1
.dotomi.com/ Name: DotomiTest
Value: 5dc29f8de8e520bd
ads.playground.xyz/ Name: connect.sid
Value: s%3AI_KemWyup8VSytxbLgIh-vDxIjWrLgEt.1w1166mu7TGmxeRQyWCc0IH2FHErUyoENny64cHEZmY
.analytics.yahoo.com/ Name: IDSYNC
Value: "196y~27bw:196n~27bw:194o~27bw"
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzKwMDEwMze2sDA2MzUytBTiM9Q18EstCysycSnwMUsBAHOVmmAlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZsaWZmZGJsYWYMAKwCSIkQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzKwMDEwMze2sDA2MzUytBTiM9Q18EstCysycSnwMUsBAHOVmmAlAAAA
.taboola.com/ Name: t_gid
Value: 178b3bc8-1da6-44f3-a7ce-277c49c9b37f-tucta27a1a4
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004%22%7D
.tapad.com/ Name: TapAd_TS
Value: 1663966243984
.tapad.com/ Name: TapAd_DID
Value: 80ce08ee-0a9f-4f93-9360-6dfb7a048dcf
.ctnsnet.com/ Name: cid_d7176d43ab594ca5a2aa8c758ae27fb7
Value: 1
.smartadserver.com/ Name: pid
Value: 5142224890575151820
.servenobid.com/ Name: pid_339
Value: y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
.servenobid.com/ Name: pid_337
Value: y-oRL5wZhE2uFh31qXTU4lShtWzkYVjH8Pk8jFCac-~A
.media.net/ Name: data-ze
Value: aYTl_xTFSyrjpR5p2dI-~~8
.rlcdn.com/ Name: rlas3
Value: BLXx/AFlG0wzIyh8nRpmySpjJImxg7PbIq+CO9mfhVY=
.servenobid.com/ Name: pid_312
Value: 7006693710408103041
.servenobid.com/ Name: pid_333
Value: Yy4cILKEHw4EVhBn-HX6jwAAEoAAAAAB
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.media.net/ Name: data-rk
Value: 1921700045832649417~~8
.mfadsrvr.com/ Name: tuuid
Value: 62fb11c8-c09d-4f77-aa1d-f8102a3658e9
.mfadsrvr.com/ Name: c
Value: 1663966244
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663966244
.ambientdsp.com/ Name: _aGeoIp
Value: HK-Hong_Kong
.ambientdsp.com/ Name: _aUID
Value: x67uju45lba
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.gumgum.com/ Name: vst
Value: a_4f97c14a-6827-4221-9982-048ae063fead
.servenobid.com/ Name: pid_318
Value: KMhJRRaV-4NG-f2vVDRRY9Bgd87SI6Y5fHfoesNpFy8
.dyntrk.com/ Name: dyn_u
Value: 07030001_632e1c242d513
.lijit.com/ Name: ljt_reader
Value: FXbiERZH9qdFTGi5TxKv4iNN
.onetag-sys.com/ Name: OTP
Value: KMhJRRaV-4NG-f2vVDRRY9Bgd87SI6Y5fHfoesNpFy8
.media.net/ Name: data-r1
Value: RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004~~8
.adform.net/ Name: C
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI-tON9OnrjjsQBRIWCgdzdng5dDUwEgsI8N3Yg-rrjjsQBRIVCgZjYXNhbGUSCwiWs5qO6uuOOxAFGAEgASgCMgsIroiYwIDsjjsQBTgBWgZndW1ndW1gAg..
