urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-...
Submission: On October 22 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 10 countries across 77 domains to perform 404 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 643495.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
43 74.125.24.132 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.42 20446 (STACKPATH...)
17 104.26.2.91 13335 (CLOUDFLAR...)
49 74.125.24.157 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
11 142.250.4.155 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
6 142.251.10.157 15169 (GOOGLE)
1 74.125.200.94 15169 (GOOGLE)
2 142.250.4.97 15169 (GOOGLE)
2 103.229.10.192 16509 (AMAZON-02)
2 216.239.34.178 15169 (GOOGLE)
2 74.125.68.155 15169 (GOOGLE)
3 74.125.24.156 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
10 35.244.159.8 15169 (GOOGLE)
3 145.40.89.200 54825 (PACKET)
1 104.83.197.63 16625 (AKAMAI-AS)
1 52.74.120.52 16509 (AMAZON-02)
1 34.223.235.65 16509 (AMAZON-02)
1 35.213.117.18 15169 (GOOGLE)
3 139.99.49.250 16276 (OVH)
5 104.18.19.126 13335 (CLOUDFLAR...)
2 6 104.254.148.252 29990 (ASN-APPNEX)
3 54.150.80.212 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 34.246.170.209 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 13.227.254.11 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
5 172.217.194.155 15169 (GOOGLE)
46 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
4 182.161.73.142 55569 (CRITEO-AS...)
10 74.125.68.149 15169 (GOOGLE)
7 74.125.130.105 15169 (GOOGLE)
11 34 142.251.10.155 15169 (GOOGLE)
6 12 139.5.84.243 27381 (CASALE-MEDIA)
1 1 103.3.63.48 63949 (LINODE-AP...)
1 1 13.115.197.13 16509 (AMAZON-02)
1 1 52.77.5.11 16509 (AMAZON-02)
4 9 35.71.178.8 16509 (AMAZON-02)
1 35.213.109.249 15169 (GOOGLE)
4 4 52.74.162.2 16509 (AMAZON-02)
1 2 23.36.49.63 16625 (AKAMAI-AS)
2 2 89.207.22.137 41041 (VCLK-EU-SE)
1 202.233.84.1 131957 (MICROAD M...)
1 1 31.220.27.155 39572 (ADVANCEDH...)
3 3 74.118.186.44 26120 (RHYTHMONE)
2 2 202.131.200.84 17941 (BIT-ISLE ...)
2 3 35.213.12.39 15169 (GOOGLE)
6 7 3.33.220.150 16509 (AMAZON-02)
2 4 52.77.4.205 16509 (AMAZON-02)
2 2 185.84.60.30 198622 (ADFORM)
2 2 64.74.236.63 22075 (AS-OUTBRAIN)
1 1 3.82.239.128 14618 (AMAZON-AES)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 183.79.219.124 24572 (YAHOO-JP-...)
3 182.161.73.136 55569 (CRITEO-AS...)
1 104.83.196.24 ()
2 104.18.12.76 13335 (CLOUDFLAR...)
1 52.84.45.81 ()
1 151.101.65.108 54113 (FASTLY)
2 23.15.148.136 ()
1 2 69.173.158.64 ()
2 2 13.107.42.14 ()
1 2 104.18.98.194 ()
1 204.79.197.200 8068 (MICROSOFT...)
1 1 50.116.239.135 ()
1 1 202.241.208.100 ()
2 2 13.227.254.129 ()
1 104.17.24.14 13335 (CLOUDFLAR...)
5 182.161.73.135 ()
1 1 35.230.38.116 ()
404 66
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
43    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
tpc.googlesyndication.com
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
f809bdd58a113f424b582e7188b13a87.safeframe.googlesyndication.com
25cd982469f6774599cd7413a19565df.safeframe.googlesyndication.com
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
17    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
49    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.com.au
googleads4.g.doubleclick.net
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
11    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
securepubads.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
6    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
adservice.google.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
d-1932882742609460837.ampproject.net
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
2    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
partner.googleadservices.com
3    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
adservice.google.com.au
1    104.16.87.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
3    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
1    52.74.120.52 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-120-52.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    34.223.235.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-235-65.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
3    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
5    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
6    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
3    54.150.80.212 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    34.246.170.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    13.227.254.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-11.sin52.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
5    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
www.googletagservices.com
46    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
4    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
10    74.125.68.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f149.1e100.net
s0.2mdn.net
7    74.125.130.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f105.1e100.net
www.google.com
34    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
cm.g.doubleclick.net
12    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    103.3.63.48 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li819-48.members.linode.com
a.c.appier.net
1    13.115.197.13 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-197-13.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    52.77.5.11 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-5-11.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
4    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.36.49.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-49-63.deploy.static.akamaitechnologies.com
sync.teads.tv
2    89.207.22.137 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin03-usadmm-ds.dotomi.com
dclk-match.dotomi.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
3    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
3    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    52.77.4.205 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    64.74.236.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    3.82.239.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-239-128.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    183.79.219.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
cksync.yahoo.co.jp
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    104.83.196.24 (None, )

ASN- ()
contextual.media.net
2    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    52.84.45.81 (None, )

ASN- ()
public.servenobid.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.15.148.136 (None, )

ASN- ()
eus.rubiconproject.com
2    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
2    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
2    104.18.98.194 (None, )

ASN- ()
p.adsymptotic.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
1    202.241.208.100 (None, )

ASN- ()
tg.socdm.com
2    13.227.254.129 (None, )

ASN- ()
cr-p3.ladsp.com
1    104.17.24.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    182.161.73.135 (None, )

ASN- ()
pix.as.criteo.net
1    35.230.38.116 (None, )

ASN- ()
um.simpli.fi
Apex Domain
Subdomains		 Transfer
68 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
f809bdd58a113f424b582e7188b13a87.safeframe.googlesyndication.com
25cd982469f6774599cd7413a19565df.safeframe.googlesyndication.com
641 KB
58 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
582 KB
55 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
csm.as.criteo.net — Cisco Umbrella Rank: 17352
pix.as.criteo.net
327 KB
18 bg3.co
www.bg3.co — Cisco Umbrella Rank: 643495
static.bg3.co
137 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
ssum-sec.casalemedia.com
dsum.casalemedia.com Failed
12 KB
13 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22845
ads.as.criteo.com — Cisco Umbrella Rank: 17079
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17724
gum.criteo.com — Cisco Umbrella Rank: 425
dis.criteo.com Failed
80 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
5 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15799
e3.adpushup.com — Cisco Umbrella Rank: 17189
aplogger.adpushup.com — Cisco Umbrella Rank: 16696
217 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
287 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
5 KB
10 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13910
u.openx.net — Cisco Umbrella Rank: 664
us-u.openx.net — Cisco Umbrella Rank: 409
jp-u.openx.net
3 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
218 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
4 KB
8 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1042
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com Failed
token.rubiconproject.com Failed
14 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
4 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 618
secure.adnxs.com Failed
35 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28151
sync.aralego.com — Cisco Umbrella Rank: 2910
4 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
233 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1004
x.bidswitch.net — Cisco Umbrella Rank: 303
2 KB
4 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 109731
1 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8566
45 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
sync.teads.tv — Cisco Umbrella Rank: 1137
1 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
1 KB
2 ladsp.com
cr-p3.ladsp.com
1 KB
2 adsymptotic.com
p.adsymptotic.com
498 B
2 linkedin.com
px.ads.linkedin.com
1020 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
1 KB
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2796
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2865
956 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
contextual.media.net
cs.media.net Failed
13 KB
2 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1663
public.servenobid.com
5 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
1007 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
413 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 948
pixel.quantserve.com — Cisco Umbrella Rank: 516
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 15630
10 KB
1 simpli.fi
um.simpli.fi
619 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
5 KB
1 socdm.com
tg.socdm.com
856 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
666 B
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3317
618 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6970
542 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
696 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
618 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3981
324 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 3920
641 B
1 turn.com
r.turn.com Failed
ad.turn.com
441 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 3057
218 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 660
504 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 16094
558 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 18086
595 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 876
633 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4187
518 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
1 KB
1 ampproject.net
d-1932882742609460837.ampproject.net
0 bidr.io Failed
match.prod.bidr.io Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 lijit.com Failed
ce.lijit.com Failed
ap.lijit.com Failed
0 yieldlift.com Failed
x.yieldlift.com Failed
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 pubmatic.com Failed
ads.pubmatic.com Failed
image8.pubmatic.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 dyntrk.com Failed
gu.dyntrk.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 mookie1.com Failed
odr.mookie1.com Failed
404 77
Domain Requested by
46 static.criteo.net ads.as.criteo.com
static.criteo.net
cdn.adpushup.com
35 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
34 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
www.bg3.co
eb2.3lift.com
u.openx.net
27 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.bg3.co
17 static.bg3.co www.bg3.co
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
10 s0.2mdn.net static.criteo.net
www.bg3.co
s0.2mdn.net
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
9 googleads.g.doubleclick.net cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
www.bg3.co
7 match.adsrvr.org 6 redirects cdn.adpushup.com
7 www.google.com tpc.googlesyndication.com
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
6 ib.adnxs.com 2 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
ssum-sec.casalemedia.com
6 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 e3.adpushup.com www.bg3.co
5 pix.as.criteo.net ads.as.criteo.com
5 www.googletagservices.com googleads.g.doubleclick.net
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 googleads4.g.doubleclick.net www.bg3.co
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
4 ups.analytics.yahoo.com 4 redirects
4 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 csm.as.criteo.net ads.as.criteo.com
4 adpushup-d.openx.net cdn.adpushup.com
4 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
3 us-u.openx.net u.openx.net
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 x.bidswitch.net 2 redirects eb2.3lift.com
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 ads.as.criteo.com googleads.g.doubleclick.net
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 prebid.a-mo.net cdn.adpushup.com
www.bg3.co
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 pixel.rubiconproject.com 1 redirects www.bg3.co
2 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
2 b1sync.zemanta.com 2 redirects ssum-sec.casalemedia.com
2 c1.adform.net 2 redirects
2 sync-dsp.ad-m.asia 2 redirects
2 sync.1rx.io 2 redirects contextual.media.net
public.servenobid.com
2 dclk-match.dotomi.com 2 redirects
2 sync.teads.tv 1 redirects 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 cdn.indexww.com ssum-sec.casalemedia.com
1 um.simpli.fi 1 redirects ssum-sec.casalemedia.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 tg.socdm.com 1 redirects
1 ad.turn.com 1 redirects ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
contextual.media.net
1 cksync.yahoo.co.jp 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
1 dsp.adkernel.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 aid.send.microad.jp 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
1 y.one.impact-ad.jp 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
1 ads.yieldmo.com 1 redirects
1 ds.uncn.jp 1 redirects
1 a.c.appier.net 1 redirects
1 25cd982469f6774599cd7413a19565df.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 f809bdd58a113f424b582e7188b13a87.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 prebid.media.net cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
1 bidder.criteo.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 d-1932882742609460837.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 secure.adnxs.com Failed ssum-sec.casalemedia.com
0 token.rubiconproject.com Failed www.bg3.co
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 image8.pubmatic.com Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 ap.lijit.com Failed public.servenobid.com
0 ce.lijit.com Failed public.servenobid.com
0 x.yieldlift.com Failed public.servenobid.com
0 ssbsync.smartadserver.com Failed public.servenobid.com
0 g2.gumgum.com Failed public.servenobid.com
0 cs.emxdgt.com Failed contextual.media.net
0 rtb.mfadsrvr.com Failed contextual.media.net
0 dis.criteo.com Failed contextual.media.net
0 pm.w55c.net Failed contextual.media.net
0 cs.media.net Failed contextual.media.net
0 sync.mathtag.com Failed contextual.media.net
ssum-sec.casalemedia.com
0 ads.pubmatic.com Failed contextual.media.net
public.servenobid.com
0 p.rfihub.com Failed contextual.media.net
public.servenobid.com
0 secure-assets.rubiconproject.com Failed contextual.media.net
public.servenobid.com
0 gu.dyntrk.com Failed ssum-sec.casalemedia.com
0 dsum.casalemedia.com Failed ssum-sec.casalemedia.com
0 stags.bluekai.com Failed eb2.3lift.com
contextual.media.net
0 s.amazon-adsystem.com Failed eb2.3lift.com
ssum-sec.casalemedia.com
www.bg3.co
0 ssp.disqus.com Failed www.bg3.co
public.servenobid.com
0 odr.mookie1.com Failed www.bg3.co
contextual.media.net
0 r.turn.com Failed www.bg3.co
404 122

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-08-05 -
2023-09-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 55 frames:

Primary Page: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Frame ID: F0CC1A5FE0A2B5A9D3F7F6F294B6CFA7
Requests: 97 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D33027BB8E29C401828A0618F12A290E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9C9645D5ED00B475BFE4E840FBC27458
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 76BC41FDA5BA45618EE354ED3D2486E1
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 3F6464E36E208D2BD46E7E2E33DF38E1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-25250029013817205087&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3081&oid=2&is_amp=5&amp_v=2210010655000&d_imp=1&c=995007025&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&ga_hid=7025&dt=1666432894259&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&bdt=2477&dtd=448&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 00CF0C5A5242E2A9EF7617071AC26E82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Frame ID: 3E1AC626AD6CF4F6C524561CDBFBD58D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
Frame ID: F6BB298E4984B435641C6213F8FFB3EE
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 08D3C3923D8D08C950EDD8BECFDA90B2
Requests: 10 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: AA10BBC2EB03BB67C8634192F92A6593
Requests: 9 HTTP requests in this frame

Frame: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Frame ID: 83BC2B58B9C0ECE2FDC42B71D25DDAC6
Requests: 12 HTTP requests in this frame

Frame: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Frame ID: EBD98DA21E796EFA71FBF53BB272A6D2
Requests: 12 HTTP requests in this frame

Frame: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 480AA3DA59980D2D0BA18BF7A23C7856
Requests: 1 HTTP requests in this frame

Frame: https://f809bdd58a113f424b582e7188b13a87.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C58EEE7BC49A066B3FB6485C38B1D2FB
Requests: 1 HTTP requests in this frame

Frame: https://25cd982469f6774599cd7413a19565df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A9347E47F134E045C5475374AA374FC2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C534EE28B170C45CF476C0E8117D8AC2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F414CF55DCDFD562993DCF708B5D417
Requests: 2 HTTP requests in this frame

Frame: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA6EDD5311248115ABF797EB73679350
Requests: 14 HTTP requests in this frame

Frame: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A9FB5F3441F776B3669B756942CFC6F
Requests: 14 HTTP requests in this frame

Frame: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4538ACF0A12E9A6883D9F3773F079817
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 584D59A123B105DABD4C55BCA3B4EEAB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC455C0CEA2B91C6F86CE13DD720AE8D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVbY1rOFcVd5JeRNamFcev0OtsPrJmPlGIYzHXKy5wbTIKBh2JwRUXo3x_a4kaV661nzk1netwYauHe0qICdcjuTQYbgw
Frame ID: DEE5957C0E81246DF30C2A08747E441D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXJHefUMrMBSH-DegOeR97_zUqKfkEzgMRzDkHdsv3YB0lF-LNt-gkKUOKW5qk4a-Ve4IZAXe6ypDux9ZqTroOT9OLuTA
Frame ID: 38C170F45E355F7875138066953D4197
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: E6FD40A03EF85EF8EC84B31E02ED46F3
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6832069019313942EB742ACD25611159
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 076FAA001B215B344A66D6DF9EED889B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D0E0E09A3D56EAFFB01188D50E100B0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B717E7C4736797C2BEA78AD60A50467
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D03D859814BE313D33440515670950BD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 156AB2FCDDFABA6B69EEFCC04308EED8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D3BFE3D298EF199106012A83B22F92B1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 73CA379B2BAC8BB794340A2E8307F012
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F22DC85D40AD15EEE3604F34488731A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
Frame ID: ED3E37C6773A1BD392857763A4AA3154
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
Frame ID: 2C6251C2288AA866C5837C9E9E53DEAD
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5421F070A7DC35BD949B32EACC6105E7
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 72EBAC04BB9D0939E7F090398368A7CD
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F12F363DC7F0846BB92EF7600BA7EAD3
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 04D130B5B8209CF2DE2DB37D4CEC5E23
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1666432895658
Frame ID: 7090117DAACF1895B3AFAE6FA147CA3D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A58B4B4E9723890020DE6E0D2E8F9C83
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5B02A4F69CADF2CD9B9AF0F5DE040644
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D05271FACA81FAF6C4693ED438557DEA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4A17FD51DE7DF578F3BE4115623C265E
Requests: 10 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Frame ID: E0D179BB556713E84666B20A722E9F76
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Drkt%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D%7Buserid%7D
Frame ID: 6387400B33FFA82B2B2EC61B4FE663D3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dpba%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3DPM_UID
Frame ID: 1C3FDF6D892A891BC816886543B280F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 21D9A5ABEB97776736B991B409535FFC
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 20BD29F03BEF838BBB3EC5059FFD2603
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CEF31C7F81EC8DBC2B89D4A800FD25CF
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 8E5D4E5758E3EEB3455093402A3C92C4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: B232CB235898F236DA03C01D9F489B55
Requests: 10 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
Frame ID: 2678D2D83BA2CDA918D96D09D24D53EE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 46F3D9B3DF8DCEAD7F247ECC95F56F3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

保全被嫌態度差!過來人揭「暗黑真相」嗆:先想想你們做了什麼 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

404
Requests

75 %
HTTPS

0 %
IPv6

77
Domains

122
Subdomains

66
IPs

10
Countries

3030 kB
Transfer

8310 kB
Size

68
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1&C=1
Request Chain 214
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1O-g7xHxCVJSWJG3oD2HgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAKbd1TLCjyL3c-Kr_XzeMI&google_cver=1
Request Chain 216
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDE4ODY3NjAzNjQ2OTgx
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1&C=1
Request Chain 218
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1O-g7xHxCVJSWJG3oD2HgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAKbd1TLCjyL3c-Kr_XzeMI&google_cver=1
Request Chain 220
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDE4ODY3NjAzNjQ2OTgx
Request Chain 227
  • https://a.c.appier.net/gcm?google_gid=CAESEFkfGBrDf9wEWskUhtn9qaI&google_cver=1&google_push=AZmPxg9WxLNmYkOMpSLMjM7VsW8R2oHBybPAWrsdGGp-azxMXGuc_LyNh6v5oOy62ZXlrgQYyKH65VwePbNSKkMiBG6vvtk381iT8l-fmctGXYva1vP1MSF5YxKLLXYS-KM5TqycteqCfaznIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=THZfOEhTZ2lEdXVmMkdJNGhMOVRZdw%3D%3D&google_push=AZmPxg9WxLNmYkOMpSLMjM7VsW8R2oHBybPAWrsdGGp-azxMXGuc_LyNh6v5oOy62ZXlrgQYyKH65VwePbNSKkMiBG6vvtk381iT8l-fmctGXYva1vP1MSF5YxKLLXYS-KM5TqycteqCfaznIw
Request Chain 228
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEIj8Kc8ctYIABbvKL4uUTcE&google_cver=1&google_push=AZmPxg-_-auv6liWOdW1PHuPU-tuuZ4bOKJfmR-ImOmV5xRrEzyxu3kKGM8HLdaAwM3t_mccZ0syBDfH1qCtNFHMl0qsMF3TC0IosgTZe-51sHcjIGM7it_UykVQxy0d06Im8F5B-1nOlDmElw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg-_-auv6liWOdW1PHuPU-tuuZ4bOKJfmR-ImOmV5xRrEzyxu3kKGM8HLdaAwM3t_mccZ0syBDfH1qCtNFHMl0qsMF3TC0IosgTZe-51sHcjIGM7it_UykVQxy0d06Im8F5B-1nOlDmElw&google_hm=AVUaUYlHvEy9vs_5Sx1RtmY
Request Chain 229
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMCY1gTydKp7TgVSS57mk-g&google_cver=1&google_push=AZmPxg_-3_2srW9deD4be_fFZHxuRSQsRU5GJrCljixV5-kO-6Z_x4qLJWCj1wXEGi5MYb8ZlnWqJbHuLbf6faFgqOfAU3b0DneL4WkkRRX8lsPfPe9M7ToHpRuQQ9fdeoyaxcUGpXfIskKjxw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_-3_2srW9deD4be_fFZHxuRSQsRU5GJrCljixV5-kO-6Z_x4qLJWCj1wXEGi5MYb8ZlnWqJbHuLbf6faFgqOfAU3b0DneL4WkkRRX8lsPfPe9M7ToHpRuQQ9fdeoyaxcUGpXfIskKjxw&google_hm=ZzkyY2FlOWU3MmU1MzBlYzg4NGU=
Request Chain 230
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFwpAwab5ooD7zqjf2-i6aM&google_cver=1&google_push=AZmPxg8qhSKmMQ1l_tK7VHtahIkD_E5QZgL-dYEwGOrNTqPrcGVSrfZDhsM68Uf0Q6FyZUcc0MCeYHyE7k9-xXSYuryOF15PX19Ysdjek4aOKcTAuHwriVKrzg8Uzcqb5R7ldKSLKusDCzbBGQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8qhSKmMQ1l_tK7VHtahIkD_E5QZgL-dYEwGOrNTqPrcGVSrfZDhsM68Uf0Q6FyZUcc0MCeYHyE7k9-xXSYuryOF15PX19Ysdjek4aOKcTAuHwriVKrzg8Uzcqb5R7ldKSLKusDCzbBGQ&google_gid=CAESEFwpAwab5ooD7zqjf2-i6aM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D&google_push=AZmPxg8qhSKmMQ1l_tK7VHtahIkD_E5QZgL-dYEwGOrNTqPrcGVSrfZDhsM68Uf0Q6FyZUcc0MCeYHyE7k9-xXSYuryOF15PX19Ysdjek4aOKcTAuHwriVKrzg8Uzcqb5R7ldKSLKusDCzbBGQ
Request Chain 232
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJW5tHYiToFv3u5rH-_VT0M&google_cver=1&google_push=AZmPxg-4HTYtwOyuXhjIhLDSYtagcpdv5wnBsfjbMNekMQ-3Vx2EDAwIV5h6MCw4Jm2fDj7Qo9g3Zvr7c1G3OQui4_82EgIMPXppXcSiIcrR7RkE05V0wzrA4tQP0c5oChQP5T0o5Qxz-EvK5w HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJW5tHYiToFv3u5rH-_VT0M&google_cver=1&google_push=AZmPxg-4HTYtwOyuXhjIhLDSYtagcpdv5wnBsfjbMNekMQ-3Vx2EDAwIV5h6MCw4Jm2fDj7Qo9g3Zvr7c1G3OQui4_82EgIMPXppXcSiIcrR7RkE05V0wzrA4tQP0c5oChQP5T0o5Qxz-EvK5w&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YN01fV0VSRTJ1Rnk0X05OTnpPODhfSWVCZjhTSjVJWH5B&google_push=AZmPxg-4HTYtwOyuXhjIhLDSYtagcpdv5wnBsfjbMNekMQ-3Vx2EDAwIV5h6MCw4Jm2fDj7Qo9g3Zvr7c1G3OQui4_82EgIMPXppXcSiIcrR7RkE05V0wzrA4tQP0c5oChQP5T0o5Qxz-EvK5w
Request Chain 233
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHfXgep4QXlOUVuxUISkp7c&google_cver=1&google_push=AZmPxg9nqKLi1YCpg13ABsMo3mLQrddAFnlGjU25lTKOmfAtMS6Bl1UYbujafUajmXDKgAQOAFZH-nM14gMIqEPzIALCGCJY_Gq3IDTTnFD6zfPHz-YRMieqE315_i-oS6ZUfudCHyuz2PoWZPI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MWQ1YTAxOWYtNDRhMC00NGE3LTkyNTAtNGZiNzA5MGQyYzhh&google_push=AZmPxg9nqKLi1YCpg13ABsMo3mLQrddAFnlGjU25lTKOmfAtMS6Bl1UYbujafUajmXDKgAQOAFZH-nM14gMIqEPzIALCGCJY_Gq3IDTTnFD6zfPHz-YRMieqE315_i-oS6ZUfudCHyuz2PoWZPI HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 252
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFVV_UXKqEKZVrem0qnuPts&google_cver=1&google_push=AZmPxg_C-w88bERJdg6p1oMX7DAQBkqX_r0Q7-4yGUaYZsc_cCAyF5RcIqkQWWkIbFprDHT7jCO0fCSS0CeA_JE-5Zhejk14uA1vNrrvGj4mmGK9HMqZvWgzRlN2cWfnCPHGEkHlFJPE5DGw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg3MDk5NjQyNTU0MTEzMDYwMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFVV_UXKqEKZVrem0qnuPts&google_cver=1
Request Chain 253
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO_hn4t_oq7hyxQXBmwxzkM&google_cver=1&google_push=AZmPxg8Osc8fRk-h_-Gtx3c7QJqWf4hwI0OPm8NbpRXjdz7Kjt0wXXEmYfrzXuw9xdRaO2I-YVXvo-T0monahu9_VN5McHt5ZOJoiyuJ-VKPviQC_RNVvBkB97wIzQ6lY4reHgId-iLep34g HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3cbef8449def1b32&is_secure=true&networkId=14000&version=1&google_gid=CAESEO_hn4t_oq7hyxQXBmwxzkM&google_cver=1&google_push=AZmPxg8Osc8fRk-h_-Gtx3c7QJqWf4hwI0OPm8NbpRXjdz7Kjt0wXXEmYfrzXuw9xdRaO2I-YVXvo-T0monahu9_VN5McHt5ZOJoiyuJ-VKPviQC_RNVvBkB97wIzQ6lY4reHgId-iLep34g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqWxZsGnO2QM3QX6bAAAAAAA&expiration=1666519301&google_cver=1&is_secure=true&google_gid=CAESEO_hn4t_oq7hyxQXBmwxzkM&google_push=AZmPxg8Osc8fRk-h_-Gtx3c7QJqWf4hwI0OPm8NbpRXjdz7Kjt0wXXEmYfrzXuw9xdRaO2I-YVXvo-T0monahu9_VN5McHt5ZOJoiyuJ-VKPviQC_RNVvBkB97wIzQ6lY4reHgId-iLep34g
Request Chain 255
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEEr4CytXYLodsibQBGogGtk&c_param1=AZmPxg-1zxEjSwj2w_2vAybJKqAFxwEAVxUs6VuxupCpyzevAPJQ0bnUteN-NSWW37z6bsQobfPpCsgM96nwR532pQT1n24G9JTe_OhGRRugYzGz3lP_4uBzIQxK_ugK3JHXTVF_uJbybEHB&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg-1zxEjSwj2w_2vAybJKqAFxwEAVxUs6VuxupCpyzevAPJQ0bnUteN-NSWW37z6bsQobfPpCsgM96nwR532pQT1n24G9JTe_OhGRRugYzGz3lP_4uBzIQxK_ugK3JHXTVF_uJbybEHB
Request Chain 256
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGi4PJNG6T-mS3d-QPt1vIE&google_cver=1&google_push=AZmPxg-yUbYAWkpzduEdIPng21o2NyrQIrm9PeUtkvD6Sgry_Odq-qSYqPQgdj33HNakAB5on-beqqTUDL2WB1aZTKvDEmKw1vXeqaVEq-Z5MloHM42prG8pjjghy62rY817SfhVCG5hYgh8 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-yUbYAWkpzduEdIPng21o2NyrQIrm9PeUtkvD6Sgry_Odq-qSYqPQgdj33HNakAB5on-beqqTUDL2WB1aZTKvDEmKw1vXeqaVEq-Z5MloHM42prG8pjjghy62rY817SfhVCG5hYgh8&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1666432900378 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9a612cc5-bf98-4c3c-bbe3-7b68fefceb51-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-yUbYAWkpzduEdIPng21o2NyrQIrm9PeUtkvD6Sgry_Odq-qSYqPQgdj33HNakAB5on-beqqTUDL2WB1aZTKvDEmKw1vXeqaVEq-Z5MloHM42prG8pjjghy62rY817SfhVCG5hYgh8%26google_hm%3DBJphLMW_mEw8u-N7aP7861E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-yUbYAWkpzduEdIPng21o2NyrQIrm9PeUtkvD6Sgry_Odq-qSYqPQgdj33HNakAB5on-beqqTUDL2WB1aZTKvDEmKw1vXeqaVEq-Z5MloHM42prG8pjjghy62rY817SfhVCG5hYgh8&google_hm=BJphLMW_mEw8u-N7aP7861E
Request Chain 257
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESECPTl96BNQiElevKhKEYksQ&google_cver=1&google_push=AZmPxg8Y3f9wwViVh0dRO0AXWxGwoJyGDa7IMrvxNMYHAc1YVCu4hlu78f2VPhjhFq47GAenO-csXiq3oQYIMvMtxF1B1MJz__W_D0nyMsRX7V4IN7AVpueqbH9NUJMgSmB31IPh0WXpVgOsng HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESECPTl96BNQiElevKhKEYksQ&google_cver=1&google_push=AZmPxg8Y3f9wwViVh0dRO0AXWxGwoJyGDa7IMrvxNMYHAc1YVCu4hlu78f2VPhjhFq47GAenO-csXiq3oQYIMvMtxF1B1MJz__W_D0nyMsRX7V4IN7AVpueqbH9NUJMgSmB31IPh0WXpVgOsng&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg8Y3f9wwViVh0dRO0AXWxGwoJyGDa7IMrvxNMYHAc1YVCu4hlu78f2VPhjhFq47GAenO-csXiq3oQYIMvMtxF1B1MJz__W_D0nyMsRX7V4IN7AVpueqbH9NUJMgSmB31IPh0WXpVgOsng&google_hm=MmhNZDNleHA3WHM=&suid-set=1
Request Chain 258
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg_cjLwqGEJA0sV8ZOaq8p635TlYAwPDCY2sSxH4m8HxYBsaUSw0m9CC2f7YuJ3F0ZcwzAF02YDFIYnAiWyK-jG9382pqtllqAHJ4VehBsx508hcQlxFoeeNFsoiGRv8bV7cAns1ZG-dXw?google_gid=CAESEB6176_zI5o7LVFqGyvYUuI&google_cver=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg_cjLwqGEJA0sV8ZOaq8p635TlYAwPDCY2sSxH4m8HxYBsaUSw0m9CC2f7YuJ3F0ZcwzAF02YDFIYnAiWyK-jG9382pqtllqAHJ4VehBsx508hcQlxFoeeNFsoiGRv8bV7cAns1ZG-dXw?google_gid=CAESEB6176_zI5o7LVFqGyvYUuI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f3c597a5-1eb4-4564-ad26-5253ae9a981e&&google_push=AZmPxg_cjLwqGEJA0sV8ZOaq8p635TlYAwPDCY2sSxH4m8HxYBsaUSw0m9CC2f7YuJ3F0ZcwzAF02YDFIYnAiWyK-jG9382pqtllqAHJ4VehBsx508hcQlxFoeeNFsoiGRv8bV7cAns1ZG-dXw
Request Chain 260
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFG3eef1TSAYhVkybnOukhE&google_cver=1&google_push=AZmPxg-X6Rjr8CBrWjqWRDy7rlEh3qvtDxIkl1xhodtjmW1C4fNfgTyzYPtlnY7E95AmsL6GpxTBuzerSTVSxUqTpSq0Mbs-u-hgFw HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEFG3eef1TSAYhVkybnOukhE&google_cver=1&google_push=AZmPxg-X6Rjr8CBrWjqWRDy7rlEh3qvtDxIkl1xhodtjmW1C4fNfgTyzYPtlnY7E95AmsL6GpxTBuzerSTVSxUqTpSq0Mbs-u-hgFw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGNkNTM3YTMtNzY3MC00MzVkLTllOGQtMWRhMTE0MTdiODMz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4cd537a3-7670-435d-9e8d-1da11417b833
Request Chain 261
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ9WFzFjRrBUJVj4QWgyONA&google_cver=1&google_push=AZmPxg8ZI6ULXjJ-K0Pz7-ImVw19fkfogIyVNq2hLoj2kXKH6sOHIXrJdlw9mImgxfedkq9xPGjNximoxgMYupok9aIoEuBwScRmPQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8ZI6ULXjJ-K0Pz7-ImVw19fkfogIyVNq2hLoj2kXKH6sOHIXrJdlw9mImgxfedkq9xPGjNximoxgMYupok9aIoEuBwScRmPQ&google_hm=Mjc0Njg1MTQ2ODA0MzQwODM3MA%3D%3D
Request Chain 262
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKg7wGMlCrr88Ms61m9wfOA&google_cver=1&google_push=AZmPxg9vrLlJTWtKyZ1nAVdCvt_SWLWWQsSK92ADCmNe4tLdbbanfLx7bZRwHws-uQ0poWx9H0heBDuQY99FEFR96czh3NwiLkFfIw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKg7wGMlCrr88Ms61m9wfOA&google_cver=1&google_push=AZmPxg9vrLlJTWtKyZ1nAVdCvt_SWLWWQsSK92ADCmNe4tLdbbanfLx7bZRwHws-uQ0poWx9H0heBDuQY99FEFR96czh3NwiLkFfIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY2Nzc1NTQzODcwMzEzODg0NA&google_push=AZmPxg9vrLlJTWtKyZ1nAVdCvt_SWLWWQsSK92ADCmNe4tLdbbanfLx7bZRwHws-uQ0poWx9H0heBDuQY99FEFR96czh3NwiLkFfIw
Request Chain 263
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEL7ompWFTIgxFTSLpK9Wl6Q&google_cver=1&google_push=AZmPxg-_aUnG2ZoWV42NFdPF_AfKxYRa3n5KwizNJIkdpkDxCnSS1nFLAIDtwj-wLqp3mkE5by_Qclq-o0Kz2I2jUYn-ubnq0iM0bQ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEL7ompWFTIgxFTSLpK9Wl6Q&google_push=AZmPxg-_aUnG2ZoWV42NFdPF_AfKxYRa3n5KwizNJIkdpkDxCnSS1nFLAIDtwj-wLqp3mkE5by_Qclq-o0Kz2I2jUYn-ubnq0iM0bQ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-_aUnG2ZoWV42NFdPF_AfKxYRa3n5KwizNJIkdpkDxCnSS1nFLAIDtwj-wLqp3mkE5by_Qclq-o0Kz2I2jUYn-ubnq0iM0bQ&google_hm=OWVEbnNwRmJCNHM0N1VCTEZmWmU=
Request Chain 264
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEH62ZuC9Pk6MG04qoGDivq8&google_cver=1&google_push=AZmPxg-khoqICqsdzSo4GLZ4d_y6D8T-oihnCZoxKnRKdbeI-09GlSRMrGjVirQZ2oU90SOj7rziXnTk1RQ205QTRaIRcH9QhBytDQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=UYqBFYvrR2FDrpOa6oxrgq310XA&google_push=AZmPxg-khoqICqsdzSo4GLZ4d_y6D8T-oihnCZoxKnRKdbeI-09GlSRMrGjVirQZ2oU90SOj7rziXnTk1RQ205QTRaIRcH9QhBytDQ
Request Chain 265
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECQs3JQ7n4MQAQJl3dUmRW4&google_cver=1&google_push=AZmPxg-_xBQhHs7h4cJ1i0u8CEOpleQJmhUVa08Y97Lb0eWLeLiG3VGCo1murhJVPM90sWuoFe3xufamKgHWq2RROzu-BrMxBwSvnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ3NTMyMjY1NzI3MzI2MzIwMzA&google_push=AZmPxg-_xBQhHs7h4cJ1i0u8CEOpleQJmhUVa08Y97Lb0eWLeLiG3VGCo1murhJVPM90sWuoFe3xufamKgHWq2RROzu-BrMxBwSvnw
Request Chain 293
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=716d80d9-3635-4295-a376-5230bc58a8c9&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=716d80d9-3635-4295-a376-5230bc58a8c9&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0fb8a272-a51e-4154-ac84-e05540e1007d&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 294
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D716d80d9-3635-4295-a376-5230bc58a8c9&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3783%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D716d80d9-3635-4295-a376-5230bc58a8c9%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD03MTZkODBkOS0zNjM1LTQyOTUtYTM3Ni01MjMwYmM1OGE4Yzk%253D%26uid%3D%24UID
Request Chain 295
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L9JR4BXF-P-5T95&gdpr=0&us_privacy=1---
Request Chain 296
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=716d80d9-3635-4295-a376-5230bc58a8c9 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A&gdpr=0&gdpr_consent=
Request Chain 304
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4cd537a3-7670-435d-9e8d-1da11417b833&dongle=0cfd
Request Chain 305
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED_vQQRThc7TTs2Im81DZ-M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 307
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D
Request Chain 308
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1868509363606852508737&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1868509363606852508737&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=afc4f225-6487-4434-9f05-fc6875223ccf&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=afc4f225-6487-4434-9f05-fc6875223ccf&_noobservation=1&_expected_cookie=35c7b40f20be630ef907ee02e87dd76f
Request Chain 310
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1868509363606852508737?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iq8AaYpE2oS25u3O2oVKhhx0nTWdomXPEzq0Uw4TTA--~A&dongle=0883
Request Chain 311
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1868509363606852508737 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1868509363606852508737&dcc=t
Request Chain 313
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=a9XXYhZbN0umsRMqyAq-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5ME4VQWCZNBNGETRQOVWXGUSNOF4UC4JN&gdpr=0
Request Chain 314
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2798938831503202666&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 315
  • https://match.adsrvr.org/track/cmf/openx?oxid=0604f4d4-9e40-7d3a-e881-5e0a0c676129&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=4cd537a3-7670-435d-9e8d-1da11417b833&ttd_puid=0604f4d4-9e40-7d3a-e881-5e0a0c676129&gdpr=0&gdpr_consent=
Request Chain 316
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1O-hcCo5s4AAEhEibsAAAAA
Request Chain 317
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AU7VlLr7WpuTks8ADv_jB5NTO88AAAGD_yQhTA
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJD6s8f2mXIkGay_i8dXSU&google_cver=1
Request Chain 343
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4cd537a3-7670-435d-9e8d-1da11417b833&expiration=1669024901&gdpr=0&gdpr_consent=
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB8HDTOc2nPoCLeZK3S9gdw&google_cver=1
Request Chain 345
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB&dcc=t
Request Chain 347
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=db7ed01d-e65c-c97e-e7b2c126
Request Chain 348
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9E49B20D745842439922621207BBA731
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB
Request Chain 360
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dapx%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3094345016830499000V10&type=apx&refUrl=&vid=64329016623094345016830499000V10&ovsid=911018867603646981
Request Chain 361
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dopx%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3094345016830499000V10&type=opx&refUrl=&vid=64329016623094345016830499000V10&ovsid=ce289d4b-3540-47da-8bce-2064be88f3f5
Request Chain 363
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dr1%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7140006552 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/4cd537a3-7670-435d-9e8d-1da11417b833
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA5NDM0NTAxNjgzMDQ5OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIpTz6uA5npQFXpSrGUFqj8&google_cver=1
Request Chain 367
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f3c597a5-1eb4-4564-ad26-5253ae9a981e&ssp=medianet&gdpr=0&gdpr_consent=
Request Chain 368
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dzem%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=9eDnspFbB4s47UBLFfZe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJZMVCG443QIZREENDTGQ3VKQSMIZTFUZJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DIMZSHEYDCNRWGIZTAOJUGM2DKMBRGY4DGMBUHE4TAMBQKYYTAJTWONUWIPJTGA4TIMZUGUYDCNRYGMYDIOJZGAYDAVRRGA
Request Chain 371
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=4cd537a3-7670-435d-9e8d-1da11417b833
Request Chain 379
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9JR4BXF-P-5T95&gdpr=0&us_privacy=1YN-
Request Chain 380
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=911018867603646981
Request Chain 384
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3582465395 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/4cd537a3-7670-435d-9e8d-1da11417b833
Request Chain 387
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F2230%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D716d80d9-3635-4295-a376-5230bc58a8c9%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 388
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A
Request Chain 390
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A
Request Chain 393
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4cd537a3-7670-435d-9e8d-1da11417b833&gdpr=0&gdpr_consent=&expires=30
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMSqYk07D_C0gpWJWlRa0D4&google_cver=1
Request Chain 396
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

404 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
www.bg3.co/a/ 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5376d7a44acbf5d0bd17a3553f6604496f85e651d1f6beb7e469172bf4ad35e5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 22 Oct 2022 10:01:31 GMT
ETag
"dbf5-4dKrrs2rwFeIAjWPk74vjVesd+Q"
Expires
Sat, 22 Oct 2022 11:01:31 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
280f65f41d5c1f1c884ca450563c5830c78c3157ca8ae30083d52f653f672997
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 22 Oct 2022 10:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72627
x-xss-protection
0
server
sffe
etag
"94dc74ec042f425a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Oct 2022 10:01:32 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d2ed3fd545568285345130ea7f5bb020dc63073584458309435e74476ffa462a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 22 Oct 2022 10:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9676
x-xss-protection
0
server
sffe
etag
"89bc2298b0b5dac0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Oct 2022 10:01:32 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a0aed5d6070276dcbf847b073b7d275ae9fce1b5759926b8486938019f13223a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 22 Oct 2022 10:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7580
x-xss-protection
0
server
sffe
etag
"fa5fea1d25453090"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Oct 2022 10:01:32 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 22 Oct 2022 10:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
etag
"4e6c8ca7bdbf4727"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Oct 2022 10:01:32 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq50YZbpq%2FVIukWFhocKNgaSL2ilHeB3ydwEdoE7%2FIgDLmFadmih0BVdV1TXKwgPyNwcvjmW%2B0i8oF7uW7nwhOV7c7vZCGLNZaG5%2FLAqO0Gi%2BsLE25W0U478%2FiUCBDClYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75e1646d1a15a7ed-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 22 Oct 2022 10:01:32 GMT
content-encoding
br
last-modified
Sat, 22 Oct 2022 07:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=40
x-cf-geodata
AU
content-length
9035
expires
Sat, 22 Oct 2022 11:01:32 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 22 Oct 2022 10:01:32 GMT
content-encoding
br
last-modified
Wed, 05 Oct 2022 09:36:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-length
105274
expires
Sat, 22 Oct 2022 11:01:32 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1666432893.dop210.sj3.t,1666432893.cds219.sj3.hn,1666432893.cds210.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
164adf667710a3df30395c686fefe630.jpg
static.bg3.co/imgs/202106/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/164adf667710a3df30395c686fefe630.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad3326d564dba608933ec3ab0a5185044a9f0bf4c3be8ae162b09c1ecda7a8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 08:03:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"164ADF667710A3DF30395C686FEFE630"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq6ftLTZGSGEISQxAEAxUPb7jyCGX92NCEzNmFCUEGgv0EF1AkQCCerMDeKbwIQHsvTIArKaqzWziv9owh6ZMp7lPQHDBRnAcCDH1t6Zz%2FRMcUgjNqngULiaPOgP3fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646e2e56dfb9-SYD
content-length
4517
expires
Sat, 29 Oct 2022 10:01:33 GMT
468d54576e568948be9782d1b7d70651.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/468d54576e568948be9782d1b7d70651.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c70e44f58722f7cbc1ec7401085b17a2b19d847d2a3f189cd476e87274396d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 07:43:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"468D54576E568948BE9782D1B7D70651"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8S5LiZCIcz3bRC5hXHgtPZtyYKNo4V1Oa9da66tZFMQiWC43cfgR3kn9u0oKJ1BIDw6DZ7qAzFQ%2BM8vjKYaBtOEBcbNm%2BCdiJ5J2eEkbAw%2B%2BmxAriSo3NPK17kvHnw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646e2e58dfb9-SYD
content-length
4665
expires
Sat, 29 Oct 2022 10:01:33 GMT
48140137a1dd8fc7c85839104c038adb.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/48140137a1dd8fc7c85839104c038adb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e5ab4eecd6341b9c4f4e3794387a6e24e75ea4a05063b1f646afd9dbad1636

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 18:07:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"48140137A1DD8FC7C85839104C038ADB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9X0UJ%2FuiQ2lk%2Fk5mkS2asGpssCaWFdPfV0QFQZ90rnw42I6djjxH%2FH%2BBoXsqshPibo5MXqehmuUKjj%2Fq%2BrFnB1ak%2F6RQIKq4D%2Ff1KHFjkT0IzhAqMXxr0WxwsIAW3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646e2e59dfb9-SYD
content-length
2990
expires
Sat, 29 Oct 2022 10:01:33 GMT
122356cb44e45aef2cc7958730e9137e.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/122356cb44e45aef2cc7958730e9137e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c646bb45dabe62963e2fde2925d8ab803270d3d2612dfe2dad369e9ed082b14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 02:24:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"122356CB44E45AEF2CC7958730E9137E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXL7uDW5DaAocJvEOOb92tCvXPmG2DgAUCsXbg314zuK%2Fw%2FtXsosH29Ji59nrp8NsqsTTyueDkyPldli0g1V8GpM8TrTaXoAerhi9tmvBsADrGIe8CWfbX2DvHkQqIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646e2e5adfb9-SYD
content-length
4219
expires
Sat, 29 Oct 2022 10:01:33 GMT
0ba84642893d18e0bab4bf41829456b1.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0ba84642893d18e0bab4bf41829456b1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d3070435515a2f064a25a9c0258c69413dfc339b4de8f98297e51109ebd69f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 05:30:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0BA84642893D18E0BAB4BF41829456B1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfgW%2FQFKaLb7hK8FdlqZel8ZCuOrSWQJ8UhTNgnV%2BJDvWpKmMVNo8ZMhoAEG0ZCCfLl%2Fg1pfu9c4Dut2E%2BYZihNF6%2Bk%2FlOKeBPS0wrcsPukVFQAcLbBgR%2B3UAPp%2BvO8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646e2e5bdfb9-SYD
content-length
6584
expires
Sat, 29 Oct 2022 10:01:33 GMT
48d4a0e9001fcda20c4a598f30e20d7a.jpg
static.bg3.co/imgs/202109/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/48d4a0e9001fcda20c4a598f30e20d7a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49aec1ecd408212e55a232ff0508473b05fc80930d8430dccc42e04be4aca979