.mookie1.com/ Name: syncdata_IOW
Value: 1
.rlcdn.com/ Name: pxrc
Value: CKO4uJkGEgUI6AcQABIGCKS3KxAAEgYI7bkrEAA=
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-d7176d43ab594ca5a2aa8c758ae27fb7&KRTB&23328-d7176d43ab594ca5a2aa8c758ae27fb7
.pubmatic.com/ Name: PugT
Value: 1663966244
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:4CnqC0zZ1OBPDd5
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4035254839846314974&KRTB&23150-4035254839846314974
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&KRTB&22918-c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6&KRTB&23031-c6c2ea0c-d40c-4bf4-83b7-4316bb889ba6
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMT6LZ8H6rGwMV-5NAAAAAAAA&KRTB&22713-AAAMT6LZ8H6rGwMV-5NAAAAAAAA&KRTB&22715-AAAMT6LZ8H6rGwMV-5NAAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0abf632e-1c23-4d00-a1f7-554fbd238090&KRTB&16736-uid:0abf632e-1c23-4d00-a1f7-554fbd238090&KRTB&23019-uid:0abf632e-1c23-4d00-a1f7-554fbd238090&KRTB&23208-uid:0abf632e-1c23-4d00-a1f7-554fbd238090
.simpli.fi/ Name: suid
Value: E0DED384687F48F79322C592D3E05F2F
.servenobid.com/ Name: pid_324
Value: 1972084067388365219
.pippio.com/ Name: did
Value: Yw1YMgrOyUvRtu5b
.pippio.com/ Name: didts
Value: 1663966244
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.pubmatic.com/ Name: SPugT
Value: 1663966244
.servenobid.com/ Name: pid_317
Value: 5142224890575151820
.id5-sync.com/ Name: id5
Value: 05859598-fe15-4d49-87b3-49d1821a85a7#1663966243971#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.socdm.com/ Name: SOC
Value: Yy4cJMCo8X0AAN64m9wAAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.adgrx.com/ Name: ADGRX_UID
Value: 64b07e16-3b81-11ed-93f9-d07437c7098f
.mfadsrvr.com/ Name: ssh
Value: !medianet,1663966244
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-DggaJAlYGSQVWBhxCwIFIg5YSScVD0siXAgZK9p4&KRTB&19420-DggaJAlYGSQVWBhxCwIFIg5YSScVD0siXAgZK9p4&KRTB&22979-DggaJAlYGSQVWBhxCwIFIg5YSScVD0siXAgZK9p4&KRTB&23403-DggaJAlYGSQVWBhxCwIFIg5YSScVD0siXAgZK9p4
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7006693710408103041&KRTB&23339-7006693710408103041
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEN_JdwaL2N_KVDBR3DW9DYE&KRTB&16514-CAESEN_JdwaL2N_KVDBR3DW9DYE&KRTB&23025-CAESEN_JdwaL2N_KVDBR3DW9DYE&KRTB&23386-CAESEN_JdwaL2N_KVDBR3DW9DYE
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-ZmoJHRCaDU27wa4PIRwuYw&KRTB&23130-ZmoJHRCaDU27wa4PIRwuYw
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-1e9c7540-4f44-3201-b19a-38a6c88cd9d8
.mookie1.com/ Name: syncdata_TAP
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E0DED384687F48F79322C592D3E05F2F
.servenobid.com/ Name: pid_309
Value: a_4f97c14a-6827-4221-9982-048ae063fead
.adform.net/ Name: uid
Value: 3209392846824037581
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2806ba6c-65d2-42d5-8f9b-c5830d56ca33-004%22%7D
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A1AhR8CMiEGttpC8116r6dE|t
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3891623332221362898&KRTB&23263-3891623332221362898
.pubmatic.com/ Name: ipc
Value: 0^^0^0
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.media.net/ Name: data-mf
Value: 62fb11c8-c09d-4f77-aa1d-f8102a3658e9~~1
.360yield.com/ Name: tuuid
Value: 9255aa1a-008e-44ce-b50d-bd5c4abcd5c6
.360yield.com/ Name: tuuid_lu
Value: 1663966244
.contextweb.com/ Name: V
Value: AaIM3b9KDQpe
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g9r|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 425324e9e90acba8
x.yieldlift.com/ Name: ylxuid
Value: 1e81a465-a68c-47f9-a6cf-960eeca53427
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-64b07e16-3b81-11ed-93f9-d07437c7098f&KRTB&23275-64b07e16-3b81-11ed-93f9-d07437c7098f
.servenobid.com/ Name: pid_310