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Sep 2021 01:33:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"48D4A0E9001FCDA20C4A598F30E20D7A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCnQ%2FkpoQl9eyEjZeafXI%2FH%2F5%2F9jN7mJI7TtR%2B3sC93Qbg0%2FiMYRFEiR4lgj2mEWgSpB9cCyD27iHY21G2VbH3tlb8MgLi%2FL2nk55CzsOJIaZOo%2Bhen7Z5IaSZOuvOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646e2e5cdfb9-SYD
content-length
10341
expires
Sat, 29 Oct 2022 10:01:33 GMT
8660059b32bd99475be3a9317a8caf4c.jpg
static.bg3.co/imgs/202204/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/8660059b32bd99475be3a9317a8caf4c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff50f9c43744ebf7b6b411afab16ba6f806450f795976c4d6e40c6083427a818

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Sun, 24 Apr 2022 03:07:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8660059B32BD99475BE3A9317A8CAF4C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdCXI7lq5tm7i%2FSVvfBinbGClrD3XEemfZxra%2BFHe%2FMKv4uZuO7HrENWZvd0YNrdVwTG5X4yIv5y7aQxkpc8DSvcXqhhAcdnjntSKsZEmtzjb5e6IvYhgzYLjib9cjc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646e7eb3dfb9-SYD
content-length
18974
expires
Sat, 29 Oct 2022 10:01:33 GMT
d5016b716c13dfdd022bb12c5de6ce65.jpg
static.bg3.co/imgs/202106/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d5016b716c13dfdd022bb12c5de6ce65.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c348814574844dc34888a238188191abbd53a02901a7ff1be1550d02dc706b1f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 21:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D5016B716C13DFDD022BB12C5DE6CE65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQgaTJdGCsIBewxhlSfkgzrJdPeVHDDW2WHRwXxrod4Hyt8yxuz4UkS9rJEs0ap8t%2F66ZVorFxgwim%2FBGXC8IR2jW2w3q1%2F6gsrfT1eyp%2BvaLeX%2F7KHiT95BHH3Mzks%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646e7eb4dfb9-SYD
content-length
8580
expires
Sat, 29 Oct 2022 10:01:33 GMT
b13db66ad2383f89e53062b93463510d.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b13db66ad2383f89e53062b93463510d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee867c100f938352ded8e611ae9f716afa3a67252d39ea5f920c8d0b833fa8f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 02:25:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B13DB66AD2383F89E53062B93463510D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ragIY3jzLfPWP4b1un1G2KB%2FAbzxA1pgD4NNtGy0UCVIg3%2BGXCBAozJXOVFdbb8jRBdX4THkIS1oh5cgDtdGv9OJGHlr3RFq%2F7taHbZwuaanx8M7TLEgiSaemldtDqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf10dfb9-SYD
content-length
7254
expires
Sat, 29 Oct 2022 10:01:33 GMT
f59c03663ab75de1e33fc6cc6e651ff3.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f59c03663ab75de1e33fc6cc6e651ff3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d00a656516e1d3d59691e8ce46d64c7cc3693b2d054cf6f3b2493665f91845d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 10:53:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F59C03663AB75DE1E33FC6CC6E651FF3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTdb5stbJzmShAt9MNGV37MPB%2Fp3IXhopTDf4FC8EK5sNtPGIfxZEoMT57eY%2Fl%2FAbcuZ%2B7ojhPcesqUdpiEKlM7vmoBaakfHu1lXePKvj9ULylUMy%2BOXJwUU3xuubyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf12dfb9-SYD
content-length
9278
expires
Sat, 29 Oct 2022 10:01:33 GMT
7fc29e010e8e2fc4fcbfd9e7e22a2551.jpg
static.bg3.co/imgs/202107/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/7fc29e010e8e2fc4fcbfd9e7e22a2551.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb98e4308e9b95b01747587d46c6c9f5cffe4d2d38fda4338b084376c11e1549

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Jul 2021 16:38:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7FC29E010E8E2FC4FCBFD9E7E22A2551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6y4jA4y9%2FXuSso7uH%2BRnDTvrpZwdGj5bzOLFQH%2FI3aj7qBtoPgzOOZEM3V1O4btfZDVNnvnPOyaDPHt%2BoIvrojXrXa8ZG64S6gcJnn1E36%2Fl0Eccsf9NevUP45hjn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf13dfb9-SYD
content-length
7126
expires
Sat, 29 Oct 2022 10:01:33 GMT
22876dd1bd380fdad37c7329d450bb07.jpg
static.bg3.co/imgs/202105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/22876dd1bd380fdad37c7329d450bb07.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7919cb538c77c65dfee673cd49da9af64b870322fb2021d2d4251b4160962682

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 02:19:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"22876DD1BD380FDAD37C7329D450BB07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW34n8lcqBDQGTGgMK8wek%2FqGIQZbXxp3QNgpa5e02MmnOuQLM9TkzzScUTSJT3tZ6ZnJgYz%2F2e0UXzuTzzsKbzFaTEnyL4CG4My1G88LGrD4LtxJNc972ARyzPNpZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf15dfb9-SYD
content-length
3288
expires
Sat, 29 Oct 2022 10:01:33 GMT
1b1aeae285322029c31920fe81d3cbd4.jpg
static.bg3.co/imgs/202105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1b1aeae285322029c31920fe81d3cbd4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f7b1c22bfd3acb78e69e571962eed7e1e50a3d0beb7c9c2ee9441682cd2108

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 15:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1B1AEAE285322029C31920FE81D3CBD4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFrUbILuFtUW77O91%2FIZ919z5yv%2BcAIwvbeOpBU5yv%2B0SoTmasjS%2FyDRfFspLYrKdovjHCVgbIyh2MJVMhi%2BCT7GEeqpNwoqnR7sBIkRUl9BmpTQSs0jeQFoCg8SwiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf16dfb9-SYD
content-length
3360
expires
Sat, 29 Oct 2022 10:01:33 GMT
af314628931fee3ba4b7788b2d6781ad.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/af314628931fee3ba4b7788b2d6781ad.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1701c85587c195a4310fdca042939347b12384ad4c8e67e8378954d92ed3b3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 22:00:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"AF314628931FEE3BA4B7788B2D6781AD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F81OyzSXiADupsRCLszszZJkdL%2FXlIhw1e4CrQvy7Vrva%2FUmnFm85zGzKFAs8CT%2FeJPNT%2FD8f6FJl6cGph%2BOvKeH6MUQuQl4RmnOn6Jwrn0JYbpJj4Ij%2BbI%2BVRydFpI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf17dfb9-SYD
content-length
5331
expires
Sat, 29 Oct 2022 10:01:33 GMT
77f8b8dc7b1445b32b1c0bd725f67cd9.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/77f8b8dc7b1445b32b1c0bd725f67cd9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc0517fe6d4d0bdb1cdbbb2901ec6c3843a123cce2d2afc2bdc620cfd7a14e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 04:26:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"77F8B8DC7B1445B32B1C0BD725F67CD9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghQiamye13Xjs%2Fg%2Bg3Fp7YfkextoVZ7lgkcRp%2B6A1Gh6eoMozGZm9P88ObZY%2FqIsEMXC%2F5SbukKTT9vXb%2B2bCbQa0OIjaQqrOt8NA0GO1pYk64KSiRurIlGLm7%2FkfSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf18dfb9-SYD
content-length
9380
expires
Sat, 29 Oct 2022 10:01:33 GMT
9c2e8565afc835e17f28e0ca1e5a31ec.jpg
static.bg3.co/imgs/202106/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9c2e8565afc835e17f28e0ca1e5a31ec.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81d39db3161b2ccd67bd2671c9098a55fc0b3196b9250d7c4fe8bb91e7a9a187

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 08:11:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9C2E8565AFC835E17F28E0CA1E5A31EC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PA71Jt2E846%2FiaEmFinzT6VcKQxFgxXiZaqCofSOIVdTxsWIVb6RgRMuYLjv4paUihkAQ9BzbFqyo1FjDi8M24oWiwUmrThPFNfA%2Fg5ICKhzyVrPydrDIzIAPFOCP18%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf1adfb9-SYD
content-length
6472
expires
Sat, 29 Oct 2022 10:01:33 GMT
d0f2aa9a8cfcd881da730932e7ce8b6d.jpg
static.bg3.co/imgs/202106/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d0f2aa9a8cfcd881da730932e7ce8b6d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65a0bcddb77bc961b7b695e26a62a9fff8c33d2d2af144f56c60076dfefc2e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 09:25:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D0F2AA9A8CFCD881DA730932E7CE8B6D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDEQVnhlbja4wZA46gwDPPk4A7WYcWzBVeKzwWvPK8NlMAVYfe7CD%2F9ndR3G1zuJQUEUoEfl1bpFZKnN2JPzrJpB6H512TnBjdIsdMLTdzuOSEuZkYznbkFZYvsnihU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e1646ebf1cdfb9-SYD
content-length
4655
expires
Sat, 29 Oct 2022 10:01:33 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
dd077349a06d9c21c75ffc7b287de576f506a262b218d8a9926dc10145ccf4df
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:16:17 GMT
age
301516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
server
sffe
etag
"a122783c89e19dfb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:16:17 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d54633573668b4703db3bdccede99c1076819aa2bb287773cf8ef5d2bebae418
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:16:17 GMT
age
301516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3839
x-xss-protection
0
server
sffe
etag
"cadad0096bbc82de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:16:17 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1666432893.dop210.sj3.t,1666432893.cds219.sj3.hn,1666432893.cds046.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		81 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3b17e5d516f9bd51ed05461dcca0a156e97a77768ff453f678a493de698783ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:16:29 GMT
age
301504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23041
x-xss-protection
0
server
sffe
etag
"ea9f23854f5e71da"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:16:29 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
b9441e02a38f1ea83d5e5a54fd792f5b757600322cc22634b99d9aa650176024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7196
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kt1AxASeriz9870QK5oMT71Y1lQ9HeNBl40NHMdNGPCRWkFgX9aZCBmu%2FNljTIJb9On93%2Bp4dHT1CCrGIFYj4j3T2lU89Z44uXll1qz8ndsH1NSHcT1pLYaj8fD6kZIGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
75e1646e7bbfa7ed-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
9cf2bfa32849994e40eb345fe31a4431129f31ff10618283ba2923008e8d5095

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 10:01:34 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
9cf2bfa32849994e40eb345fe31a4431129f31ff10618283ba2923008e8d5095

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 10:01:34 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.1036213121539169&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:33 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9041240499638836&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:34 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
56df0a279f759f13bf5024aaf4547c82d47fad55498ba1473aece0f2c9587531
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:16:29 GMT
age
301504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10232
x-xss-protection
0
server
sffe
etag
"c8f64f42400c7620"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:16:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D330 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ba78a8b66c87134e3881deaeca731ddad5d7940d1132864e97b598da754926b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39994
x-xss-protection
0
server
cafe
etag
10250317757635518355
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 10:01:34 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1a12e03c6e7368771df0045c0d29660585881ec9e385b5cc885351c2a0bc3905
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:25:57 GMT
age
300936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57866
x-xss-protection
0
server
sffe
etag
"a079e55eff1cbcb0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:25:57 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1666432893704
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 22 Oct 2022 10:01:33 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
accept-ranges
bytes
content-length
631
expires
Sat, 22 Oct 2022 11:01:33 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=14
content-length
94168
expires
Sun, 22 Oct 2023 10:01:34 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=14
accept-ranges
bytes
content-length
317
expires
Sun, 22 Oct 2023 10:01:34 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
17440
expires
Sat, 22 Oct 2022 11:01:34 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
d723ddc89dc7b299c50e4af810131ae511e709fda9650ce69ce047e592d143a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27347
x-xss-protection
0
server
sffe
etag
"1371 / 717 of 1000 / last-modified: 1666390018"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Oct 2022 10:01:37 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:34 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjY0MzI4OTQwMTUsInBhY2tldElkIjoiMDAwMEE3MDEtOTA5NzhmNTAtZmUyMC00NzY4LThlYjktMjY3N2Y0NTQ2YmEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhby1xdWFuLWJlaS14aWFuLXRhaS1kdS1jaGFpLWd1by1sYWktcmVuLWppZS1hbi1oZWktemhlbi14aWFuZy1xaWFuZy14aWFuLXhpYW5nLXhpYW5nLW5pLW1lbi16dW8tbGlhby1zaGkteWFvLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=3935.1000003814697
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:34 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjY0MzI4OTQwMTYsInBhY2tldElkIjoiMDAwMEE3MDEtOTA5NzhmNTAtZmUyMC00NzY4LThlYjktMjY3N2Y0NTQ2YmEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhby1xdWFuLWJlaS14aWFuLXRhaS1kdS1jaGFpLWd1by1sYWktcmVuLWppZS1hbi1oZWktemhlbi14aWFuZy1xaWFuZy14aWFuLXhpYW5nLXhpYW5nLW5pLW1lbi16dW8tbGlhby1zaGkteWFvLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=3935.7000002861023
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:34 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY0MzI4OTQwMTYsInBhY2tldElkIjoiMDAwMEE3MDEtOTA5NzhmNTAtZmUyMC00NzY4LThlYjktMjY3N2Y0NTQ2YmEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhby1xdWFuLWJlaS14aWFuLXRhaS1kdS1jaGFpLWd1by1sYWktcmVuLWppZS1hbi1oZWktemhlbi14aWFuZy1xaWFuZy14aWFuLXhpYW5nLXhpYW5nLW5pLW1lbi16dW8tbGlhby1zaGkteWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D&c_b=3936
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:34 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY0MzI4OTQwMjAsInBhY2tldElkIjoiMDAwMEE3MDEtOTA5NzhmNTAtZmUyMC00NzY4LThlYjktMjY3N2Y0NTQ2YmEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhby1xdWFuLWJlaS14aWFuLXRhaS1kdS1jaGFpLWd1by1sYWktcmVuLWppZS1hbi1oZWktemhlbi14aWFuZy1xaWFuZy14aWFuLXhpYW5nLXhpYW5nLW5pLW1lbi16dW8tbGlhby1zaGkteWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=3940.1000003814697
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:34 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY0MzI4OTQwMjMsInBhY2tldElkIjoiMDAwMEE3MDEtOTA5NzhmNTAtZmUyMC00NzY4LThlYjktMjY3N2Y0NTQ2YmEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhby1xdWFuLWJlaS14aWFuLXRhaS1kdS1jaGFpLWd1by1sYWktcmVuLWppZS1hbi1oZWktemhlbi14aWFuZy1xaWFuZy14aWFuLXhpYW5nLXhpYW5nLW5pLW1lbi16dW8tbGlhby1zaGkteWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=3942.6000003814697
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:34 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gtag.json
cdn.ampproject.org/rtv/012210010655000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:17:16 GMT
age
301458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"af0e5541a4a7e61b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:17:16 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-1932882742609460837.ampproject.net/2210010655000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-1932882742609460837.ampproject.net/2210010655000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9C96 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ab4f92ad47a1b313c1c5a71e6447172e7bf192a542676c9dc9ccba0702a458f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39992
x-xss-protection
0
server
cafe
etag
9168403861407429497
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 10:01:34 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 76BC 		714 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4649
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
75e1647519cfa87c-SYD
content-encoding
br
content-type
text/html
date
Sat, 22 Oct 2022 10:01:34 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fmIA%2BKo53TbFG%2BRAcbMKeiFCc9LRYQPNdOKCd%2FQtXG0VUEPxQGjW7HJPioUIPHRcTmHUSI0sgUor1BLZ4aalFfe2ZvhqEpRRf3o8jciYa9FnjRTFxXYnjdcD5yKw2xQpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 10:01:34 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3F64 		714 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4649
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
75e16475ca9da87c-SYD
content-encoding
br
content-type
text/html
date
Sat, 22 Oct 2022 10:01:34 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOJYs3jvckrExY4XTXAOyOM4FhN%2FjWIER1M2tidVYsDd%2Fs%2BNtkJUpomvkFWn4k%2FN1ElLvBHFtiiaokf9eVfOJc4JF5IDczgW53edySXCpJ%2Bm5UFW%2FVuHuSEgsyT0%2B123%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 76BC 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
14a2c91fb720c33b46379b2318e70c953933042617d4360726ddd83386b599d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27388
x-xss-protection
0
server
sffe
etag
"1371 / 319 of 1000 / last-modified: 1666390088"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Oct 2022 10:01:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3F64 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
d723ddc89dc7b299c50e4af810131ae511e709fda9650ce69ce047e592d143a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27347
x-xss-protection
0
server
sffe
etag
"1371 / 134 of 1000 / last-modified: 1666390018"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Oct 2022 10:01:37 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ Frame D330 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070415
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
dbd4823276e5ec482f818631f1af3b15fa4c6d600a3617097eb7bae9538669f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118761
x-xss-protection
0
server
cafe
etag
2328516021447145886
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 10:01:34 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ Frame 9C96 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
bce9e081d218c2af98e81169cc19d412a8c7274f00c6c42ae1230bdb14f59394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118761
x-xss-protection
0
server
cafe
etag
2667900638152747999
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 10:01:34 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
etag
"cbFpuah7ilcpMTJLYeCgng=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:01:35 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E4%BF%9D%E5%85%A8%E8%A2%AB%E5%AB%8C%E6%85%8B%E5%BA%A6%E5%B7%AE%EF%BC%81%E9%81%8E%E4%BE%86%E4%BA%BA%E6%8F%AD%E3%80%8C%E6%9A%97%E9%BB%91%E7%9C%9F%E7%9B%B8%E3%80%8D%E5%97%86%EF%BC%9A%E5%85%88%E6%83%B3%E6%83%B3%E4%BD%A0%E5%80%91%E5%81%9A%E4%BA%86%E4%BB%80%E9%BA%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.43073858690703215&gjid=0.7113011623072967&_r=1&a=7025&z=0.7149055522592651&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 00CF 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-25250029013817205087&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3081&oid=2&is_amp=5&amp_v=2210010655000&d_imp=1&c=995007025&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&ga_hid=7025&dt=1666432894259&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&bdt=2477&dtd=448&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:35 GMT
expires
Sat, 22 Oct 2022 10:01:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame D330 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
b59336021f518adc64584507f3c953926d06251d573bcde6e51482c051d0071e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame D330 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D330 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E1A 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
919c2ed6a47d1ce2404240f4f94e52ee394dd1c95ad1384809a4449b3016b6fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9975
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:35 GMT
expires
Sat, 22 Oct 2022 10:01:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221022
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8132b94cb6029f8da550fef5405705b28fd6c4e7d2c3eae77c9c76b10d102378
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
25228
x-jsd-version
1.0.1500
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4532-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"667-fRU3yn+XwyXuodxqSbbFiKLKX5g"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75e1647b8d35a8b9-SYD
arj
adpushup-d.openx.net/w/1.0/ 		171 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=df648e37-c800-4550-93cf-16674fb7cd1d%2Cdba7e34c-e5e2-4315-8401-2ab64d3e58d7%2C8b74e8f5-8ef8-4bef-9dbf-b795fe10defb&nocache=1666432895051&pubcid=d5a8cb8d-37c7-42cd-b257-96e2684052d4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
11d50a4e20c37652a71ffc2afde71810d57f5c50ce2800901eb422b97b15bb89

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ee0365e3-d56d-422a-b854-ba1a3505614f&nocache=1666432895052&pubcid=d5a8cb8d-37c7-42cd-b257-96e2684052d4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=377eb4dd-5722-48fe-8237-f7d64b98e1fe&nocache=1666432895052&pubcid=d5a8cb8d-37c7-42cd-b257-96e2684052d4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ed9fd72f-7d0e-45df-81af-d8903b8a97dc&nocache=1666432895052&pubcid=d5a8cb8d-37c7-42cd-b257-96e2684052d4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		584 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
7a050644ef76a1df465f3bc31740c774021dbb68eb94d738cb21768b0b54ae83

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
170
content-length
301
bid-request
a.teads.tv/hb/ 		16 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 22 Oct 2022 10:01:36 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.120.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-120-52.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.235.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-235-65.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
13
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
27e96cc63d6f2de1e68571f3ede3bcd1635fcbc2f8742f09e9c5b0aa32620399

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 22 Oct 2022 10:01:35 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cygnus
htlb.casalemedia.com/ 		37 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22425bb98be663813%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249df429bf5837f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22521852fc0361684%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2253a42f1cebb75f3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d5a8cb8d-37c7-42cd-b257-96e2684052d4%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bea596866098e6264b67f5bb435c06b3d4b5c32365e406b3e70a7a650aa093

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75e1647bc9a8a953-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22425bb98be663813%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22521852fc0361684%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2253a42f1cebb75f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d5a8cb8d-37c7-42cd-b257-96e2684052d4%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bea596866098e6264b67f5bb435c06b3d4b5c32365e406b3e70a7a650aa093

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75e1647bc9aaa953-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		51 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a0db9fa48c4a85001fa4e639e2b1405f945eaf77c0dc366300d37d3d7f3c02d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 22 Oct 2022 10:01:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a6d5388c-2752-46fa-aec6-ec1fd2629db1
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.80.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6aa4fea57808440a7965b583aeef3388af760a79e488c94485f3a13a4cffdf76

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.80.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
bcaac4f169edf0ae35f3730bb5dc0ae5b227f352b190e0b3b15933998593fdd9

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.80.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a522b146a93eb0ce705d7f790a0b2751c06c3f4f03ae3f74702a6d7befea8ae3

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=d5a8cb8d-37c7-42cd-b257-96e2684052d4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=efe12eb5-a462-4bb2-8ac5-d8c3a41c4895%3Bd91a7e9d-be7e-42eb-9060-3fb354443eb2%3Bc9849bc6-96f8-4961-902d-12489fe606c2&l_pb_bid_id=59fa4419a87d678%3B60003e0aa6bd0e2%3B615d0a174ee0f2f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.6868733459910392
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8e638f18fb5aac741438e996c49c772dd2ac5d027d76f895bbb8bae75bbeefa4

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=14269071838
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 10:01:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
adreq
ads.servenobid.com/ 		656 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2021
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c46f7fadb683c44c08212442b5b1af83da52fd88bda523456fc4e6d72dc70a8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e48d1da06dd2b75cca913e298fb8903580cfb49e98fd99b30126ec2dca8afae

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
183
alt-svc
clear
cookie.js
partner.googleadservices.com/gampad/ Frame 9C96 		379 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
62563a704a976e44c61d08682b0582cd3238c628a76939ce8150e124410d6062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 9C96 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9C96 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F6BB 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1df5d09af236379feb80cf45c61c75873437ed13e297a5dffc943e74f8128802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9983
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:35 GMT
expires
Sat, 22 Oct 2022 10:01:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-11.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:05:15 GMT
via
1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
3380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
kDmeHdSYwI5oCo6jlFYkI2B_J52M-7p0Nt84aVrvW9FyLcWOt9v71w==
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4Mzk0MjlfMTY2NjQzMjg5NTc0OCIsInVzZXJJZCI6Ijk3MDgxNF8xNjY2NDMyODk1NzQ4Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNzA5MDExXzE2NjY0MzI4OTU3NDgiLCJwYWdlUGF0aCI6IiUyRmElMkZiYW8tcXVhbi1iZWkteGlhbi10YWktZHUtY2hhaS1ndW8tbGFpLXJlbi1qaWUtYW4taGVpLXpoZW4teGlhbmctcWlhbmcteGlhbi14aWFuZy14aWFuZy1uaS1tZW4tenVvLWxpYW8tc2hpLXlhby5odG1sIiwiaG9zdG5hbWUiOiJ3d3cuYmczLmNvIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZ3d3cuYmczLmNvJTJGYSUyRmJhby1xdWFuLWJlaS14aWFuLXRhaS1kdS1jaGFpLWd1by1sYWktcmVuLWppZS1hbi1oZWktemhlbi14aWFuZy1xaWFuZy14aWFuLXhpYW5nLXhpYW5nLW5pLW1lbi16dW8tbGlhby1zaGkteWFvLmh0bWwiLCJwaGFzZSI6MCwidXNlclR5cGUiOiJORVciLCJwcmV2aWV3VmFyaWF0aW9uIjoibm9QcmV2aWV3UGFnZSIsImV4cGVyaW1lbnRQYWdlIjpmYWxzZSwidGltZXN0YW1wIjoxNjY2NDMyODk1NzQ4fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvYmFvLXF1YW4tYmVpLXhpYW4tdGFpLWR1LWNoYWktZ3VvLWxhaS1yZW4tamllLWFuLWhlaS16aGVuLXhpYW5nLXFpYW5nLXhpYW4teGlhbmcteGlhbmctbmktbWVuLXp1by1saWFvLXNoaS15YW8uaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvYmFvLXF1YW4tYmVpLXhpYW4tdGFpLWR1LWNoYWktZ3VvLWxhaS1yZW4tamllLWFuLWhlaS16aGVuLXhpYW5nLXFpYW5nLXhpYW4teGlhbmcteGlhbmctbmktbWVuLXp1by1saWFvLXNoaS15YW8uaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 22 Oct 2022 10:01:36 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=127, origin; dur=205
content-length
555
expires
Sat, 22 Oct 2022 11:01:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3E1A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbQoef79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSsAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Szm1SaZope5GYA_Vj0uyil9YapZIe4rrARCruLXxA88Jn9f0ce1QoAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=FwX39oT1ZXs&uach_m=[UACH]&cid=CAQSGwDq26N933DmcOo7MhuLzdOGSuZ0qhHATSFTSxgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 22 Oct 2022 10:01:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 22 Oct 2022 10:01:35 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 3E1A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k4XhE5zIC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQfr9TY3WODTNYT4ePugTHABIAAA&wp=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
201085
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 08D3 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
cd653cd194d2c099b0dd3606439291742ac1e2ef84b8a2537422274c8a5587f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:35 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=MIshc6ZIq2YPIVFHpOsPq5qqIVuQNhc9V0pE4ZKvmfRBAFaXtlqEszVc3yeI074lGvmxqRjEgsP-HOgp2ePDOmMZN-SMIx2NEztN6or2yDWvfg33cGbpZj-OwE0Rdck--57gnTCyDkkBIQOv98q_DgY_p3s0CCs6UyVe9HIcklXGi9TYVwUEEeeQyI-AkHdWIRb6b2zqQjzzXHEKYFd2e0N-_UkgBiSWARb2S7WhtnZV0GDlVzDktprOfkBRXXbESKjR81xo--ozVR6x"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
6454864
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 3E1A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 3E1A 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:43:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E1A 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F6BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C7o4ff79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSyAk_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VEDLExVIS_quohCg9jQ4QQxn5nZLhqgKDmHYSO-d365FciWl1tOjoAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=wnPJBbRJLiM&uach_m=[UACH]&cid=CAQSGwDq26N9e6_5rJv40DeOHEG5zP6BenP_DW0PaBgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 22 Oct 2022 10:01:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 22 Oct 2022 10:01:35 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame F6BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k4XhE5zIC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQf79TY5bR4eRhGWGKs10tABIAAA&wp=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
147286
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame AA10 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
fb74828f49856baede3283fd399f5b9d4b7c56914cfe96cedeedce0f733fa875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=jtzb7aZIq2YPIVFHhfVYXtTbgqIBR9x1wwo_ywJLR6JNNyl0k6Fur0dINdan3F6ia5Na_mmWiY6EOrb2wHvaDUAkxAkU8siiiUT4vgHVa9zRG2ZsbHnY2Dippv1uTSsdCPdo-Hd_LDjugPETDdAMiQ7yNea8s6XbOY9HVwsBMos_PMoqpajgtvyUW3rQQKlpQrG2SeRKH61_PzbSD37BNOlCUZ-uzbxJdkGGhsAcfu2mOV3cuhEQ9W8r4Y5cfF1k5cOR3Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3847702
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame F6BB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame F6BB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:43:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F6BB 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894684&bpp=13&bdt=1509&idt=423&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=1&ga_vid=1810455584.1666432895&ga_sid=1666432895&ga_hid=1963252583&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1866&biw=1600&bih=1200&isw=336&ish=280&ifk=1550047487&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44770880%2C44775017&oid=2&pvsid=238557065761273&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.byys8z4988vx&btvi=1&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:36 GMT
pixel;r=745066595;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html;uh=e5...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=745066595;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1629134091-1666432895949;pbc=d5a8cb8d-37c7-42cd-b257-96e2684052d4;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1666432895948;tzo=0;ogl=;ses=7e03c7fa-8639-4990-8997-7a59c043fd17
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4fddbf15fc35d1ac1e21320cc5dd30341a6e2a75d1c11dfdeebd163084f9cac8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77802
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 22 Oct 2022 10:01:36 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9iYW8tcXVhbi1iZWkteGlhbi10YWktZHUtY2hhaS1ndW8tbGFpLXJlbi1qaWUtYW4taGVpLXpoZW4teGlhbmctcWlhbmcteGlhbi14aWFuZy14aWFuZy1uaS1tZW4tenVvLWxpYW8tc2hpLXlhby5odG1sIiwidGltZSI6MTY2NjQzMjg5NjI4Mn0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
server
nginx/1.14.0 (Ubuntu)
truncated
/ Frame 3E1A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdd422a206559353c92762719433cd9a46317af452197dcaf96191c982c4b233