Value: FXbiERZH9qdFTGi5TxKv4iNN
.casalemedia.com/ Name: CMTS
Value: 4729
.smartadserver.com/ Name: csync
Value: 92:qZFsD0752BnT|135:TAM_OK
.demdex.net/ Name: demdex
Value: 82878034383114278560542129153699643289
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJnz+NjnkGQwSKB0+A8/5Oa2uQBqXHOpsezbqpFwWh4NitzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0bed572d-4ca6-4c4f-4b64-2f998115e402.G7iX%2B7sSYg6Kly5D9BVsLyw1mva3V6zRYpOF7BXLJKg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AC-1XLUymTE9LZC-ZgRXkAmfR_nE.d3%2BtZ4QfQdHthlD88dp8ygv6pP2HaCuhw73DWvkzh5Y
.servenobid.com/ Name: pid_346
Value: ua-1e9c7540-4f44-3201-b19a-38a6c88cd9d8

11 Console Messages

Source Level URL
Text
network error URL: https://cdn.adpushup.com/42753/L2EvcGktYmVpLXR1aS1zYW4teWluZy15YW5nLXNoaS1kaWFuLW1pbmctOGRhLXNoaS1jYWkteW91LXhpYW8ta2FuZy1waS1sYW8tbGFuLW1laS15ZS16YWktbmVpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBmTqNZSOe0ScZqnx9yR9vM&google_cver=1&google_push=AZmPxg88BFcZzvetE_1jLOPiyKOfYeTnOt5Hvc82hFcX4iQtViehY6-okDhCL-iwkcxKQqMEsswHWLzJdpgxQwVOF40W1zQF8LySKFBZvk-OUj5dMnZmpeVgNXvRDUCASp02Za9UhDpH_XY
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript warning URL: https://www.bg3.co/a/pi-bei-tui-san-ying-yang-shi-dian-ming-8da-shi-cai-you-xiao-kang-pi-lao-lan-mei-ye-zai-nei.html
Message:
The resource https://d-3565599582756887759.ampproject.net/2209072154000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://s0.2mdn.net/sadbundle/18175197109097881812/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://s0.2mdn.net/sadbundle/10977312179645291841/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x67uju45lba
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D8190a844-dd57-40df-abe0-c057a059d881%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4fb6cdfc6f6a7601b72b1d9d5ba0d400.safeframe.googlesyndication.com
78d8cbd388dd889000a93cd0d93ce89b.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
aid.send.microad.jp
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
baebd14d6eb9f84ad2dab463d5e79661.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
c21lg-d.media.net
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-3565599582756887759.ampproject.net
d.adroll.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
gocm.c.appier.net
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
match.taboola.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
a.tribalfusion.com
pixel.tapad.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
uipglob.semasio.net
103.229.10.247
103.229.205.243
103.231.98.194
103.231.98.195
103.231.98.196
104.16.87.20
104.17.25.14
104.18.102.194
104.18.12.76
104.18.18.126
104.18.19.126
104.18.35.11
104.19.173.108
104.211.156.162
104.254.150.228
104.254.151.68
104.26.2.91
107.178.244.193
107.178.254.65
107.23.149.157
124.146.215.49
13.107.21.200
13.107.42.14
13.115.141.232
13.213.209.254
13.214.13.223
13.224.250.18
13.227.254.100
13.227.254.109
13.227.254.2
13.76.45.37
139.162.38.30
139.162.58.205
139.99.49.250
142.251.10.106
142.251.10.149
142.251.10.154
142.251.10.155
142.251.12.132
142.251.12.97
145.40.89.200
150.136.25.38
151.101.129.44
151.101.2.49
151.101.65.108
159.203.145.121
169.197.150.8
172.217.194.132
172.217.194.157
172.253.118.154
172.67.71.254
174.137.133.49
18.138.18.111
18.176.32.10
18.179.72.109
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.184.8.90
185.84.60.30
195.5.165.20
198.8.71.128
202.131.200.84
202.232.238.37
202.233.84.1
209.191.163.210
209.54.182.161
209.58.171.197
209.58.188.181
213.180.204.90
23.106.127.165
23.106.69.72
23.108.103.8
23.207.36.196
23.207.36.20
23.207.36.240
23.207.37.206
23.207.37.41
23.41.65.80
23.75.85.227
3.227.163.94
34.102.253.54
34.107.148.139