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame AA10 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:36 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame AA10 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AA10 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 17 Oct 2023 10:01:36 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame AA10 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 17 Oct 2023 10:01:37 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame AA10 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Ezxv86VwL7YB83wwQLaOx8MZCpcH7XzDjYQA5UAWj8J4kIY0plvk4ld3d857ZbILiF0WN6AhBZV-WcRhQe8Ukh-8EopfkCgrm957QvN4LctnoP87zFIPIVgS5Pv8T7PGU6ciQvrtSBl6SkSEvSYhpHVvxwfxvr-o2pK3po6o4C7JT-teW6kx5VUxW1dg4vJMUPACdj8Vc4SH7J81UA-VfKsY1tPfu2JKPOzCIBPalypgkn-UUcqflNBIrY21rHVvxn_F2mJ8n_2JXgXuM9mfXKVkcFDDhHCf7d5Fqed5_yW6FKNdIs0RMck4RbIBAEmPiq9PVuvhJ8MMuvENtgkzTo4nJz_KwrtymbTQQgIogQwW6smiYd1OvnAolJpUfLWuTUTqM7ujwJ-Er3VloIjujnyorNJpZ3MMXmlvN41_lrTHIgEs_GKNPwE4k5Ky9ppr4Hqd6w
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2972567
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/ Frame 83BC 		1 KB
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
30ca27f6a96516b0065d6b5d0dc419284613d13606fc85926cbf4b93bd1f5df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:36 GMT
etag
W/"62bcef6c-458"
expires
Tue, 17 Oct 2023 10:01:36 GMT
last-modified
Thu, 30 Jun 2022 00:33:48 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
truncated
/ Frame F6BB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbf996172fe017c0555d7514326c30271949540935334f199e37a1b223b6898c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
all
csm.as.criteo.net/ Frame AA10 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=jtzb7aZIq2YPIVFHhfVYXtTbgqIBR9x1wwo_ywJLR6JNNyl0k6Fur0dINdan3F6ia5Na_mmWiY6EOrb2wHvaDUAkxAkU8siiiUT4vgHVa9zRG2ZsbHnY2Dippv1uTSsdCPdo-Hd_LDjugPETDdAMiQ7yNea8s6XbOY9HVwsBMos_PMoqpajgtvyUW3rQQKlpQrG2SeRKH61_PzbSD37BNOlCUZ-uzbxJdkGGhsAcfu2mOV3cuhEQ9W8r4Y5cfF1k5cOR3Q&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 10:01:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AA10 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AA10 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGBngKj98LAA4twDWSYLM7Gg9CoSAanw&u=%7CEBRe%2B9TmFL9t8iK3snFRqfQMeP%2FdJoV4IWu6CFmbjUA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyUGptkel_9QsUAM_YpIJjc7cdC_MWdIgEVgOdnq7jZbF3eGoZfG2UhpNsFkhKpBjwhPibl-YMKAZ-c814NoPBD-Gbo63e852feoBdxAmcKnla7HL8keFMYHU18Szv4xYk0sezE-mf7lcvN7JKjOcNB8MK904Fm8VM2Mxqu4YF-Vsssszp38epihfoSVMtJpPA_bbLp4whVEPmXWwXU04Fkg1Y7MSzQtsqlTgHbrvbm8pORZ-ITW_VaI8k7Hwdgzqpb1gGvMNxsQDhyZz4Jk-NuudCMxDmUKlQUz0hj2F5xXRraxecPpYrkyO3xF2VH_264_jgU1sUE6DmbtzDv0brQo2pinPbj2BWA2z4DD_BoZi4MUqrbxvl9s7EX-Z1YmG_tolpZJ-w810Pwb7Pne6-LNKjKJEi7VgKiKbooznRL5_7V2Rg3tzOYD-Tf3qhPjLpJIruezgrbFSJ14ijjetsxgBb2JnruNe_I_r7xvZAHIbVjp_OsprFbyr5opl0w7FUxtc_QJhluBoZRg75e_o-9QIXJ1gQc0TBg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRWp6f79TY_iMGIu-vwTA27jYB5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgS1Ak_Q7S5X44iS99e3sR-TRbC8BI2UHFi1b2qkdb_yChs5xoSIOK5TTQ4xJB7-a2_ZSVzzLQw17yRMZy_6-phqnbn64aPR_9vJcKQjstAqHPN-rse5HORUM_g3-dDqM6o_ad1v2SD2lQCM0ejne1QNV7mW6SlSPwIZN1B2xS8h-zxmHCfUXROSMZoQYQoUwUPZl55g2iOGc7EaxXwrl-Rm6ZPMTSM13h2cw9TTvfO6frGyYwdVgZ7zZ1ShMNgXWAM63ECWfYzLNFfDh8lTwHcUg_VuQ5XRI0EPAUY1a_i75XxjhORmEsOOmRM1eDV22ILy30kVOuR4NX5RnsAqxq4IRmJaOu0N-mBJ0VXZ7VFBLm3HxOFjxHfL8kY7t57yto3TuRCOMNEPknUkvsCnOdBxfMowcTNVkIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1WQoxb-pxiR4HpGQZ6jJZWkJ677A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:36 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 08D3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:36 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 08D3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:36 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 08D3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 17 Oct 2023 10:01:36 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 08D3 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 17 Oct 2023 10:01:37 GMT
index.html
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/ Frame EBD9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2a42afe3f95e065e32f837ef95125257c1e16f6464cb981b1b5e6faae2a5fae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:36 GMT
etag
W/"62bcee38-66d"
expires
Tue, 17 Oct 2023 10:01:36 GMT
last-modified
Thu, 30 Jun 2022 00:28:40 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 08D3 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=LVwysKVwL7YB83wwQLaOx8MZCpf9ksp3nNU88NtmN3Mx8Q2kuMbGKYXEas_AZMRFpmnKrgptOG2kUI-YMaL7v5e4a2S6xbotae3EFw9tVPOmoUMuYSAYMkWx1gpu84yi_PXzmLcoCxCxrMqwkVP0cP40MTdJdJzbLGrtVtmyP08S5jZyL8V4klJ43svMIqL8j00AjNqm14A4Zf5q3CUWV5IpwLo8G07lwsKaJRTlf7onnd84L1qhrJRYYYBBJWcslNPjAMJ15pBJKRw97FzLnLktHBUexkDQPJY-WiE1xpINLZAr8NRiYJnuBjO_2s2jABlLO8p5bjql-ksLjCdaHbOhBsb3Ap7UiQENcRe7-mYPPTqVgH66qMgbaxkz-FTIkgYPiCnCkwWCdqZgDLDVWo3UP2bFTN0IG3jZ4knku417qrRtj5fUfZmXMXhVdZp4iiabDw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2954715
expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.as.criteo.net/ Frame 08D3 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=MIshc6ZIq2YPIVFHpOsPq5qqIVuQNhc9V0pE4ZKvmfRBAFaXtlqEszVc3yeI074lGvmxqRjEgsP-HOgp2ePDOmMZN-SMIx2NEztN6or2yDWvfg33cGbpZj-OwE0Rdck--57gnTCyDkkBIQOv98q_DgY_p3s0CCs6UyVe9HIcklXGi9TYVwUEEeeQyI-AkHdWIRb6b2zqQjzzXHEKYFd2e0N-_UkgBiSWARb2S7WhtnZV0GDlVzDktprOfkBRXXbESKjR81xo--ozVR6x&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 10:01:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 08D3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 08D3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
style.css
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/css/ Frame EBD9 		1013 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/css/style.css
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
99a897b1b6bf0d20afe286cd5e66a7281c3c8eeb69c9aa0dfd42175fc8290aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:40 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bceeec-3f5"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame EBD9 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 10:01:37 GMT
image-3.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame EBD9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/image-3.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3e32821d9fb7d097ae2947687180f9d72e8d6587ca146961aff1e5c91cfe7957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef5-3b22"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15138
expires
Tue, 17 Oct 2023 10:01:37 GMT
image-2.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame EBD9 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/image-2.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
689d691bc0a94e08a5731d2e34dd06ea9b907d40c1ccca65e8f9a4feb4fa9742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:51 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef7-51a2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
20898
expires
Tue, 17 Oct 2023 10:01:37 GMT
image-1.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame EBD9 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/image-1.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b7f8a33337b7fce3e7b3dd76d839d1e9bf3b83dc7c5c6fabdc44e2795459c2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef5-29cf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
10703
expires
Tue, 17 Oct 2023 10:01:37 GMT
copy-2.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame EBD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/copy-2.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
342d9207010dbb5769fc2988004bf46d4f579e8284fa3931374049e0dd55075f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:47 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef3-88f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2191
expires
Tue, 17 Oct 2023 10:01:37 GMT
copy-1.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame EBD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/copy-1.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
360af8367592521fcd7ec8624cdef05e84e34d1c542c4a374828dfbe450da284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef4-768"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
1896
expires
Tue, 17 Oct 2023 10:01:37 GMT
logo.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame EBD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/logo.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c0216a4ae9eb4d295edfee2917969c200cefbb28bedbbf8ead8f4a4609b82403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef4-809"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2057
expires
Tue, 17 Oct 2023 10:01:37 GMT
endframe.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame EBD9 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/endframe.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
1904751ccfd62fb4368f0c10c93aa705878d726a2ecfe982877e838437735b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:47 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef3-25c7"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9671
expires
Tue, 17 Oct 2023 10:01:37 GMT
leos-display.js
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/js/lib/ Frame EBD9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/js/lib/leos-display.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2e8a854dbb9d8baf325f950347fa3b876ed124fd58546abdd1ce0c9e69b63d46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:32:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bcef1e-77a"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
animation.js
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/js/ Frame EBD9 		477 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/js/animation.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
76e1b353ad8b888eb77cf1b62b4fb4ee02ff5126f7ffc39c8c01582f93dc6e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 00:31:40 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bceeec-1dd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
style.css
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/css/ Frame 83BC 		1013 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/css/style.css
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
99a897b1b6bf0d20afe286cd5e66a7281c3c8eeb69c9aa0dfd42175fc8290aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bcf02c-3f5"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 83BC 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 10:01:37 GMT
image-3.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame 83BC 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/image-3.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
30c13878ec598cd5f3f00e151916a8836bf60cc3fc1dc5eb1a3df200e720b582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf037-459a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
17818
expires
Tue, 17 Oct 2023 10:01:37 GMT
image-2.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame 83BC 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/image-2.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87da6367710a464cd40e9eccba2dc010ba6f8b35a1ab03f8849eae124a1d8bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf037-369d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
13981
expires
Tue, 17 Oct 2023 10:01:38 GMT
image-1.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame 83BC 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/image-1.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f75ab72d3c3cfd942cadcc6075bc34830f90a39caf644969cdb1eaad79a6231e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:10 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf036-3844"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14404
expires
Tue, 17 Oct 2023 10:01:38 GMT
copy-2.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame 83BC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/copy-2.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
342d9207010dbb5769fc2988004bf46d4f579e8284fa3931374049e0dd55075f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:08 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf034-88f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2191
expires
Tue, 17 Oct 2023 10:01:38 GMT
copy-1.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame 83BC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/copy-1.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
360af8367592521fcd7ec8624cdef05e84e34d1c542c4a374828dfbe450da284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:08 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf034-768"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
1896
expires
Tue, 17 Oct 2023 10:01:38 GMT
logo.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame 83BC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/logo.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c0216a4ae9eb4d295edfee2917969c200cefbb28bedbbf8ead8f4a4609b82403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:10 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf036-809"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2057
expires
Tue, 17 Oct 2023 10:01:38 GMT
endframe.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame 83BC 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/endframe.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
1904751ccfd62fb4368f0c10c93aa705878d726a2ecfe982877e838437735b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf033-25c7"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9671
expires
Tue, 17 Oct 2023 10:01:38 GMT
leos-display.js
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/js/lib/ Frame 83BC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/js/lib/leos-display.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2e8a854dbb9d8baf325f950347fa3b876ed124fd58546abdd1ce0c9e69b63d46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:37:51 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bcf05f-77a"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
animation.js
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/js/ Frame 83BC 		477 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/js/animation.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
76e1b353ad8b888eb77cf1b62b4fb4ee02ff5126f7ffc39c8c01582f93dc6e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 00:37:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bcf02c-1dd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:37 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaj0&_p=7025&cid=3280498.1666432897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666432897&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&dt=%E4%BF%9D%E5%85%A8%E8%A2%AB%E5%AB%8C%E6%85%8B%E5%BA%A6%E5%B7%AE%EF%BC%81%E9%81%8E%E4%BE%86%E4%BA%BA%E6%8F%AD%E3%80%8C%E6%9A%97%E9%BB%91%E7%9C%9F%E7%9B%B8%E3%80%8D%E5%97%86%EF%BC%9A%E5%85%88%E6%83%B3%E6%83%B3%E4%BD%A0%E5%80%91%E5%81%9A%E4%BA%86%E4%BB%80%E9%BA%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022101801.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130840
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 08:35:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 21:32:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 22 Oct 2022 10:01:38 GMT
pubads_impl_2022101801.js
securepubads.g.doubleclick.net/gpt/ Frame 3F64 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130840
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 08:35:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 21:32:26 GMT
all
csm.as.criteo.net/ Frame 08D3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=MIshc6ZIq2YPIVFHpOsPq5qqIVuQNhc9V0pE4ZKvmfRBAFaXtlqEszVc3yeI074lGvmxqRjEgsP-HOgp2ePDOmMZN-SMIx2NEztN6or2yDWvfg33cGbpZj-OwE0Rdck--57gnTCyDkkBIQOv98q_DgY_p3s0CCs6UyVe9HIcklXGi9TYVwUEEeeQyI-AkHdWIRb6b2zqQjzzXHEKYFd2e0N-_UkgBiSWARb2S7WhtnZV0GDlVzDktprOfkBRXXbESKjR81xo--ozVR6x&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_fwAGDa0Kj9UGAA-UPCb9_XzrMmAxODg3uw&u=%7CEBRe%2B9TmFL%2FdXvWf5waAy%2FLRsyVaRg59mhoOVhJGovo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHM5nsaMiIG55iQ8oBLrRl7R0OltdayXCyenefozfG318njF9Wu5-6mS7RRTY8K_NU_QKgw7lK3n_0cX33GKbKc6EVD-hPLN-R8_tKqg4QrFhO-eBuIQEZvK_y-3ZCN-Qd0mD33rc0nWEff07veAXpb61TdyCs4TdrPKICfmLm1i3L2---NTZ-FukUNn1Hx1HabGHAYWMT5B3EqfR-BLObBMa5D4hJBJP0a_nWYnCr-fblxRb4bs17YUbq38ZnSEY74jLchJ4XLUydYZrk70_AOHtnQuXopCj4qO-wvYeXkPVlXOdweb6eOg55HjgOXGz8Wk91O_ZkFfhboxS-Q8y1YhFaXVs3FD3vMStK0oFiohima2dr2jiC-fsNMTpSuklvc3xHqTnOAA2E9QjdlJ1bJsCVHgyA8H7nipbUK0UUZ8nwmhrJhGjrw7dK4Ebe_Dmizg8pS-SGh9AwIX8DxCRKBsSrPhCm7j15YuNU3l0K5IlkAYMGYLE96oZ_xTxyel_x4hwmFV__p0lXRKcF9qfkrL2QlbkCF2FpPWzPVPSuJFgSkbT7vpKs_GQgV2iGXs7Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW58Nf79TY62bGIaqvwS8qL7ICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAmfofvAlZ6U-qAMBqgSvAk_Qe1PqqcDHBcjvyqlCEPPIVaU_34Cbf-tzaLw9vMcQjm_pVFI2eCeWyC3lhMHKfwzRvYyqWzRpNd5cwrmkt-g9CtFnOCPjOsYg9nHMEH4D_GFBJ_tSMsx0O46ONrATinEg80g0QoDJEwd-P-hMHsZOjd_VCloYZKi7Ty2uOLOHmPag4l-YFul8npmZZigPtuTCZiIjndN21bRvc_LWi89NjLBwsQ_8A_x26Zrve5taccQL8IaiROUoWMQCUuoPGOg-gVz95F3Y8TwEIlmxZLDEFGD5kD4QyRkXnDs-hZLJ5ryyFityCqg5uQznRZ6K3IsVO2ldiaDr6_dRir6XVhz-VzK6-Syk1wcLR1kwZ3-2J6PFnLO-SL5TtuQFtOzKXbRNDbEiCme4OlbLvYVWrIAGl-WiuNGt1ZD0AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2TTov414pWwlwPUQ03fkTQFHUq8g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 10:01:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
pubads_impl_2022102001.js
securepubads.g.doubleclick.net/gpt/ Frame 76BC 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130516
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Oct 2023 15:25:31 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3E1A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfEWXPF2uj-9-LtipjfF0gc0A1e3OsqWWupX2uibotFydJA444E0fp_48JqrdumjiGrAm_Z-1PftTD2wUBJqKvOuta&sig=Cg0ArKJSzPpA5nSw4FesEAE&id=lidar2&mcvt=1008&p=0,0,280,336&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666432895009&rpt=1732&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Oct 2022 10:01:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D330 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
c5d427d01fba95c893d3aa40ef80d0535cb00af662bf8a6bc8a257849ba77c07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11224
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2086546446426767&correlator=1015441656691073&eid=31070233&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D748dc3ca2e4e3b6%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D752cf374c60b465%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D76fc4020bae19d8%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D8537ff1599dd2583-227ff7fd68d7003b%3AT%3D1666432895%3ART%3D1666432895%3AS%3DALNI_MbbZg0ttZ78MHtE5w1NWeQr_RuaqA&gpic=UID%3D00000b68d6ce669f%3AT%3D1666432895%3ART%3D1666432895%3AS%3DALNI_MZXurGWg4IvxLXNAPofcZhXEpHlZw&arp=1&abxe=1&dt=1666432898324&lmt=1666432898&dlt=1666432891782&idt=6509&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=3280498.1666432897&ga_sid=1666432898&ga_hid=7025&ga_fc=true&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
052c6fd971ce6c2f8d80552e29e6271129f9c5629ae533ac5c9d9f90edf72a0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24082
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 480A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:38 GMT
expires
Sun, 22 Oct 2023 10:01:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9C96 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
4cd681fe7c0cefa8801429ab998ae195090d0abe220a567a090e093c6a8b3df5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11077
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Oct 2022 10:01:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D330 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9C96 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:38 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 76BC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 76BC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 76BC 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=653893321135499&correlator=196381577200177&eid=31070495&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1666432898779&lmt=1644386353&dlt=1666432894324&idt=4434&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=7bdsgoug8s7f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1949429153.1666432899&ga_sid=1666432899&ga_hid=1245683387&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
ca5b32d294b4ff8d1b20ec812d8534d3f07624ea4623ab95b236387c44426a75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f809bdd58a113f424b582e7188b13a87.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C58E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f809bdd58a113f424b582e7188b13a87.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:38 GMT
expires
Sun, 22 Oct 2023 10:01:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3F64 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3F64 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=365017962843509&correlator=4095316397552728&eid=31060439%2C31068501%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1666432898809&lmt=1644386353&dlt=1666432894422&idt=4378&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=771o8xd8h2c2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2048670271.1666432899&ga_sid=1666432899&ga_hid=1573436939&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
3b35f9a6208582658f1fd4b575bd43a43ebeccf585e5050f64063196a786cf78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
25cd982469f6774599cd7413a19565df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A934 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25cd982469f6774599cd7413a19565df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:38 GMT
expires
Sun, 22 Oct 2023 10:01:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C534 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
366565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Oct 2022 04:12:14 GMT
expires
Wed, 18 Oct 2023 04:12:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F41 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f105.1e100.net
Software
GSE /
Resource Hash
681df207d4374b8e9e640352612fc262c7218311b0f97f777884f5b708108f35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PW6GtcooKEG-4UVr-y0cfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-PW6GtcooKEG-4UVr-y0cfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:39 GMT
expires
Sat, 22 Oct 2022 10:01:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA6E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:38 GMT
expires
Sun, 22 Oct 2023 10:01:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A9F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:38 GMT
expires
Sun, 22 Oct 2023 10:01:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4538 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:38 GMT
expires
Sun, 22 Oct 2023 10:01:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 76BC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
804fc65037c616b4df477ddafa1bc7ae44428d71d41c41ba858b19ceeb07e0c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11165
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3F64 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
d69de8ab9ce1f98039bce9f4b2f86d62555bcb84564e5f5d77f330e1b05280df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11389
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 584D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
366565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Oct 2022 04:12:14 GMT
expires
Wed, 18 Oct 2023 04:12:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AC45 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f105.1e100.net
Software
GSE /
Resource Hash
8d44f790ecc325c5c72b9b4722977abf93717b5e00b0ccad0e6f4b4186fa58cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hE-2IVI1AxBm5qQuYwZgbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-hE-2IVI1AxBm5qQuYwZgbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:39 GMT
expires
Sat, 22 Oct 2022 10:01:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame C534 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DEE5 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVbY1rOFcVd5JeRNamFcev0OtsPrJmPlGIYzHXKy5wbTIKBh2JwRUXo3x_a4kaV661nzk1netwYauHe0qICdcjuTQYbgw
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame DA6E 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSOyVfON7q-zpb-F9gMibQrHjokF_evKa7FSL9ESIy-M0h1xPGQNewNlx4JHqItED1tKEReeh90JOjYr_j0RNiN7sUig&cry=1&dbm_d=AKAmf-Ay8ro4B_kSnL5R1ypULTugBq6OWJ-GTmtHw-erz7lvBcSWt0xUi8hAgU5tpN3T8_B0z6mbGJ6Ux9d-nxeeic2A4V7CqoymhUU2KG2W667bhyod4_SSTJRrPOlh0tjYNcG1fd7tUNJgtn1Zvao4oHjh5B1YSgM1KTm3moJFd-qpasQqApQQG34uqWgVFJNYwcrSxvu_F9AfcPa47kBL5q2sqYfPvqgoBSxLj1I1y-9LcWR2JqlcK5Njx-Ba-JrbqStbTlIuYMWv8kj2nj1QvGAIsrQF0mZSAYK5djG8gAhdpJfoJEIzxill-rfZ6ysHTYqyUXy4vM7LlacLAyIJoInvk2Sx7s9JP1_dcynDIsRerr4Z4QnQGVuDICBLPCfmgOxEin7jUc0W5vBq1bO8oFKmzizCxANHde9Mowv9LyOMFuNFm4pyPA49zpS-wMAKuvtN-v6QQsppAJH-Vg303SawDg7c4ppNFNIbR7tnEEOI1UWtD_M1hM-YoENFZvN8s-minaOmXqFR0BFmTvyPQGZgI2CwRh11MLO13BD8b4O_FCXN7K9lHYR4syBs8VoPolMDM3_7SKoFxtirJINo2dG5BPhNa7rQr45OLBpv77RhsrIJr1Ai3miUk0FaG_CfFC6rEdhnsvVw6cqB4-m1yIThgake_JUrBHBWrkCDY1XJby2u-vb0am2zfA7B7_WMpPNtwHMj-JeyEUQskwE0qrmjK6x3R1OiSit1-EJMr81jO1n5Cp2155MWgLM-JG-OqKpjenHZeNjDAMbytJFIvOYqumjsu4gf9Wj4KtZKcJZ4PsnwibAJNPicSHrIkQ4hivX2eA5YaaGizU06SW454khRM7Aojq99rlzEBY4xMR9kiZUmLXZzOjhqnQFutJpwYi-Zs12mtAWRrwGRZBlanyHgr80N25SATlSBaUTjtvJBDUsKG2FOlrJPVEZLIuqjG_Bt_XbWScPf7rd_68MwlE004YfOgquzx1PLHhR5I3Xdn2bQmkEAAKkCxm3uMLI6GVHj43RvNpnQrhcb_7Yfgj0X8rKz4GltmsZ8Cl7tlUT5MD17DUN4oELoVzp2wVggcDsNftCdJ5MSPcK4-6IRu-JJU-E9WUh8ptTtMUnQ57BOeMQZ8BrDg4wx6RVzv7DVnPd83SKyS02rCVaAeOTPxXXuGA2CZLOuqFxLaSrHjV1o0NyB2sOyznuC64CUCCPxr9fV7ujDMbioxGlw81t7swUzrAPPPafQx41dX-ofCghI3bRsPGNtIIpQ5hnpv69_3YXP-pVLq0bnQ58FNkDa76TTKzxgCreKj7QfQ4ITKgm1uSZj2bOCpsXj5qc4d_26POEdROK0WKd-eAUID4ec7Z7xZSJEX1J1S1esXcCkH1cN6VQL1ifh31PRiepFk_nLb9yjCp3M5uYye9SxetxP_ufgyQWNc0K4auveGXpgBPtCfPlVp02rIm2CkLWsPPYofv9aPdoEZ5Y93aW5jT7lqUYLCEstj5fdQIH1Kc1o8ea6UBdECQF6F_oTk_HkzMwNH5G8j5Xrs7YUVgat-FKi6s27lytj-FQypx_wxZ56MGw0RfGNczbtkM08RdWn3OtHNka2kjoj5L-aMSTBIY00n6Dntd2yAI2vEdsmoNLdGkhXz6MPASuJupfiwpPbhGYQRMlnFfZMlo_pk9k05Fr3aZWyCjEPb73Z2oclxUYRJCLi8GeWwXExE7lvlMQrRoHNJp01SjlIP56OjFqb3TW5yKzubmaF6DMMn9IUJBEcGLebsa1sq4rQbf5wvCcp-19mmFfm5c8R-OiVKqgD0rTPlZ7Gcs3-1UsVOvjhaMCCTvem3x1JDek-BAapoSH18mi38At_NVcWYh32n8Y2muX229D3OSm-_nIBBmvEk0sau0nFtUhkd1Zd-SvsSJDOxD89Q5UzuR3cUtrKUc2CUF_DkiAkfxv_7A62kCpoua_16odYThiOrHPQwtJQmg3i6blUIobImZCESbLYJM5PgkXEM_H2zMHUXVpQacyYDrt7pm66jVJpW7bO0f3Z8IFG4IfMre4JTwEf2cuKh6KgTc7RQI_hcw8WzAikvHPG684lYi81X6v6qbaIt1m0wzw99l9VF7FGJmW71WW9QcO1G7_JuBmcOjUOajmOpDE8kJfCRncrTwX1jFhp1P5mnRfa-tc3_taICA-COvO3D9WtRwqsssTAfYsTWeHIuTIiYS5jgR-GWhXJ_tjUF1Rx_H1f1i79TVbD9_R6Yqa_nclD_8wJ4xx36LwzPdlEEbIZOjKBBXPhlFsGWVSEUdQNkR3tAZnBvisQ4yHancqKyCxJb69Eh50etq0O71QCbjGguzUk68NkzmAxgofn1UEMXpfJd_pQszbxf0nLXD_AlkQuiIDyC6mw4Gi4hk_PJMnPmTTxIog8ju1Yoyhwjl63wz9xrNgU7Q-bAG8yFppp6rS9el9iL7kY03mpz51nUDz9RvnKda1x2dm0v2ynev1XaFfsuzAirx_9NUGqWQClOab3xVPVnAaNhB_ndYdIKAsqYBXeq-6dLU99OylkjneGzHj-rY0VY6yJyunON940pa8luaOdcODZB__a6JyI3gxFW2QQjvBU-z5QqHtsTM4abDLhtDBELDgk4eiqWNtQ0Z8CDBvp8KONZpfWlhG8_0cfbv5lpPfa3oknm1azoDOej3kFKUenE9IJ1l7BIAALHha7uVTkEb4frFfViBAw8QqLMUWdv3td_1J8fDSt-bFEeo31neTi1ZOYSexWuWbYOWy7aBPam73vvyNtMZEdUogQ5PHkdS4sJ_zjnI1KJuPIGzQ-faIxFrAQKSUuOw6NLpXJPmNjG1fTe5fcHEjXy58SuuLm-Js-jA70cDAvOOVkOmjLSfd0-D82HTKXZsJctqoN_fwp5U9dm6J-Qgi9KJ6c2eRz5SDRpyT5z71IFjRHMY36GM0GMyB4a3qHwGAPZwd4GxqE3HKocgYwJQJ9wgCuyyrtgvB5DfEC9k1Q6YKi1rIfKPgx1h7hElyGJd0dqH9owuBxRNrmX_04XD90CLakDvKvxe1ObJ7_uJepNjiFeoTZHr8_TnkHL440Ip-AQ3s4D1gjbXGTEN23NDgSZHATbqwTF09LZ1e2OnQoMPZHUSYwcL8UWJHuqxVyE5YQDgXk5y1I5BUcAtYn7RxyPEzGSfqOfOKZB98k3X6hqXINqdLz7rfz_n0lxHz6j-8kCKZHbDNDzW5ndM-Knsa6fiptYGwtsVa9vEIHmCmyOC-iLe37izZ2MXhM4Ph_tvFPLT64hbdYRFZJPN0C02U1fAWeGdaoZIDVSK3aacqAOLUaaFFhUOVVw8sYMfeKbVmn1SX5Ry9-lE5v8iimjKJTr5xEJbfqFFdWsxKzEhE&cid=CAQSPADq26N9xiuUG1uq-rwa4-e3D4GaGkFgSa3I2_uADQb0WtUli3eGctI3T0m9zlDHl9_KLLMS3QTqvv8q7xgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
73084a5191b8cd7a2b5b32aaa0972ffb72b2810af279f83838d5cadcbf0b444f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34563
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA6E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmVczUTfa-DS3kWjdeumngYqX-8TDP1jQjyyG27Rcy3nqxQFiltS6EIhRtIIelhAw3d-GkPiDE2HC9-o-dFfyp5ceHsKkrKIzjowz6UCOTinskzHk
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame DA6E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame DA6E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7335
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 09:51:52 GMT
l
www.google.com/ads/measurement/ Frame DA6E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLCp7OZ-n0mBfyZuBA0APyMH-uOK3zDfgdXDGo2BjHz0s6SCOGK2imOETW7o7QS5zvvFGva9hyRbCSq9sVdh6wAi8-kA
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DA6E 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 38C1 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXJHefUMrMBSH-DegOeR97_zUqKfkEzgMRzDkHdsv3YB0lF-LNt-gkKUOKW5qk4a-Ve4IZAXe6ypDux9ZqTroOT9OLuTA
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8A9F 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAzfeYj8PWfADDvtR7WkmRbBm7kjcCgkYFZh4XlDzFpQ8UoEhyYaJykIRmeQab6BfGaF1g93wFvdWGA4lx7-GBmefPtg&cry=1&dbm_d=AKAmf-CU1paxKRN2Ra14LAeb8sQMxSgcQKaMGa1WnQsER36Gz5xVR0JnJo-apeGweQiKNOXlHsOkul3-qtPQXm_lcQYMjLSggraKy1TQ6xfzbmWRyK07Omge1iS5JekzgSspkjV0Qr_pl6iQrXUtDkWHvWWyRwzTwaeJE7m2Z5TuJL8z5NFXjPByZHDyoBH_PKEDvG5P2CJrcgncGxDeHt1n15WJXkmoDRNBPrGnrWusGoXJDq_bpZ3MMmtHobjxbmxxVAg9MAkkWjRI1VqonQm-GHkm2gqX8-FZJGC1W2eeaHcJFBxxu41znXetuB2AbQv8ubSuUD02EUtX-F3QWabU5jhD1ZK5194RZ-G2DbIKKYE60yFMEZiLz9P-qtyRdGS0Pjsepx7oSSFvhDYanzdpB0wi7E7DZYDzk4SV4X6_7VbtvrpNBq0NCbaPyszXEBuEnpI1EqfjcevLFidcxdONLMpc6fe1mun2OzMZiaTZsfnxXwbsPVYIx4y6Yu9SV1ybRonQW5Qg66n-u6ferWUGwUPr8rNX7KuQOQsIqoLKZfue7rrv-c2xATMUC3VINLagksSBoggmK0SCCIfmgQUkuVtEW2tKFKGPoU9tdObXvnLCep3TXxdKfGFYtVmGTP2uY6BjmNwfvWnjeukKTMJvwTFlZ6jaTd_foJDu6iV6y18PMLF8TOZ0R_mNVrg5Xx3phEwmyY_Lt7q4cVwXXKFwXqgODddUG3fuj_bu_JqA9yuEDUKE-RrtT9PMMQu55Lt53ulPKS2qSUncQmexNwNIRh9JjhzZ9GBVICrLvzu3LWflN8R8D2OgFyiZAmjE2nU4NpUgf6jbo37wQWQoNhGSluw33venNxF0kuz6sfaYmpXBFyHzS-NsbepQsOMQi68zObYFRV5UbZJigvkwPh9_yamOQFhl0Pw_CpRTpPhTw_3LoS0HMmmesLTSEFDvtPZi9tI6tMCfB-jWouxsNd58yANs-Xd_mrcgC5KOFKu74W07mMDt09Ek3cLf0Cc7Uj2djYhBxfC_A6AYYB0rOZH5y8_p6prKQVhPI1Z2EyFI7aX8oS6fWOKNpmdL2hOMdfnY8D3HECX6jriggjv7C-d4x59oPbN9RBy7-UQKlpYrWgDckhfCRPdTAfqiBFHThh9dOgHj8OjGrUmEpItlJEOGt_xR3M9QQ-CMpY2rQNWOx0_JEOJJyVJ53rwBlCoVsu54MGErleM2g76MSe-BkGDVi809t14bbEDjff_jjvtwiH5CjEEm-njvqB_-N_440JYxHrFu5bTHTtGwRHFc3E_vje8TL7TMSAw2_zYp79JOL_CIMVpHyy9SE6EYdMPf1dH5ajEnEQzhsh9JwSZYRy7dvMSXYCxRxuQdN7bqLKPIgzQ_M2dWD8JiaQvnvSJjtNAXbQEH9mlgXQIqgQONaExiKqqosdEnNLcRKkJMGN6qQwNuWyT5kEsE3vzW3AqhT9eXavbm7qZlxKuh6JoXfplx4cROgZ26nVwtf7mX-Lm0OilhyVulkLveCvwGunVjpwHzccYOgV26UohCkBcKxBHpQseYYjwy8IM2RrcgCE2g4jeyMaK_ya0ILXXkAxnO1alCPJevwQLREU_qg8DaitNmpUWO6x3IJdOz98r62kfG6G245b9wm1zjZmw23V0Qn9az6zhfhg-AZ0-8_AWuvC9YnTyqQ90In4kxIUXIVeEVXr145v3-zHygXo_O1Vzn8Ilqb-LcghfpHTerXMX5ih6UZLdLENaLTGDw_UyPVxT3LbFJtftJFfcLwL30ocJvRNwf1WRR89L7rcxIzM3OFMu-A2TpY9HMA1ve9cAZVzAWVHS5HV_KR5eyHYA1z3jdUGDPz9zYq4OsidQ2C-lJhhTVu-403qMLYD-mz5Dr7qiYAjmnFROoeB31wUQf69m8Nn62yZgM5wRBrAQQgD-iIOmSioy6ijzgmI3Xa7QeGTSHXIGbq6PL8lILklP-SZWWjwnBr1MGZlXIV4WuAf9RC8EDqAszsrUuNDy5Qa5xstBttwxbNMHKH1zT_4gEWzMoaZOZY-1hkpHV1Wb8z8tuCtoXFUNRCY89xRFbVE_DYpqOx2r3nqUZYwgFJSFVqpKr4fqmf19RjAn63oFaP9acQoBj2KXVixDmrU7XS76AsJLbgTuEoQTVqvpp1jRFtXkgdXkxtzziUngAreyEvmWJAOgfH-k7yNN9oUYYOdGsfFPGMEmmA6ASBtLiW1EvE7QlCH5bXeyZP4NkIAC_TCvPElD4LdvNvTeikYF8zcrPZETN06txh9DDWaN4DgDuvwDi9oRTAtZp0-vPOlZEIwmgI33iAt-7V-I3YzDKHBBXY6QPAdfB8eRs4IvJRT-LhbxBOEsZY81Z8VLn82SDl9Ss9vfPoXIm_nLdP6JCcjo4IGSrp30GSCMPYNxy5YypNJfQbRKh94jYp0-Nu4DvCVkZlZer4RWmiauFodkP0JrQQtI_B2E61GNq0smcOrnJqQ7BcZP5uImRv1fp9gRXyRfrdSHLts4DeYm-3HhbnCNG4d2PdpjYngQ_gm5pgwrYQDCdHOzf75frhQ7FZUKAdx7HEywX3o7gSuM1dNTtDKP0SbkEAyJPcJ6GXaDG3ErB4NBPkBl5o3PvyjstYC-anllNW5K6j2uN0JsErGxrBvMj25Knzrtnz8PZTYTWHiMQXm6cvkRfvqK9Qeyzd4zeVy8LofisU94m5QtZ5JVmWJXTECSsCM1z7_dNKWCaHdwgUgwGWfbS0Wc_PKrh3p3PYkImMSTua7oLM6Ts568fIQ5ty3R8ijbt0sFmOLCKx7tyeYjtQqHRxochFOFrWKQ7dksPh0-OmpTNW4kJsXnQQ3JYzdCYr0bPzV8qbQrrLolLA088mFnb1kJIlepE7A6cDdgUI_S3Fj3lJvS0K9bfZvztGJPCNu4r-0tGPKLzOpfeCpB6JQYs-mnjLydEWhxvqJaRxAtK_XBw_yfKq795JU3OjNWb-SxfX1ZkYeUnROxUkiqBEvOzW0S14aHYFJIK9VHGtFRMFSRP0MtCzudsa2OCcetzTw6EXxrXXqTfKakiEHVbfFqXaaOjgp6PQ9-FD5rAIVQ1gRkqZwgumhoR4iSZgcEAGXxa4CCEKKJ4AXwmgqxo7hb2Vpacs_APWHcSZ_csfuGc5O-4b6FWZb6JgEzdfAbeLBq8Wr363G_6AXtY7ctJAVJBrV1QXMiozjUE8cPKXxw6-MV60kquCZVUrIoZ-hFjk_eLl9prt6_QLlllnGTxztRwAe4D_ylH3jOn3dcO1N1vY7kpd6RFmOBbkNf5b26_wZ7RVL42DcmYorvOIyqSSFjEG98VrMGZ2d8FeDe70o4_g_JCdSofkrGMbEFn9GyGVMaUNROaxsE&cid=CAQSPADq26N9xiuUG1uq-rwa4-e3D4GaGkFgSa3I2_uADQb0WtUli3eGctI3T0m9zlDHl9_KLLMS3QTqvv8q7xgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
128ea47e3b5b2e56080c8937090ef94bcefa47255866606ba25f585cc99e4fdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34251
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A9F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTPbpehVcuCwWNIjek86t5Xn0R--6CIJeK68KT4bwDa4CxMvXd5f2SmbGa_8ecJTHH426ZmcB11isOg5IGnVz9rWhc_yjadEkmoDw30agiRyVXOoM
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 8A9F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 8A9F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7335
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 09:51:52 GMT
l
www.google.com/ads/measurement/ Frame 8A9F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMyhHnSU-jNonIPaGXqa3KbFPeMh8psfUITfp95XxFSkGm_CAbWsL2a2i-qOAmMBzu4VpoJ8sVIPRfLw1Es24BJjmt_g
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A9F 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4538 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtiVygr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTUAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYTs9MUP0mYz5C8NPLm-hS2Us0JegPHANbhSziTBAW674GEIq8QdDgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=mQxT-1M1EPM&uach_m=[UACH]&cid=CAQSPADq26N9xiuUG1uq-rwa4-e3D4GaGkFgSa3I2_uADQb0WtUli3eGctI3T0m9zlDHl9_KLLMS3QTqvv8q7xgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 4538 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMjjDc7xBnjYBGL4LRICAAAA-ONZtFtuTcMQgr9TY9hxbWyuDC2T-TKBABIAAA&wp=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
153078
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame E6FD 		145 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
895ee8bd56930be4c918b55bbcd58a7fa7683d67979c71fcb1d12ea748581625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:39 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=t1aEvaZIq2YPIVFHAFGS2xKLGNQFRiYR_EaQay46w9u86Xc0GJrf9dH79BT9B4qQgzxpVGZxJFlyXzFmPpEHP3q5eHCg0O-ig5WfQR1HBCXxvgatYjyHA_6l8XA1c1bG589fuQ4NWsPv8Rpvz1yb_3G3hzaDGhY6CANGa8HB5PYcw3ReruErXFrMS44iBWFFoggEBP5gnLSQdumPlL3tPn-7T3aHtTJYnm7dX7oBh0-ZyIt0_jd_JO3uZcsXnre6XMvK5By_UWikLcj4"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
69982712
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 4538 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6832 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
15895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 05:36:44 GMT
etag
48472445140208031
expires
Sun, 23 Oct 2022 05:36:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 4538 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7335
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 09:51:52 GMT
l
www.google.com/ads/measurement/ Frame 4538 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAVySeoJ-UsYQ58RFrE3WYTaclSiOcmro8sL69lxs7pGflPQd0EdEqmAoiy1klhzfP8y47ZH_1NisrWK_gPDKxBfDcyA
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4538 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 18:50:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 Oct 2023 18:50:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4538 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 76BC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:39 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 584D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3F64 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 10:01:39 GMT
rum
dsum-sec.casalemedia.com/ Frame DEE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVbY1rOFcVd5JeRNamFcev0OtsPrJmPlGIYzHXKy5wbTIKBh2JwRUXo3x_a4kaV661nzk1netwYauHe0qICdcjuTQYbgw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame DEE5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1O-g7xHxCVJSWJG3oD2HgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVbY1rOFcVd5JeRNamFcev0OtsPrJmPlGIYzHXKy5wbTIKBh2JwRUXo3x_a4kaV661nzk1netwYauHe0qICdcjuTQYbgw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DEE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAKbd1TLCjyL3c-Kr_XzeMI&google_cver=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAKbd1TLCjyL3c-Kr_XzeMI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVbY1rOFcVd5JeRNamFcev0OtsPrJmPlGIYzHXKy5wbTIKBh2JwRUXo3x_a4kaV661nzk1netwYauHe0qICdcjuTQYbgw
Protocol
HTTP/1.1
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
AN-X-Request-Uuid
263d5b8d-2e64-457a-a859-60497bfb01b2
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAKbd1TLCjyL3c-Kr_XzeMI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DEE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDE4ODY3NjAzNjQ2OTgx
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDE4ODY3NjAzNjQ2OTgx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVbY1rOFcVd5JeRNamFcev0OtsPrJmPlGIYzHXKy5wbTIKBh2JwRUXo3x_a4kaV661nzk1netwYauHe0qICdcjuTQYbgw
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:39 GMT
AN-X-Request-Uuid
4773ff3f-eb5e-4d37-afea-f42b5d668a58
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDE4ODY3NjAzNjQ2OTgx
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 38C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXJHefUMrMBSH-DegOeR97_zUqKfkEzgMRzDkHdsv3YB0lF-LNt-gkKUOKW5qk4a-Ve4IZAXe6ypDux9ZqTroOT9OLuTA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 38C1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1O-g7xHxCVJSWJG3oD2HgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXJHefUMrMBSH-DegOeR97_zUqKfkEzgMRzDkHdsv3YB0lF-LNt-gkKUOKW5qk4a-Ve4IZAXe6ypDux9ZqTroOT9OLuTA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKtu09QxCi5JtACO4RJtBU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 38C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAKbd1TLCjyL3c-Kr_XzeMI&google_cver=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAKbd1TLCjyL3c-Kr_XzeMI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXJHefUMrMBSH-DegOeR97_zUqKfkEzgMRzDkHdsv3YB0lF-LNt-gkKUOKW5qk4a-Ve4IZAXe6ypDux9ZqTroOT9OLuTA
Protocol
HTTP/1.1
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