34.253.177.61
34.98.64.218
34.98.67.3
35.156.36.186
35.186.193.173
35.190.60.146
35.213.117.18
35.213.12.39
35.227.202.26
35.227.252.103
35.230.38.116
35.244.159.8
35.71.178.8
35.74.137.60
38.133.127.127
42.99.140.144
42.99.140.161
42.99.140.201
44.194.177.91
44.198.244.56
46.137.228.209
50.116.239.135
52.194.84.66
52.194.95.20
52.205.223.187
52.223.40.198
52.40.183.14
52.74.118.249
52.74.13.196
52.84.45.7
52.95.126.138
54.169.170.163
54.203.144.13
54.238.120.71
54.251.29.91
54.254.33.203
54.65.159.169
64.74.236.159
67.199.150.82
69.16.175.10
69.173.144.138
69.173.158.64
69.173.158.65
74.118.186.45
74.125.130.156
74.125.130.94
74.125.200.138
74.125.24.155
74.125.68.156
74.214.196.131
8.43.72.98
84.17.37.44
89.207.22.137
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0204e46bc07b43b273527df58d0abda3dffc04f627a26568e03bc743bf96a86e
027e46465c959498b495b69991cf9d0148ba760edfa7d3097f3d41f8727b2a2a
030c0a70a9cb65f42612963f2f859e6f36eaa80cd68f2d5384f0610fc750a089
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
060495108f6d5323a22886efe814771e0d59b48004383de0ca8d5e6f96f161ea
075d8972da441898736c859a0f54f950ba2dcdf94996d15939016d564ed1fb91
0818058dce6ddd054acc693717a91a4512ed5d284eccc1b759a59ec5197b00fd
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b9870d5d439cd41e0253e12613ebb657e76a2d860d3f74a14f163b046d6c68
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
150dc8dd80c4424ae2bedf778f9543091de43406f8cbc23c0796c8bbbae2cdef
162449fbab60d9a298cf82e62588dfa1570bf27822b5e973703bf2344e579c7e
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
168d0280d34425ecf7257f03bf084e2976eb698f80d1531cb12df80a2fcbd801
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192f321e7cb3d59e29ca481ae61c4529b449a5008d42acdfe195a6db4acbb5ec
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1cfd95e2224e6050da377589a6bd208192ce79bcdbfcfde371fe39214fa7c286
1e72d71e10ec459160b477ec9afea70cb0ddd6ae3f9871bd21dfd68926da686c
1f7ae19fdd7838b4f34c714a5aa8a8c8c6d5b7f17a8c462a02d1cc2efa0f3584
22af572b7ebbad1e17b35f14f659a7086fcfd85f010b39cf729ab3d02b9b421d
234a380ccfdc003786c4ed03eb23027477b810fd7a217648a436f530f8144bc7
23fd75b7439727bc3a808979dbb1450953dfc55c8ce81442672ec609e8aa60c6
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26f58f16dfccf4720d29caa2a5e127cfeca83c394b91fe27af844c718891d540
2714d9b88f0c50ccefa469ae332cdcaf154ba5af9e5e27eda0cefc0bd031db1c
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
28bc7dba9400341e4d696f57c365a370840d3399988074e4001539d2931f5c81
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
2e4a32504323b1dcab1f46be651ae7fefe4fe4b307534581b74e6810f377a170
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
310dda664802036c3f2d501f19d8b86e2f7a5b1a28d358437a5a8e4fb69b726e
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
34454ee7a784245e5033722bb5db320ddeea0b259ff1cf36921cd11fb0b1f3d0
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
35c011fd8348a0278ba3b047d3f96ccdda86a00297f5718aea87ad806d9c885f
36a465c1ae84e92bebe1d93bac6afe236ff509429b187e71e988a83a71c67b45
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3760aa5e59844f4df21430b505b85f4a387ac2205a76c510accc63a48ed1a762
39493498e2963b7fa4a00f0f0b423d9527f16d969b8e1441d32f2433a6ff84c0
3ad8b051f9e9a373ffbb7c9c93ecc76dc4dfa7cb23575d2e92527eb4a22af052
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bcbf3e9478cf14212c847639c8a1b30fd963677b8393f8e4be1cb5ce2c0af8d
3c26193d730fafbc677653462ad9c59d0eeab1c101f50c2bd516ecc60eb99d43
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd4b8288bcb2aad3eca1a784727c8943586f2a9fcf6015a9bfe54d5c3d41352
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ebdfdca9dc4986b996b7b4c761147a7eed8f81d8ef9fbc6c76dd78af73debe