AN-X-Request-Uuid
cf7ba05d-8909-4760-8bea-ea57c7c4d89b
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAKbd1TLCjyL3c-Kr_XzeMI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 38C1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDE4ODY3NjAzNjQ2OTgx
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDE4ODY3NjAzNjQ2OTgx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXJHefUMrMBSH-DegOeR97_zUqKfkEzgMRzDkHdsv3YB0lF-LNt-gkKUOKW5qk4a-Ve4IZAXe6ypDux9ZqTroOT9OLuTA
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:39 GMT
AN-X-Request-Uuid
37a025a3-6c5e-45c6-b848-ad71e278d251
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDE4ODY3NjAzNjQ2OTgx
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame DA6E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Origin
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 20:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 20:37:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame DA6E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSOyVfON7q-zpb-F9gMibQrHjokF_evKa7FSL9ESIy-M0h1xPGQNewNlx4JHqItED1tKEReeh90JOjYr_j0RNiN7sUig&cry=1&dbm_d=AKAmf-Ay8ro4B_kSnL5R1ypULTugBq6OWJ-GTmtHw-erz7lvBcSWt0xUi8hAgU5tpN3T8_B0z6mbGJ6Ux9d-nxeeic2A4V7CqoymhUU2KG2W667bhyod4_SSTJRrPOlh0tjYNcG1fd7tUNJgtn1Zvao4oHjh5B1YSgM1KTm3moJFd-qpasQqApQQG34uqWgVFJNYwcrSxvu_F9AfcPa47kBL5q2sqYfPvqgoBSxLj1I1y-9LcWR2JqlcK5Njx-Ba-JrbqStbTlIuYMWv8kj2nj1QvGAIsrQF0mZSAYK5djG8gAhdpJfoJEIzxill-rfZ6ysHTYqyUXy4vM7LlacLAyIJoInvk2Sx7s9JP1_dcynDIsRerr4Z4QnQGVuDICBLPCfmgOxEin7jUc0W5vBq1bO8oFKmzizCxANHde9Mowv9LyOMFuNFm4pyPA49zpS-wMAKuvtN-v6QQsppAJH-Vg303SawDg7c4ppNFNIbR7tnEEOI1UWtD_M1hM-YoENFZvN8s-minaOmXqFR0BFmTvyPQGZgI2CwRh11MLO13BD8b4O_FCXN7K9lHYR4syBs8VoPolMDM3_7SKoFxtirJINo2dG5BPhNa7rQr45OLBpv77RhsrIJr1Ai3miUk0FaG_CfFC6rEdhnsvVw6cqB4-m1yIThgake_JUrBHBWrkCDY1XJby2u-vb0am2zfA7B7_WMpPNtwHMj-JeyEUQskwE0qrmjK6x3R1OiSit1-EJMr81jO1n5Cp2155MWgLM-JG-OqKpjenHZeNjDAMbytJFIvOYqumjsu4gf9Wj4KtZKcJZ4PsnwibAJNPicSHrIkQ4hivX2eA5YaaGizU06SW454khRM7Aojq99rlzEBY4xMR9kiZUmLXZzOjhqnQFutJpwYi-Zs12mtAWRrwGRZBlanyHgr80N25SATlSBaUTjtvJBDUsKG2FOlrJPVEZLIuqjG_Bt_XbWScPf7rd_68MwlE004YfOgquzx1PLHhR5I3Xdn2bQmkEAAKkCxm3uMLI6GVHj43RvNpnQrhcb_7Yfgj0X8rKz4GltmsZ8Cl7tlUT5MD17DUN4oELoVzp2wVggcDsNftCdJ5MSPcK4-6IRu-JJU-E9WUh8ptTtMUnQ57BOeMQZ8BrDg4wx6RVzv7DVnPd83SKyS02rCVaAeOTPxXXuGA2CZLOuqFxLaSrHjV1o0NyB2sOyznuC64CUCCPxr9fV7ujDMbioxGlw81t7swUzrAPPPafQx41dX-ofCghI3bRsPGNtIIpQ5hnpv69_3YXP-pVLq0bnQ58FNkDa76TTKzxgCreKj7QfQ4ITKgm1uSZj2bOCpsXj5qc4d_26POEdROK0WKd-eAUID4ec7Z7xZSJEX1J1S1esXcCkH1cN6VQL1ifh31PRiepFk_nLb9yjCp3M5uYye9SxetxP_ufgyQWNc0K4auveGXpgBPtCfPlVp02rIm2CkLWsPPYofv9aPdoEZ5Y93aW5jT7lqUYLCEstj5fdQIH1Kc1o8ea6UBdECQF6F_oTk_HkzMwNH5G8j5Xrs7YUVgat-FKi6s27lytj-FQypx_wxZ56MGw0RfGNczbtkM08RdWn3OtHNka2kjoj5L-aMSTBIY00n6Dntd2yAI2vEdsmoNLdGkhXz6MPASuJupfiwpPbhGYQRMlnFfZMlo_pk9k05Fr3aZWyCjEPb73Z2oclxUYRJCLi8GeWwXExE7lvlMQrRoHNJp01SjlIP56OjFqb3TW5yKzubmaF6DMMn9IUJBEcGLebsa1sq4rQbf5wvCcp-19mmFfm5c8R-OiVKqgD0rTPlZ7Gcs3-1UsVOvjhaMCCTvem3x1JDek-BAapoSH18mi38At_NVcWYh32n8Y2muX229D3OSm-_nIBBmvEk0sau0nFtUhkd1Zd-SvsSJDOxD89Q5UzuR3cUtrKUc2CUF_DkiAkfxv_7A62kCpoua_16odYThiOrHPQwtJQmg3i6blUIobImZCESbLYJM5PgkXEM_H2zMHUXVpQacyYDrt7pm66jVJpW7bO0f3Z8IFG4IfMre4JTwEf2cuKh6KgTc7RQI_hcw8WzAikvHPG684lYi81X6v6qbaIt1m0wzw99l9VF7FGJmW71WW9QcO1G7_JuBmcOjUOajmOpDE8kJfCRncrTwX1jFhp1P5mnRfa-tc3_taICA-COvO3D9WtRwqsssTAfYsTWeHIuTIiYS5jgR-GWhXJ_tjUF1Rx_H1f1i79TVbD9_R6Yqa_nclD_8wJ4xx36LwzPdlEEbIZOjKBBXPhlFsGWVSEUdQNkR3tAZnBvisQ4yHancqKyCxJb69Eh50etq0O71QCbjGguzUk68NkzmAxgofn1UEMXpfJd_pQszbxf0nLXD_AlkQuiIDyC6mw4Gi4hk_PJMnPmTTxIog8ju1Yoyhwjl63wz9xrNgU7Q-bAG8yFppp6rS9el9iL7kY03mpz51nUDz9RvnKda1x2dm0v2ynev1XaFfsuzAirx_9NUGqWQClOab3xVPVnAaNhB_ndYdIKAsqYBXeq-6dLU99OylkjneGzHj-rY0VY6yJyunON940pa8luaOdcODZB__a6JyI3gxFW2QQjvBU-z5QqHtsTM4abDLhtDBELDgk4eiqWNtQ0Z8CDBvp8KONZpfWlhG8_0cfbv5lpPfa3oknm1azoDOej3kFKUenE9IJ1l7BIAALHha7uVTkEb4frFfViBAw8QqLMUWdv3td_1J8fDSt-bFEeo31neTi1ZOYSexWuWbYOWy7aBPam73vvyNtMZEdUogQ5PHkdS4sJ_zjnI1KJuPIGzQ-faIxFrAQKSUuOw6NLpXJPmNjG1fTe5fcHEjXy58SuuLm-Js-jA70cDAvOOVkOmjLSfd0-D82HTKXZsJctqoN_fwp5U9dm6J-Qgi9KJ6c2eRz5SDRpyT5z71IFjRHMY36GM0GMyB4a3qHwGAPZwd4GxqE3HKocgYwJQJ9wgCuyyrtgvB5DfEC9k1Q6YKi1rIfKPgx1h7hElyGJd0dqH9owuBxRNrmX_04XD90CLakDvKvxe1ObJ7_uJepNjiFeoTZHr8_TnkHL440Ip-AQ3s4D1gjbXGTEN23NDgSZHATbqwTF09LZ1e2OnQoMPZHUSYwcL8UWJHuqxVyE5YQDgXk5y1I5BUcAtYn7RxyPEzGSfqOfOKZB98k3X6hqXINqdLz7rfz_n0lxHz6j-8kCKZHbDNDzW5ndM-Knsa6fiptYGwtsVa9vEIHmCmyOC-iLe37izZ2MXhM4Ph_tvFPLT64hbdYRFZJPN0C02U1fAWeGdaoZIDVSK3aacqAOLUaaFFhUOVVw8sYMfeKbVmn1SX5Ry9-lE5v8iimjKJTr5xEJbfqFFdWsxKzEhE&cid=CAQSPADq26N9xiuUG1uq-rwa4-e3D4GaGkFgSa3I2_uADQb0WtUli3eGctI3T0m9zlDHl9_KLLMS3QTqvv8q7xgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 10:00:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame DA6E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSOyVfON7q-zpb-F9gMibQrHjokF_evKa7FSL9ESIy-M0h1xPGQNewNlx4JHqItED1tKEReeh90JOjYr_j0RNiN7sUig&cry=1&dbm_d=AKAmf-Ay8ro4B_kSnL5R1ypULTugBq6OWJ-GTmtHw-erz7lvBcSWt0xUi8hAgU5tpN3T8_B0z6mbGJ6Ux9d-nxeeic2A4V7CqoymhUU2KG2W667bhyod4_SSTJRrPOlh0tjYNcG1fd7tUNJgtn1Zvao4oHjh5B1YSgM1KTm3moJFd-qpasQqApQQG34uqWgVFJNYwcrSxvu_F9AfcPa47kBL5q2sqYfPvqgoBSxLj1I1y-9LcWR2JqlcK5Njx-Ba-JrbqStbTlIuYMWv8kj2nj1QvGAIsrQF0mZSAYK5djG8gAhdpJfoJEIzxill-rfZ6ysHTYqyUXy4vM7LlacLAyIJoInvk2Sx7s9JP1_dcynDIsRerr4Z4QnQGVuDICBLPCfmgOxEin7jUc0W5vBq1bO8oFKmzizCxANHde9Mowv9LyOMFuNFm4pyPA49zpS-wMAKuvtN-v6QQsppAJH-Vg303SawDg7c4ppNFNIbR7tnEEOI1UWtD_M1hM-YoENFZvN8s-minaOmXqFR0BFmTvyPQGZgI2CwRh11MLO13BD8b4O_FCXN7K9lHYR4syBs8VoPolMDM3_7SKoFxtirJINo2dG5BPhNa7rQr45OLBpv77RhsrIJr1Ai3miUk0FaG_CfFC6rEdhnsvVw6cqB4-m1yIThgake_JUrBHBWrkCDY1XJby2u-vb0am2zfA7B7_WMpPNtwHMj-JeyEUQskwE0qrmjK6x3R1OiSit1-EJMr81jO1n5Cp2155MWgLM-JG-OqKpjenHZeNjDAMbytJFIvOYqumjsu4gf9Wj4KtZKcJZ4PsnwibAJNPicSHrIkQ4hivX2eA5YaaGizU06SW454khRM7Aojq99rlzEBY4xMR9kiZUmLXZzOjhqnQFutJpwYi-Zs12mtAWRrwGRZBlanyHgr80N25SATlSBaUTjtvJBDUsKG2FOlrJPVEZLIuqjG_Bt_XbWScPf7rd_68MwlE004YfOgquzx1PLHhR5I3Xdn2bQmkEAAKkCxm3uMLI6GVHj43RvNpnQrhcb_7Yfgj0X8rKz4GltmsZ8Cl7tlUT5MD17DUN4oELoVzp2wVggcDsNftCdJ5MSPcK4-6IRu-JJU-E9WUh8ptTtMUnQ57BOeMQZ8BrDg4wx6RVzv7DVnPd83SKyS02rCVaAeOTPxXXuGA2CZLOuqFxLaSrHjV1o0NyB2sOyznuC64CUCCPxr9fV7ujDMbioxGlw81t7swUzrAPPPafQx41dX-ofCghI3bRsPGNtIIpQ5hnpv69_3YXP-pVLq0bnQ58FNkDa76TTKzxgCreKj7QfQ4ITKgm1uSZj2bOCpsXj5qc4d_26POEdROK0WKd-eAUID4ec7Z7xZSJEX1J1S1esXcCkH1cN6VQL1ifh31PRiepFk_nLb9yjCp3M5uYye9SxetxP_ufgyQWNc0K4auveGXpgBPtCfPlVp02rIm2CkLWsPPYofv9aPdoEZ5Y93aW5jT7lqUYLCEstj5fdQIH1Kc1o8ea6UBdECQF6F_oTk_HkzMwNH5G8j5Xrs7YUVgat-FKi6s27lytj-FQypx_wxZ56MGw0RfGNczbtkM08RdWn3OtHNka2kjoj5L-aMSTBIY00n6Dntd2yAI2vEdsmoNLdGkhXz6MPASuJupfiwpPbhGYQRMlnFfZMlo_pk9k05Fr3aZWyCjEPb73Z2oclxUYRJCLi8GeWwXExE7lvlMQrRoHNJp01SjlIP56OjFqb3TW5yKzubmaF6DMMn9IUJBEcGLebsa1sq4rQbf5wvCcp-19mmFfm5c8R-OiVKqgD0rTPlZ7Gcs3-1UsVOvjhaMCCTvem3x1JDek-BAapoSH18mi38At_NVcWYh32n8Y2muX229D3OSm-_nIBBmvEk0sau0nFtUhkd1Zd-SvsSJDOxD89Q5UzuR3cUtrKUc2CUF_DkiAkfxv_7A62kCpoua_16odYThiOrHPQwtJQmg3i6blUIobImZCESbLYJM5PgkXEM_H2zMHUXVpQacyYDrt7pm66jVJpW7bO0f3Z8IFG4IfMre4JTwEf2cuKh6KgTc7RQI_hcw8WzAikvHPG684lYi81X6v6qbaIt1m0wzw99l9VF7FGJmW71WW9QcO1G7_JuBmcOjUOajmOpDE8kJfCRncrTwX1jFhp1P5mnRfa-tc3_taICA-COvO3D9WtRwqsssTAfYsTWeHIuTIiYS5jgR-GWhXJ_tjUF1Rx_H1f1i79TVbD9_R6Yqa_nclD_8wJ4xx36LwzPdlEEbIZOjKBBXPhlFsGWVSEUdQNkR3tAZnBvisQ4yHancqKyCxJb69Eh50etq0O71QCbjGguzUk68NkzmAxgofn1UEMXpfJd_pQszbxf0nLXD_AlkQuiIDyC6mw4Gi4hk_PJMnPmTTxIog8ju1Yoyhwjl63wz9xrNgU7Q-bAG8yFppp6rS9el9iL7kY03mpz51nUDz9RvnKda1x2dm0v2ynev1XaFfsuzAirx_9NUGqWQClOab3xVPVnAaNhB_ndYdIKAsqYBXeq-6dLU99OylkjneGzHj-rY0VY6yJyunON940pa8luaOdcODZB__a6JyI3gxFW2QQjvBU-z5QqHtsTM4abDLhtDBELDgk4eiqWNtQ0Z8CDBvp8KONZpfWlhG8_0cfbv5lpPfa3oknm1azoDOej3kFKUenE9IJ1l7BIAALHha7uVTkEb4frFfViBAw8QqLMUWdv3td_1J8fDSt-bFEeo31neTi1ZOYSexWuWbYOWy7aBPam73vvyNtMZEdUogQ5PHkdS4sJ_zjnI1KJuPIGzQ-faIxFrAQKSUuOw6NLpXJPmNjG1fTe5fcHEjXy58SuuLm-Js-jA70cDAvOOVkOmjLSfd0-D82HTKXZsJctqoN_fwp5U9dm6J-Qgi9KJ6c2eRz5SDRpyT5z71IFjRHMY36GM0GMyB4a3qHwGAPZwd4GxqE3HKocgYwJQJ9wgCuyyrtgvB5DfEC9k1Q6YKi1rIfKPgx1h7hElyGJd0dqH9owuBxRNrmX_04XD90CLakDvKvxe1ObJ7_uJepNjiFeoTZHr8_TnkHL440Ip-AQ3s4D1gjbXGTEN23NDgSZHATbqwTF09LZ1e2OnQoMPZHUSYwcL8UWJHuqxVyE5YQDgXk5y1I5BUcAtYn7RxyPEzGSfqOfOKZB98k3X6hqXINqdLz7rfz_n0lxHz6j-8kCKZHbDNDzW5ndM-Knsa6fiptYGwtsVa9vEIHmCmyOC-iLe37izZ2MXhM4Ph_tvFPLT64hbdYRFZJPN0C02U1fAWeGdaoZIDVSK3aacqAOLUaaFFhUOVVw8sYMfeKbVmn1SX5Ry9-lE5v8iimjKJTr5xEJbfqFFdWsxKzEhE&cid=CAQSPADq26N9xiuUG1uq-rwa4-e3D4GaGkFgSa3I2_uADQb0WtUli3eGctI3T0m9zlDHl9_KLLMS3QTqvv8q7xgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:38:09 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8A9F 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Origin
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 20:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 20:37:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame 8A9F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAzfeYj8PWfADDvtR7WkmRbBm7kjcCgkYFZh4XlDzFpQ8UoEhyYaJykIRmeQab6BfGaF1g93wFvdWGA4lx7-GBmefPtg&cry=1&dbm_d=AKAmf-CU1paxKRN2Ra14LAeb8sQMxSgcQKaMGa1WnQsER36Gz5xVR0JnJo-apeGweQiKNOXlHsOkul3-qtPQXm_lcQYMjLSggraKy1TQ6xfzbmWRyK07Omge1iS5JekzgSspkjV0Qr_pl6iQrXUtDkWHvWWyRwzTwaeJE7m2Z5TuJL8z5NFXjPByZHDyoBH_PKEDvG5P2CJrcgncGxDeHt1n15WJXkmoDRNBPrGnrWusGoXJDq_bpZ3MMmtHobjxbmxxVAg9MAkkWjRI1VqonQm-GHkm2gqX8-FZJGC1W2eeaHcJFBxxu41znXetuB2AbQv8ubSuUD02EUtX-F3QWabU5jhD1ZK5194RZ-G2DbIKKYE60yFMEZiLz9P-qtyRdGS0Pjsepx7oSSFvhDYanzdpB0wi7E7DZYDzk4SV4X6_7VbtvrpNBq0NCbaPyszXEBuEnpI1EqfjcevLFidcxdONLMpc6fe1mun2OzMZiaTZsfnxXwbsPVYIx4y6Yu9SV1ybRonQW5Qg66n-u6ferWUGwUPr8rNX7KuQOQsIqoLKZfue7rrv-c2xATMUC3VINLagksSBoggmK0SCCIfmgQUkuVtEW2tKFKGPoU9tdObXvnLCep3TXxdKfGFYtVmGTP2uY6BjmNwfvWnjeukKTMJvwTFlZ6jaTd_foJDu6iV6y18PMLF8TOZ0R_mNVrg5Xx3phEwmyY_Lt7q4cVwXXKFwXqgODddUG3fuj_bu_JqA9yuEDUKE-RrtT9PMMQu55Lt53ulPKS2qSUncQmexNwNIRh9JjhzZ9GBVICrLvzu3LWflN8R8D2OgFyiZAmjE2nU4NpUgf6jbo37wQWQoNhGSluw33venNxF0kuz6sfaYmpXBFyHzS-NsbepQsOMQi68zObYFRV5UbZJigvkwPh9_yamOQFhl0Pw_CpRTpPhTw_3LoS0HMmmesLTSEFDvtPZi9tI6tMCfB-jWouxsNd58yANs-Xd_mrcgC5KOFKu74W07mMDt09Ek3cLf0Cc7Uj2djYhBxfC_A6AYYB0rOZH5y8_p6prKQVhPI1Z2EyFI7aX8oS6fWOKNpmdL2hOMdfnY8D3HECX6jriggjv7C-d4x59oPbN9RBy7-UQKlpYrWgDckhfCRPdTAfqiBFHThh9dOgHj8OjGrUmEpItlJEOGt_xR3M9QQ-CMpY2rQNWOx0_JEOJJyVJ53rwBlCoVsu54MGErleM2g76MSe-BkGDVi809t14bbEDjff_jjvtwiH5CjEEm-njvqB_-N_440JYxHrFu5bTHTtGwRHFc3E_vje8TL7TMSAw2_zYp79JOL_CIMVpHyy9SE6EYdMPf1dH5ajEnEQzhsh9JwSZYRy7dvMSXYCxRxuQdN7bqLKPIgzQ_M2dWD8JiaQvnvSJjtNAXbQEH9mlgXQIqgQONaExiKqqosdEnNLcRKkJMGN6qQwNuWyT5kEsE3vzW3AqhT9eXavbm7qZlxKuh6JoXfplx4cROgZ26nVwtf7mX-Lm0OilhyVulkLveCvwGunVjpwHzccYOgV26UohCkBcKxBHpQseYYjwy8IM2RrcgCE2g4jeyMaK_ya0ILXXkAxnO1alCPJevwQLREU_qg8DaitNmpUWO6x3IJdOz98r62kfG6G245b9wm1zjZmw23V0Qn9az6zhfhg-AZ0-8_AWuvC9YnTyqQ90In4kxIUXIVeEVXr145v3-zHygXo_O1Vzn8Ilqb-LcghfpHTerXMX5ih6UZLdLENaLTGDw_UyPVxT3LbFJtftJFfcLwL30ocJvRNwf1WRR89L7rcxIzM3OFMu-A2TpY9HMA1ve9cAZVzAWVHS5HV_KR5eyHYA1z3jdUGDPz9zYq4OsidQ2C-lJhhTVu-403qMLYD-mz5Dr7qiYAjmnFROoeB31wUQf69m8Nn62yZgM5wRBrAQQgD-iIOmSioy6ijzgmI3Xa7QeGTSHXIGbq6PL8lILklP-SZWWjwnBr1MGZlXIV4WuAf9RC8EDqAszsrUuNDy5Qa5xstBttwxbNMHKH1zT_4gEWzMoaZOZY-1hkpHV1Wb8z8tuCtoXFUNRCY89xRFbVE_DYpqOx2r3nqUZYwgFJSFVqpKr4fqmf19RjAn63oFaP9acQoBj2KXVixDmrU7XS76AsJLbgTuEoQTVqvpp1jRFtXkgdXkxtzziUngAreyEvmWJAOgfH-k7yNN9oUYYOdGsfFPGMEmmA6ASBtLiW1EvE7QlCH5bXeyZP4NkIAC_TCvPElD4LdvNvTeikYF8zcrPZETN06txh9DDWaN4DgDuvwDi9oRTAtZp0-vPOlZEIwmgI33iAt-7V-I3YzDKHBBXY6QPAdfB8eRs4IvJRT-LhbxBOEsZY81Z8VLn82SDl9Ss9vfPoXIm_nLdP6JCcjo4IGSrp30GSCMPYNxy5YypNJfQbRKh94jYp0-Nu4DvCVkZlZer4RWmiauFodkP0JrQQtI_B2E61GNq0smcOrnJqQ7BcZP5uImRv1fp9gRXyRfrdSHLts4DeYm-3HhbnCNG4d2PdpjYngQ_gm5pgwrYQDCdHOzf75frhQ7FZUKAdx7HEywX3o7gSuM1dNTtDKP0SbkEAyJPcJ6GXaDG3ErB4NBPkBl5o3PvyjstYC-anllNW5K6j2uN0JsErGxrBvMj25Knzrtnz8PZTYTWHiMQXm6cvkRfvqK9Qeyzd4zeVy8LofisU94m5QtZ5JVmWJXTECSsCM1z7_dNKWCaHdwgUgwGWfbS0Wc_PKrh3p3PYkImMSTua7oLM6Ts568fIQ5ty3R8ijbt0sFmOLCKx7tyeYjtQqHRxochFOFrWKQ7dksPh0-OmpTNW4kJsXnQQ3JYzdCYr0bPzV8qbQrrLolLA088mFnb1kJIlepE7A6cDdgUI_S3Fj3lJvS0K9bfZvztGJPCNu4r-0tGPKLzOpfeCpB6JQYs-mnjLydEWhxvqJaRxAtK_XBw_yfKq795JU3OjNWb-SxfX1ZkYeUnROxUkiqBEvOzW0S14aHYFJIK9VHGtFRMFSRP0MtCzudsa2OCcetzTw6EXxrXXqTfKakiEHVbfFqXaaOjgp6PQ9-FD5rAIVQ1gRkqZwgumhoR4iSZgcEAGXxa4CCEKKJ4AXwmgqxo7hb2Vpacs_APWHcSZ_csfuGc5O-4b6FWZb6JgEzdfAbeLBq8Wr363G_6AXtY7ctJAVJBrV1QXMiozjUE8cPKXxw6-MV60kquCZVUrIoZ-hFjk_eLl9prt6_QLlllnGTxztRwAe4D_ylH3jOn3dcO1N1vY7kpd6RFmOBbkNf5b26_wZ7RVL42DcmYorvOIyqSSFjEG98VrMGZ2d8FeDe70o4_g_JCdSofkrGMbEFn9GyGVMaUNROaxsE&cid=CAQSPADq26N9xiuUG1uq-rwa4-e3D4GaGkFgSa3I2_uADQb0WtUli3eGctI3T0m9zlDHl9_KLLMS3QTqvv8q7xgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 10:00:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 8A9F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAzfeYj8PWfADDvtR7WkmRbBm7kjcCgkYFZh4XlDzFpQ8UoEhyYaJykIRmeQab6BfGaF1g93wFvdWGA4lx7-GBmefPtg&cry=1&dbm_d=AKAmf-CU1paxKRN2Ra14LAeb8sQMxSgcQKaMGa1WnQsER36Gz5xVR0JnJo-apeGweQiKNOXlHsOkul3-qtPQXm_lcQYMjLSggraKy1TQ6xfzbmWRyK07Omge1iS5JekzgSspkjV0Qr_pl6iQrXUtDkWHvWWyRwzTwaeJE7m2Z5TuJL8z5NFXjPByZHDyoBH_PKEDvG5P2CJrcgncGxDeHt1n15WJXkmoDRNBPrGnrWusGoXJDq_bpZ3MMmtHobjxbmxxVAg9MAkkWjRI1VqonQm-GHkm2gqX8-FZJGC1W2eeaHcJFBxxu41znXetuB2AbQv8ubSuUD02EUtX-F3QWabU5jhD1ZK5194RZ-G2DbIKKYE60yFMEZiLz9P-qtyRdGS0Pjsepx7oSSFvhDYanzdpB0wi7E7DZYDzk4SV4X6_7VbtvrpNBq0NCbaPyszXEBuEnpI1EqfjcevLFidcxdONLMpc6fe1mun2OzMZiaTZsfnxXwbsPVYIx4y6Yu9SV1ybRonQW5Qg66n-u6ferWUGwUPr8rNX7KuQOQsIqoLKZfue7rrv-c2xATMUC3VINLagksSBoggmK0SCCIfmgQUkuVtEW2tKFKGPoU9tdObXvnLCep3TXxdKfGFYtVmGTP2uY6BjmNwfvWnjeukKTMJvwTFlZ6jaTd_foJDu6iV6y18PMLF8TOZ0R_mNVrg5Xx3phEwmyY_Lt7q4cVwXXKFwXqgODddUG3fuj_bu_JqA9yuEDUKE-RrtT9PMMQu55Lt53ulPKS2qSUncQmexNwNIRh9JjhzZ9GBVICrLvzu3LWflN8R8D2OgFyiZAmjE2nU4NpUgf6jbo37wQWQoNhGSluw33venNxF0kuz6sfaYmpXBFyHzS-NsbepQsOMQi68zObYFRV5UbZJigvkwPh9_yamOQFhl0Pw_CpRTpPhTw_3LoS0HMmmesLTSEFDvtPZi9tI6tMCfB-jWouxsNd58yANs-Xd_mrcgC5KOFKu74W07mMDt09Ek3cLf0Cc7Uj2djYhBxfC_A6AYYB0rOZH5y8_p6prKQVhPI1Z2EyFI7aX8oS6fWOKNpmdL2hOMdfnY8D3HECX6jriggjv7C-d4x59oPbN9RBy7-UQKlpYrWgDckhfCRPdTAfqiBFHThh9dOgHj8OjGrUmEpItlJEOGt_xR3M9QQ-CMpY2rQNWOx0_JEOJJyVJ53rwBlCoVsu54MGErleM2g76MSe-BkGDVi809t14bbEDjff_jjvtwiH5CjEEm-njvqB_-N_440JYxHrFu5bTHTtGwRHFc3E_vje8TL7TMSAw2_zYp79JOL_CIMVpHyy9SE6EYdMPf1dH5ajEnEQzhsh9JwSZYRy7dvMSXYCxRxuQdN7bqLKPIgzQ_M2dWD8JiaQvnvSJjtNAXbQEH9mlgXQIqgQONaExiKqqosdEnNLcRKkJMGN6qQwNuWyT5kEsE3vzW3AqhT9eXavbm7qZlxKuh6JoXfplx4cROgZ26nVwtf7mX-Lm0OilhyVulkLveCvwGunVjpwHzccYOgV26UohCkBcKxBHpQseYYjwy8IM2RrcgCE2g4jeyMaK_ya0ILXXkAxnO1alCPJevwQLREU_qg8DaitNmpUWO6x3IJdOz98r62kfG6G245b9wm1zjZmw23V0Qn9az6zhfhg-AZ0-8_AWuvC9YnTyqQ90In4kxIUXIVeEVXr145v3-zHygXo_O1Vzn8Ilqb-LcghfpHTerXMX5ih6UZLdLENaLTGDw_UyPVxT3LbFJtftJFfcLwL30ocJvRNwf1WRR89L7rcxIzM3OFMu-A2TpY9HMA1ve9cAZVzAWVHS5HV_KR5eyHYA1z3jdUGDPz9zYq4OsidQ2C-lJhhTVu-403qMLYD-mz5Dr7qiYAjmnFROoeB31wUQf69m8Nn62yZgM5wRBrAQQgD-iIOmSioy6ijzgmI3Xa7QeGTSHXIGbq6PL8lILklP-SZWWjwnBr1MGZlXIV4WuAf9RC8EDqAszsrUuNDy5Qa5xstBttwxbNMHKH1zT_4gEWzMoaZOZY-1hkpHV1Wb8z8tuCtoXFUNRCY89xRFbVE_DYpqOx2r3nqUZYwgFJSFVqpKr4fqmf19RjAn63oFaP9acQoBj2KXVixDmrU7XS76AsJLbgTuEoQTVqvpp1jRFtXkgdXkxtzziUngAreyEvmWJAOgfH-k7yNN9oUYYOdGsfFPGMEmmA6ASBtLiW1EvE7QlCH5bXeyZP4NkIAC_TCvPElD4LdvNvTeikYF8zcrPZETN06txh9DDWaN4DgDuvwDi9oRTAtZp0-vPOlZEIwmgI33iAt-7V-I3YzDKHBBXY6QPAdfB8eRs4IvJRT-LhbxBOEsZY81Z8VLn82SDl9Ss9vfPoXIm_nLdP6JCcjo4IGSrp30GSCMPYNxy5YypNJfQbRKh94jYp0-Nu4DvCVkZlZer4RWmiauFodkP0JrQQtI_B2E61GNq0smcOrnJqQ7BcZP5uImRv1fp9gRXyRfrdSHLts4DeYm-3HhbnCNG4d2PdpjYngQ_gm5pgwrYQDCdHOzf75frhQ7FZUKAdx7HEywX3o7gSuM1dNTtDKP0SbkEAyJPcJ6GXaDG3ErB4NBPkBl5o3PvyjstYC-anllNW5K6j2uN0JsErGxrBvMj25Knzrtnz8PZTYTWHiMQXm6cvkRfvqK9Qeyzd4zeVy8LofisU94m5QtZ5JVmWJXTECSsCM1z7_dNKWCaHdwgUgwGWfbS0Wc_PKrh3p3PYkImMSTua7oLM6Ts568fIQ5ty3R8ijbt0sFmOLCKx7tyeYjtQqHRxochFOFrWKQ7dksPh0-OmpTNW4kJsXnQQ3JYzdCYr0bPzV8qbQrrLolLA088mFnb1kJIlepE7A6cDdgUI_S3Fj3lJvS0K9bfZvztGJPCNu4r-0tGPKLzOpfeCpB6JQYs-mnjLydEWhxvqJaRxAtK_XBw_yfKq795JU3OjNWb-SxfX1ZkYeUnROxUkiqBEvOzW0S14aHYFJIK9VHGtFRMFSRP0MtCzudsa2OCcetzTw6EXxrXXqTfKakiEHVbfFqXaaOjgp6PQ9-FD5rAIVQ1gRkqZwgumhoR4iSZgcEAGXxa4CCEKKJ4AXwmgqxo7hb2Vpacs_APWHcSZ_csfuGc5O-4b6FWZb6JgEzdfAbeLBq8Wr363G_6AXtY7ctJAVJBrV1QXMiozjUE8cPKXxw6-MV60kquCZVUrIoZ-hFjk_eLl9prt6_QLlllnGTxztRwAe4D_ylH3jOn3dcO1N1vY7kpd6RFmOBbkNf5b26_wZ7RVL42DcmYorvOIyqSSFjEG98VrMGZ2d8FeDe70o4_g_JCdSofkrGMbEFn9GyGVMaUNROaxsE&cid=CAQSPADq26N9xiuUG1uq-rwa4-e3D4GaGkFgSa3I2_uADQb0WtUli3eGctI3T0m9zlDHl9_KLLMS3QTqvv8q7xgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:38:09 GMT
pixel
cm.g.doubleclick.net/ Frame 6832
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEFkfGBrDf9wEWskUhtn9qaI&google_cver=1&google_push=AZmPxg9WxLNmYkOMpSLMjM7VsW8R2oHBybPAWrsdGGp-azxMXGuc_LyNh6v5oOy62ZXlrgQYyKH65VwePbNSKkMiBG6vvtk381iT8l-fm...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=THZfOEhTZ2lEdXVmMkdJNGhMOVRZdw%3D%3D&google_push=AZmPxg9WxLNmYkOMpSLMjM7VsW8R2oHBybPAWrsdGGp-azxMXGuc_LyNh6v5oOy62ZXlrgQYyKH65VwePbNSK...
170 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=THZfOEhTZ2lEdXVmMkdJNGhMOVRZdw%3D%3D&google_push=AZmPxg9WxLNmYkOMpSLMjM7VsW8R2oHBybPAWrsdGGp-azxMXGuc_LyNh6v5oOy62ZXlrgQYyKH65VwePbNSKkMiBG6vvtk381iT8l-fmctGXYva1vP1MSF5YxKLLXYS-KM5TqycteqCfaznIw
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=THZfOEhTZ2lEdXVmMkdJNGhMOVRZdw%3D%3D&google_push=AZmPxg9WxLNmYkOMpSLMjM7VsW8R2oHBybPAWrsdGGp-azxMXGuc_LyNh6v5oOy62ZXlrgQYyKH65VwePbNSKkMiBG6vvtk381iT8l-fmctGXYva1vP1MSF5YxKLLXYS-KM5TqycteqCfaznIw
date
Sat, 22 Oct 2022 10:01:40 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
289
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 6832
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEIj8Kc8ctYIABbvKL4uUTcE&google_cver=1&google_push=AZmPxg-_-auv6liWOdW1PHuPU-tuuZ4bOKJfmR-ImOmV5xRrEzyxu3kKGM8HLdaAwM3t_mccZ0syBDfH1qCtNFHMl...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg-_-auv6liWOdW1PHuPU-tuuZ4bOKJfmR-ImOmV5xRrEzyxu3kKGM8HLdaAwM3t_mccZ0syBDfH1qCtNFHMl0qsMF3TC0IosgTZe-51sHcjIGM7it_UykVQxy0d06I...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg-_-auv6liWOdW1PHuPU-tuuZ4bOKJfmR-ImOmV5xRrEzyxu3kKGM8HLdaAwM3t_mccZ0syBDfH1qCtNFHMl0qsMF3TC0IosgTZe-51sHcjIGM7it_UykVQxy0d06Im8F5B-1nOlDmElw&google_hm=AVUaUYlHvEy9vs_5Sx1RtmY
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg-_-auv6liWOdW1PHuPU-tuuZ4bOKJfmR-ImOmV5xRrEzyxu3kKGM8HLdaAwM3t_mccZ0syBDfH1qCtNFHMl0qsMF3TC0IosgTZe-51sHcjIGM7it_UykVQxy0d06Im8F5B-1nOlDmElw&google_hm=AVUaUYlHvEy9vs_5Sx1RtmY
Date
Sat, 22 Oct 2022 10:01:40 GMT
Server
Apache
Connection
keep-alive
Content-Length
277
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 6832
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMCY1gTydKp7TgVSS57mk-g&google_cver=1&google_push=AZmPxg_-3_2srW9deD4be_fFZHxuRSQsRU5GJrCljixV5-kO-6Z_x4qLJWCj1wXEGi5MYb8ZlnWqJbHuLbf6faFgqOfAU3b0Dne...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_-3_2srW9deD4be_fFZHxuRSQsRU5GJrCljixV5-kO-6Z_x4qLJWCj1wXEGi5MYb8ZlnWqJbHuLbf6faFgqOfAU3b0DneL4WkkRRX8lsPfPe9M7ToHpRuQQ9fdeoy...
170 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_-3_2srW9deD4be_fFZHxuRSQsRU5GJrCljixV5-kO-6Z_x4qLJWCj1wXEGi5MYb8ZlnWqJbHuLbf6faFgqOfAU3b0DneL4WkkRRX8lsPfPe9M7ToHpRuQQ9fdeoyaxcUGpXfIskKjxw&google_hm=ZzkyY2FlOWU3MmU1MzBlYzg4NGU=
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_-3_2srW9deD4be_fFZHxuRSQsRU5GJrCljixV5-kO-6Z_x4qLJWCj1wXEGi5MYb8ZlnWqJbHuLbf6faFgqOfAU3b0DneL4WkkRRX8lsPfPe9M7ToHpRuQQ9fdeoyaxcUGpXfIskKjxw&google_hm=ZzkyY2FlOWU3MmU1MzBlYzg4NGU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6832