4466654848b03e3faa64a5d0485b4bcbcf6e06442f625b951b6663ecd5d4da6b
45024afc25d6e774df48315bd2f32b4e95ffd1b77695939b5078505332a5f5dd
452cb6e68b8268c89e28217985990d3b0200294d9be2d8132645a8eef7738d30
458d32b43f59aecdeaece61e69b33c95e777d2a2a17616133bd4a2cf31f97410
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47049ed2e8ae9a68deca5cb9452287ff5272edba1d7b7380f30f1047ed58599c
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a011c36a45437dcf8aac135010e6771d824c0f5918583a3648173111d162472
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1df6a2e8accf448831c362319865b6995d6c8970533039da742bd6c5d9f56c
50559c2fc55e24ebdf4210531cc5c9b616c2838795f6ce0434fe62f0fe745cbf
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bc33bb9417b4e7bba61d521ff63fb05a29ac682124b317f899055e078133b7
5241a1663567c42d254d310d1c8f3f5ce4b08e3b4d06209bf1c8db6c7b71a2c9
52759e858038d5479ab775abdbd8e975e2d2ef6e633c98b3c1542f7e3cd8e150
5317d93c91bff96ea9da60f4b150889602f306b40279915cf6fe9b936605aedf
547e2f3ff15c5a85f009c8ccdb2d680035b24728e2f880e1c1d1e50f21e71339
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557098444c0ca1d6fdc3f9236e8789d9c6ecf423a466a6e70a8e06b5125da658
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58574e0b9b617b80c83b15922b5425cbd4f58e247c83935c4ca576cb0a7e7496
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5f746da18d46ab0d2b0e4d0ee70418c9369d92154ea23bcee063c20415d86102
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a100e1365de0df67fe5e549641669428ec60756b4701d70a54babeaa0a71e72
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
7196d3c73cafa7f5c4d3c82434dfaa7733b52c3309bab8cec3cba4872434acda
71bd03971b29ea308ed23709fb13360021fedd25eea3d88333909061ccd738a3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73611da1d48334fe85f516a1b6deb1592ed1ba0320c18560fea9dc64e830dc01
74acdbf52f3781b227daf7341ca3e8dd3edc7833232243f3ab320ecb5adbf636
77cd9a483177d7149d1eea99c6cb604ed30c86567dc6a8e32a11e571bcf1bf7b
78cc90ad6edbab01ff82512f4a689c035dd3310e281f38e3dcecf50e1dd6f7b3
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
805239aa4c6bae5fc0d1db04afb193246107cd6085d79a6753697bd5817f2f43
8059fd25c2a6b73cab0b2babf862eb1e848ce3a164f56cbad510a25f7024e2d9
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8336984c43cf428f18a1f3bc59c1c746905df8c6c176cd41c5247bd0a136048f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83675ee21c2d018e49cefa9bb97ac9bb9092879aee8630d835cb7911abb7cf57
83f42e068d5a1937469e6f1c3effa74883322bfe6e028043d2366c9164be06ac
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
86c8a4c3088c36a6a0f4da55e0b07a58854437d9260ef72f695c5883701339ca
8773c1b13cce7cb3a4f2a918f796c5ed7efe77572cacd73911f47d29457ec3a8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
8da1d5524d6312edecf30714dbd3c14afcb5958416aadbb5e574839530fe4429
8ea33f5be401d63ab42b5defdd30f07365c1ded22ddf56b0343bdf5795d26e0c
8ec55a086ac744f17f414cc9f396b2f2563310ac05f84ac23969012f3ab8fb3c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fde449e41f9fb857ca0d3294492b091510b054666779b030e52f2c7d7ab74a7
9087797279ec6162c658e5625fc590c2f2e56890c7b29ea00c3955a0ad2e5315
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
916e7fcfebf559891b0840b0b5efa1ed0f75b32ed5d5cd2ae6c204f054110246
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db
91ca2304e3db26df02cb5c28e0b11a4801d16d2426bf7164df1a64271b16ae6b
920737905abf2a99d696005c329e5169c72687d4988b4ae6fa29483477a6d841
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96b7c96548f1be0e4a334eb524c92a630b814bdfa16040660fbd9442c7dd72ad
96cc05f10a3c9d5a2b69aaa0523c4464c7a80476e79200065728fcf9046c2603
9877da08d685c71893cf2679c5cd1a849fec02bb120785d94d097fcba44eed7b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cea689027911272e45259579b20d1049f34154c314fd2f947ebb68dae581697
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a42f548400991d72d1cc9e42ff3ac7a7901341bdd19ded66a6a692235ad894cc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d68bddaf25272acf5a93c4371aa8d9cb5994b9708f1738adcc2137d25b20da
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a95bf470e167bce13f4c89c5ecf84b56dc61e4c87667efe9b263c955990d5119
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aad3814c0796363c8b3e769647d5238493388c93b8ef384e7700bac3fe45a946
ac70053453f5ade099dc1832670e6bd2507b78c92c89d89fec14b69150dd01d6
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b235ba0169aa8444fd2f5f377667855a21fb7c6c57dedeac3d522fc95153675c
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b4ff74c7d95e03f6cb798de6033e68b6ea3edfe81e8a7759dbb05690eaf95124
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b8495f96bf23b93cee2ad9dd1ebe81e84cac8fc9e8d247546ae2b5d64e6d0b40
b9a9b552edbd75ce0476b43a52e5f802b8ffb322e37ff9ce657b015adf83cd55
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc11ea532afa6e112838ab439ecb2a8a9ccdfb4a616ee68ca118ae6b491e934
bc005d69930e2883f8c4dffc0bac1fd88122890e46fc1ef8f218f7f6e76c4170
bd1409b94a7a31c87b0622c0e4a58b57ac9c5212a253c6e5f257a19075be0b2f
bef1e22dca3a21ec48c52c83a75413073077730b0c2e94086d2106153e97c872
c0ac59ec797206a3d9fe6ac761ede4702ab59a9555534fcf376e0592196fbd83
c0c8897c07ccdb5eab86f2f2cb0f56d844b3e44dbd693ef435827aa782a31140
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c40c7eb4af98bc81b1a73a2c17fabba5685e465ba367ad56eef3e7f2d44ff31c
c44996831ed2b4453e626dbf80aca15e6219fc5ef6b09eb41d0a07703d50cd8e
c4ab44029bc98c71d763ba62f4fe156d7b5cf635479f75e97d99ce681441cb72
c6298fc378566f1c3e7ba7c8153f71e6f2c5c6ab8b1cac9e2f7b2c9ed06147dd
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7c325dc8d93c414a78eb3e5b92f93ad55b1abea4ac96fd2a4e661aa7f3b3a1f
c89cb9ff33762c274e0ad9f27e27cac13fa6990f93f54e6607ab3e6c2628ffb7
cb1c106e5aecf93aba94a207bf31a25cbfdafe3087dc08eb0822e172bf375b67
cd310cd9df1443ab6b18cb88859bd2aa060c7a8f9f2bd944f3ee20cf053f9b7c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa8f47125a56d077a4099df80368e006faf9384a1c7d610838b6b32e8448c1a
cff80c4f1b69a054563ac49abcdb7e292d5cda2e3ea20ce5736e48001ba3b2ef
d03c86719796187ca364a0715a38b1819271c0c6e526016dcc5a44767e418c04
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d61a19b40876ff27c3d5af7857b9cf0ff937d0d978512ed80b14bcf32900a014
d65443771fb42819ba9cdce93855c1cb6fec378e5e2776b15d6be54d4cff793e
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
db30a12533a8bf008db3d68dd5e2b374118ca7a3c00137f77d593a6f3ab9ee69
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd409ff51be597a5d7d13c53b8e6ec8a6fc12b69aea269793f7215444e26fcf9
dd49efcf2016be7634ab43ebf91559d4d5e5e66d445030d092317be16409eb99
dd9d86cb4a6bf5fc2784d5ea4c5cac75c0e1f2008be254b59e5c478477ee6f7a
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e35eff4f59afe86999c04efa6eaa3a05d2ad027b6a32964e00aec029ca208f1f
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
ebd6049dcfe1cac963f479673ff653cf21887dc847216db221a5ba2d8c1db4fa
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
f11955261b68a419abdb0b44cbf2045b881afe22fc26240c6f9519f878cf61a6
f12f9006090ae41a6f5bb0a223f56f6379968eccb90ff43788854bcb04cd2383
f48934f96dbfbb79c4f6d346549be62698d688a1cd9581dd206421d08dc9947e
f4ae4fcf4bae3f81a991ad473dd027881023a736f4a02f1636d08e1f5d77f9cc
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156
fa04f3cfdacf3c432b9a28f320c3661e18efacc57fb5051965f437ae699591ec
fc06956b65e7d5c50973f1dd8a0e6132fc57e763da035bc04bc5971ffd692c9e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff9aaa56f07b739c67d1141422bc4a678180209d9ded2f95b6ec2319068bce68