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFwpAwab5ooD7zqjf2-i6aM&google_cver=1&google_push=AZmPxg8qhSKmMQ1l_tK7VHtahIkD_E5QZgL-dYEwGOrNTqPrcGVSrfZDhsM68Uf0Q6FyZUcc0MCeYHyE7k9-xXSYuryOF15PX1...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8qhSKmMQ1l_tK7VHtahIkD_E5QZgL-dYEwGOrNTqPrcGVSrfZDhsM68Uf0Q6FyZUcc0MCeYHyE7k9-xXSYuryOF15PX19...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D&google_push=AZmPxg8qhSKmMQ1l_tK7VHtahIkD_E5QZgL-dYEwGOrNTqPrcGVSrfZD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D&google_push=AZmPxg8qhSKmMQ1l_tK7VHtahIkD_E5QZgL-dYEwGOrNTqPrcGVSrfZDhsM68Uf0Q6FyZUcc0MCeYHyE7k9-xXSYuryOF15PX19Ysdjek4aOKcTAuHwriVKrzg8Uzcqb5R7ldKSLKusDCzbBGQ
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D&google_push=AZmPxg8qhSKmMQ1l_tK7VHtahIkD_E5QZgL-dYEwGOrNTqPrcGVSrfZDhsM68Uf0Q6FyZUcc0MCeYHyE7k9-xXSYuryOF15PX19Ysdjek4aOKcTAuHwriVKrzg8Uzcqb5R7ldKSLKusDCzbBGQ
date
Sat, 22 Oct 2022 10:01:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 6832 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEPvQdSLbBwV7vg_0oRIrWCE&google_cver=1&google_push=AZmPxg8vvqiaY1LUg4FhymKc7yPKGak6qEnValSbYi6in0Mh8ksPdxVkUn5K80qxyoAHrCDqh9_CUoBRSXncROR2OFAXQXK941gmUD52vMiTOjCjt5aGhIVImWYO9fRTIPuL5W6rGdyF2psnWg
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 10:01:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6832
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJW5tHYiToFv3u5rH-_VT0M&google_cver=1&google_push=AZmPxg-4HTYtwOyuXhjIhLDSYtagcpdv5wnBsfjbMNekMQ-3Vx2EDAwIV5h6MCw4Jm2fDj7Qo9...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJW5tHYiToFv3u5rH-_VT0M&google_cver=1&google_push=AZmPxg-4HTYtwOyuXhjIhLDSYtagcpdv5wnBsfjbMNekMQ-3Vx2EDAwIV5h6MCw4Jm2fDj7Qo9...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YN01fV0VSRTJ1Rnk0X05OTnpPODhfSWVCZjhTSjVJWH5B&google_push=AZmPxg-4HTYtwOyuXhjIhLDSYtagcpdv5wnBsfjbMNekMQ-3Vx2EDAwIV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YN01fV0VSRTJ1Rnk0X05OTnpPODhfSWVCZjhTSjVJWH5B&google_push=AZmPxg-4HTYtwOyuXhjIhLDSYtagcpdv5wnBsfjbMNekMQ-3Vx2EDAwIV5h6MCw4Jm2fDj7Qo9g3Zvr7c1G3OQui4_82EgIMPXppXcSiIcrR7RkE05V0wzrA4tQP0c5oChQP5T0o5Qxz-EvK5w
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YN01fV0VSRTJ1Rnk0X05OTnpPODhfSWVCZjhTSjVJWH5B&google_push=AZmPxg-4HTYtwOyuXhjIhLDSYtagcpdv5wnBsfjbMNekMQ-3Vx2EDAwIV5h6MCw4Jm2fDj7Qo9g3Zvr7c1G3OQui4_82EgIMPXppXcSiIcrR7RkE05V0wzrA4tQP0c5oChQP5T0o5Qxz-EvK5w
date
Sat, 22 Oct 2022 10:01:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
report
sync.teads.tv/um/ Frame 6832
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHfXgep4QXlOUVuxUISkp7c&google_cver=1&google_p...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MWQ1YTAxOWYtNDRhMC00NGE3LTkyNTAtNGZiNzA5MGQyYzhh&google_push=AZmPxg9nqKLi1YCpg13ABsMo3mLQrddAFnlGjU25lTKOmfAtMS6Bl1UYbujafUajmXDKg...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
23.36.49.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-49-63.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 22 Oct 2022 10:01:41 GMT
pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6832 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBshmgLgehSLxxAOVwewInlzrDslJ3ZbGlC2KNMokrauDk0Ohh7SjeXLoijxKha2uecHUL1x0
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame C534 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?w5ByJg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame 4538 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f4f48a5b149c01e2172d043d67794faf038a806d8313a8cb5d42973061af4b2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 076F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
366565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Oct 2022 04:12:14 GMT
expires
Wed, 18 Oct 2023 04:12:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6D0E 		783 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f105.1e100.net
Software
GSE /
Resource Hash
046287e7b5b6a4fc2f116869b74bb293f3495214a6f936c45f5194365db5e5b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZLAPgu0Y7GHG241a9NOy1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-ZLAPgu0Y7GHG241a9NOy1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:39 GMT
expires
Sat, 22 Oct 2022 10:01:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame AC45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221019&jk=238557065761273&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B71 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
366565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Oct 2022 04:12:14 GMT
expires
Wed, 18 Oct 2023 04:12:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D03D 		783 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f105.1e100.net
Software
GSE /
Resource Hash
353d7a9363fcc00c2010ef929bf45c5fd6cc6f210f4bea961beac84766768021
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qMUGsv1RerVWgU84w0Dz9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-qMUGsv1RerVWgU84w0Dz9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:40 GMT
expires
Sat, 22 Oct 2022 10:01:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221019&jk=2708831728714388&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 584D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yxW_rg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DA6E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512150
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 11:45:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 156A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
15895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 05:36:44 GMT
etag
48472445140208031
expires
Sun, 23 Oct 2022 05:36:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DA6E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
508294ccaf3791d246e421d9672e8a60f012b15e74ba53f7ddcc754bdf29d92b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8A9F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512150
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 11:45:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D3BF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
15895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 05:36:44 GMT
etag
48472445140208031
expires
Sun, 23 Oct 2022 05:36:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8A9F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3337882a799735725966ea2dae40c627be227a4107e9e6d8c80277409045286f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 076F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 5B71 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 156A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFVV_UXKqEKZVrem0qnuPts&google_cver=1&google_push=AZmPxg_C-w88bERJdg6p1oMX7DAQBkqX_r0Q7-4yGUaYZsc_cCAyF5RcIqkQWWkIbFprDHT7jCO0fCSS0CeA_JE-5Zhejk14uA1vN...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg3MDk5NjQyNTU0MTEzMDYwMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFVV_UXKqEKZVrem0qnuPts&google_cver=1
0
0
pixel
cm.g.doubleclick.net/ Frame 156A
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO_hn4t_oq7hyxQXBmwxzkM&google_cver=1&google_push=AZmPxg8Osc8fRk-h_-Gtx3c7QJqWf4hwI0OPm8NbpRXjdz7Kjt0wXXE...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3cbef8449def1b32&is_secure=true&networkId=14000&version=1&google_gid=CAESEO_hn4t_oq7hyxQXBmwxzkM&google_cver=1&google_push=AZmPxg8Osc8f...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqWxZsGnO2QM3QX6bAAAAAAA&expiration=1666519301&google_cver=1&is_secure=true&google_gid=CAESEO_hn4t_oq7hyxQXBmwxz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqWxZsGnO2QM3QX6bAAAAAAA&expiration=1666519301&google_cver=1&is_secure=true&google_gid=CAESEO_hn4t_oq7hyxQXBmwxzkM&google_push=AZmPxg8Osc8fRk-h_-Gtx3c7QJqWf4hwI0OPm8NbpRXjdz7Kjt0wXXEmYfrzXuw9xdRaO2I-YVXvo-T0monahu9_VN5McHt5ZOJoiyuJ-VKPviQC_RNVvBkB97wIzQ6lY4reHgId-iLep34g
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqWxZsGnO2QM3QX6bAAAAAAA&expiration=1666519301&google_cver=1&is_secure=true&google_gid=CAESEO_hn4t_oq7hyxQXBmwxzkM&google_push=AZmPxg8Osc8fRk-h_-Gtx3c7QJqWf4hwI0OPm8NbpRXjdz7Kjt0wXXEmYfrzXuw9xdRaO2I-YVXvo-T0monahu9_VN5McHt5ZOJoiyuJ-VKPviQC_RNVvBkB97wIzQ6lY4reHgId-iLep34g
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
asr
aid.send.microad.jp/g/ Frame 156A 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESENkRdhyiPfHVK7dSnlRxOLs&google_cver=1&google_push=AZmPxg89Tvpg6WuWfOYKHQZXMtRW6kHSndL-W8iPY413vrNuf8w6BS2VgfGXW-UpzS5zzGe2mhXDn9LasqMbgNWOUvmY2d7NACnQnKsvfpMTWn6v8ap93mXx4lsWhIM2W3v2riBlICp404k
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 10:01:40 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 156A
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEEr4CytXYLodsibQBGogGtk&c_param1=AZmPxg-1zxEjSwj2w_2vAybJKqAFxwEAVxUs6VuxupCpyzevAPJQ0bnUteN-NSWW37z6bsQobfPpCsgM96nwR532pQT1n24G9JTe_OhGRRugYzGz3lP...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg-1zxEjSwj2w_2vAybJKqAFxwEAVxUs6VuxupCpyzevAPJQ0bnUteN-NSWW37z6bsQobfPpCsgM96nwR532pQT1n24G9JTe_OhGRRugYzGz3lP_4uBzIQxK_ugK3JHXT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg-1zxEjSwj2w_2vAybJKqAFxwEAVxUs6VuxupCpyzevAPJQ0bnUteN-NSWW37z6bsQobfPpCsgM96nwR532pQT1n24G9JTe_OhGRRugYzGz3lP_4uBzIQxK_ugK3JHXTVF_uJbybEHB
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg-1zxEjSwj2w_2vAybJKqAFxwEAVxUs6VuxupCpyzevAPJQ0bnUteN-NSWW37z6bsQobfPpCsgM96nwR532pQT1n24G9JTe_OhGRRugYzGz3lP_4uBzIQxK_ugK3JHXTVF_uJbybEHB
date
Sat, 22 Oct 2022 10:01:40 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 156A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg-yUbYAWkpzduEdIPng21o2NyrQIrm9PeUtkvD6Sgry_Odq-qSYqPQgdj33HNakAB5on-beqqTUDL2WB1aZTKvDEmKw1vXeqaVEq-Z5MloHM42prG8pjjghy62rY81...
  • https://sync.targeting.unrulymedia.com/csync/RX-9a612cc5-bf98-4c3c-bbe3-7b68fefceb51-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg-yUbYAWkpzduEdIPng2...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-yUbYAWkpzduEdIPng21o2NyrQIrm9PeUtkvD6Sgry_Odq-qSYqPQgdj33HNakAB5on-beqqTUDL2WB1aZTKvDEmKw1vXeqaVEq-Z5MloHM42prG8pjjghy62rY817SfhV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-yUbYAWkpzduEdIPng21o2NyrQIrm9PeUtkvD6Sgry_Odq-qSYqPQgdj33HNakAB5on-beqqTUDL2WB1aZTKvDEmKw1vXeqaVEq-Z5MloHM42prG8pjjghy62rY817SfhVCG5hYgh8&google_hm=BJphLMW_mEw8u-N7aP7861E
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg-yUbYAWkpzduEdIPng21o2NyrQIrm9PeUtkvD6Sgry_Odq-qSYqPQgdj33HNakAB5on-beqqTUDL2WB1aZTKvDEmKw1vXeqaVEq-Z5MloHM42prG8pjjghy62rY817SfhVCG5hYgh8&google_hm=BJphLMW_mEw8u-N7aP7861E
date
Sat, 22 Oct 2022 10:01:41 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9a612cc5bf984c3cbbe37b68fefceb51004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 156A
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESECPTl96BNQiElevKhKEYksQ&google_cver=1&google_push=AZmPxg8Y3f9wwViVh0dRO0AXWxGwoJyGDa7IMrvxNMYHAc1YVCu4hlu78f2VPhjh...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESECPTl96BNQiElevKhKEYksQ&google_cver=1&google_push=AZmPxg8Y3f9wwViVh0dRO0AXWxGwoJyGDa7IMrvxNMYHAc1YVCu4hlu78f2VPhjh...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg8Y3f9wwViVh0dRO0AXWxGwoJyGDa7IMrvxNMYHAc1YVCu4hlu78f2VPhjhFq47GAenO-csXiq3oQYIMvMtxF1B1MJz__W_D0nyMsRX7V4IN7AVpueqbH9NUJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg8Y3f9wwViVh0dRO0AXWxGwoJyGDa7IMrvxNMYHAc1YVCu4hlu78f2VPhjhFq47GAenO-csXiq3oQYIMvMtxF1B1MJz__W_D0nyMsRX7V4IN7AVpueqbH9NUJMgSmB31IPh0WXpVgOsng&google_hm=MmhNZDNleHA3WHM=&suid-set=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:41 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg8Y3f9wwViVh0dRO0AXWxGwoJyGDa7IMrvxNMYHAc1YVCu4hlu78f2VPhjhFq47GAenO-csXiq3oQYIMvMtxF1B1MJz__W_D0nyMsRX7V4IN7AVpueqbH9NUJMgSmB31IPh0WXpVgOsng&google_hm=MmhNZDNleHA3WHM=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 156A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg_cjLwqGEJA0sV8ZOaq8p635TlYAwPDCY2s...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg_cjLwqGEJA0sV8ZOaq8p635TlYAw...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f3c597a5-1eb4-4564-ad26-5253ae9a981e&&google_push=AZmPxg_cjLwqGEJA0sV8ZOaq8p635TlYAwPDCY2sSxH4m8HxYBsaUSw0m9CC2f7YuJ3F0ZcwzA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f3c597a5-1eb4-4564-ad26-5253ae9a981e&&google_push=AZmPxg_cjLwqGEJA0sV8ZOaq8p635TlYAwPDCY2sSxH4m8HxYBsaUSw0m9CC2f7YuJ3F0ZcwzAF02YDFIYnAiWyK-jG9382pqtllqAHJ4VehBsx508hcQlxFoeeNFsoiGRv8bV7cAns1ZG-dXw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f3c597a5-1eb4-4564-ad26-5253ae9a981e&&google_push=AZmPxg_cjLwqGEJA0sV8ZOaq8p635TlYAwPDCY2sSxH4m8HxYBsaUSw0m9CC2f7YuJ3F0ZcwzAF02YDFIYnAiWyK-jG9382pqtllqAHJ4VehBsx508hcQlxFoeeNFsoiGRv8bV7cAns1ZG-dXw
Date
Sat, 22 Oct 2022 10:01:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 156A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhDCM3Bzli2U5V3xknZCk4OtcNZxzRALItBKt6wuAcecenjP5EifiHa7WfOjcSPOcYCFgK2A0
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame D3BF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFG3eef1TSAYhVkybnOukhE&google_cver=1&google_push=AZmPxg-X6Rjr8CBrWjqWRDy7rlEh3qvtDxIkl1xhodtjmW1C4fNfgTyzYPtlnY7E95AmsL6GpxTBuzerSTVSxUqTpS...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEFG3eef1TSAYhVkybnOukhE&google_cver=1&google_push=AZmPxg-X6Rjr8CBrWjqWRDy7rlEh3qvtDxIkl1xhodtjmW1C4fNfgTyzYPtlnY7E95AmsL6GpxTBuzerSTVSxUqTpS...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGNkNTM3YTMtNzY3MC00MzVkLTllOGQtMWRhMTE0MTdiODMz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4cd537a3-7670-435d-9e8d-1da11417b833
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGNkNTM3YTMtNzY3MC00MzVkLTllOGQtMWRhMTE0MTdiODMz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4cd537a3-7670-435d-9e8d-1da11417b833
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGNkNTM3YTMtNzY3MC00MzVkLTllOGQtMWRhMTE0MTdiODMz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4cd537a3-7670-435d-9e8d-1da11417b833
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame D3BF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ9WFzFjRrBUJVj4QWgyONA&google_cver=1&google_push=AZmPxg8ZI6ULXjJ-K0Pz7-ImVw19fkfogIyVNq2hLoj2kXKH6sOHIXrJdlw9mImgxfedkq9xPGjNximoxgMYupok9aIoEuB...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8ZI6ULXjJ-K0Pz7-ImVw19fkfogIyVNq2hLoj2kXKH6sOHIXrJdlw9mImgxfedkq9xPGjNximoxgMYupok9aIoEuBwScRmPQ&google_hm=Mjc0Njg1MTQ2ODA0MzQw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8ZI6ULXjJ-K0Pz7-ImVw19fkfogIyVNq2hLoj2kXKH6sOHIXrJdlw9mImgxfedkq9xPGjNximoxgMYupok9aIoEuBwScRmPQ&google_hm=Mjc0Njg1MTQ2ODA0MzQwODM3MA%3D%3D
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 22 Oct 2022 10:01:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8ZI6ULXjJ-K0Pz7-ImVw19fkfogIyVNq2hLoj2kXKH6sOHIXrJdlw9mImgxfedkq9xPGjNximoxgMYupok9aIoEuBwScRmPQ&google_hm=Mjc0Njg1MTQ2ODA0MzQwODM3MA%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame D3BF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKg7wGMlCrr88Ms61m9wfOA&google_cver=1&google_push=AZmPxg9vrLlJTWtKyZ1nAVdCvt_SWLWWQsSK92ADCmNe4tLdbbanfLx7bZRwHws-uQ0poWx9H0heBDuQ...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKg7wGMlCrr88Ms61m9wfOA&google_cver=1&google_push=AZmPxg9vrLlJTWtKyZ1nAVdCvt_SWLWWQsSK92ADCmNe4tLdbbanfLx7bZRwHws-uQ0poWx9H0h...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY2Nzc1NTQzODcwMzEzODg0NA&google_push=AZmPxg9vrLlJTWtKyZ1nAVdCvt_SWLWWQsSK92ADCmNe4tLdbbanfLx7bZRwHws-uQ0poWx9H0heBD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY2Nzc1NTQzODcwMzEzODg0NA&google_push=AZmPxg9vrLlJTWtKyZ1nAVdCvt_SWLWWQsSK92ADCmNe4tLdbbanfLx7bZRwHws-uQ0poWx9H0heBDuQY99FEFR96czh3NwiLkFfIw
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY2Nzc1NTQzODcwMzEzODg0NA&google_push=AZmPxg9vrLlJTWtKyZ1nAVdCvt_SWLWWQsSK92ADCmNe4tLdbbanfLx7bZRwHws-uQ0poWx9H0heBDuQY99FEFR96czh3NwiLkFfIw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D3BF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEL7ompWFTIgxFTSLpK9Wl6Q&google_cver=1&google_push=AZmPxg-_aUnG2ZoWV42NFdPF_AfKxYRa3n5KwizNJIkdpkDxCnSS1nFLAIDtwj-wLqp3mkE5by_Qclq-o0Kz2...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEL7ompWFTIgxFTSLpK9Wl6Q&google_push=AZmPxg-_aUnG2ZoWV42NFdPF_AfKxYRa3n5KwizNJIkdpkDxCnSS1nFLAIDtwj-wLqp3mkE5by_Qclq-o0Kz2...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-_aUnG2ZoWV42NFdPF_AfKxYRa3n5KwizNJIkdpkDxCnSS1nFLAIDtwj-wLqp3mkE5by_Qclq-o0Kz2I2jUYn-ubnq0iM0bQ&google_hm=OWVEbnNwRmJCNHM0N1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-_aUnG2ZoWV42NFdPF_AfKxYRa3n5KwizNJIkdpkDxCnSS1nFLAIDtwj-wLqp3mkE5by_Qclq-o0Kz2I2jUYn-ubnq0iM0bQ&google_hm=OWVEbnNwRmJCNHM0N1VCTEZmWmU=
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-_aUnG2ZoWV42NFdPF_AfKxYRa3n5KwizNJIkdpkDxCnSS1nFLAIDtwj-wLqp3mkE5by_Qclq-o0Kz2I2jUYn-ubnq0iM0bQ&google_hm=OWVEbnNwRmJCNHM0N1VCTEZmWmU=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D3BF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEH62ZuC9Pk6MG04qoGDivq8&google_cver=1&google_push=AZmPxg-khoqICqsdzSo4GLZ4d_y6D8T-oihnCZoxKnRKdbeI-09GlSRMrGjVirQZ2oU90SOj7rziXnTk1RQ205Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=UYqBFYvrR2FDrpOa6oxrgq310XA&google_push=AZmPxg-khoqICqsdzSo4GLZ4d_y6D8T-oihnCZoxKnRKdbeI-09GlSRMrGjVirQZ2oU90SOj7rziXnTk1RQ205...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=UYqBFYvrR2FDrpOa6oxrgq310XA&google_push=AZmPxg-khoqICqsdzSo4GLZ4d_y6D8T-oihnCZoxKnRKdbeI-09GlSRMrGjVirQZ2oU90SOj7rziXnTk1RQ205QTRaIRcH9QhBytDQ
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=UYqBFYvrR2FDrpOa6oxrgq310XA&google_push=AZmPxg-khoqICqsdzSo4GLZ4d_y6D8T-oihnCZoxKnRKdbeI-09GlSRMrGjVirQZ2oU90SOj7rziXnTk1RQ205QTRaIRcH9QhBytDQ
Date
Sat, 22 Oct 2022 10:01:40 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame D3BF
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESECQs3JQ7n4MQAQJl3dUmRW4&google_cver=1&google_push=AZmPxg-_xBQhHs7h4cJ1i0u8CEOpleQJmhUVa08Y97Lb0eWLeLiG3VGCo1murhJVPM90sWuoFe3xufamKgHWq2RROz...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ3NTMyMjY1NzI3MzI2MzIwMzA&google_push=AZmPxg-_xBQhHs7h4cJ1i0u8CEOpleQJmhUVa08Y97Lb0eWLeLiG3VGCo1murhJVPM90sWuoFe3xufamKgHWq2RROzu-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ3NTMyMjY1NzI3MzI2MzIwMzA&google_push=AZmPxg-_xBQhHs7h4cJ1i0u8CEOpleQJmhUVa08Y97Lb0eWLeLiG3VGCo1murhJVPM90sWuoFe3xufamKgHWq2RROzu-BrMxBwSvnw
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ3NTMyMjY1NzI3MzI2MzIwMzA&google_push=AZmPxg-_xBQhHs7h4cJ1i0u8CEOpleQJmhUVa08Y97Lb0eWLeLiG3VGCo1murhJVPM90sWuoFe3xufamKgHWq2RROzu-BrMxBwSvnw
Date
Sat, 22 Oct 2022 10:01:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sspsync
cksync.yahoo.co.jp/ Frame D3BF 		35 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEA19ODrMXrQF-PM70SBVWdo&google_cver=1&google_push=AZmPxg-uxoHHwIrt2HtSOAJdsXCTujQFEORV8_zXIQB7--giRvOiqQsExaSi5zPqxCM9c8jcMXU0S5WrfHtBgAMRHU1J5el9CMZ_wfw
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame D3BF 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQuZ8WjkLLmkqY-sDLY5YMr5gxxdpfPHt5mCRXZ7dcnFXXzB8FdubYbarqdYZPg6B4Xc5rRg
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 73CA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
107697
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 04:06:43 GMT
expires
Sat, 21 Oct 2023 04:06:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7F22 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
107697
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 04:06:43 GMT
expires
Sat, 21 Oct 2023 04:06:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D330 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221019&jk=2708831728714388&bg=!kpGlkdXNAAaaxvStusY7ACkAdvg8Wq2S7nnWAg5xqDQZ9yBuSR-AqxAQmKue_f29g36QID4RlmszTAIAAADLUgAAAAJoAQcKADYyP6Xc95TiuDP2nSq-UDE8krx5fp_9MNA-RUyaHOH9ajEguan8ON0JFhgky8bPehHIe0ZJ3CGZAqojPrnDY77JR-lr2KzugmCu4u2Sqsm_nVAJwNlT8_kKRD6V_t5eUIDEyO3frfxLbVFpB0eoRiFXkqWkB5wiYIxEVHeuh5Nav1Ebvg81CEMoJ9B8WZrdek5RQagxfDIg11sk1vIyj2hw01TpuFaNAaMH-jvE9E59P9pBMJDBdc57RTzqoVnhZPdoStiaOZnuxmBgDcsTAuIQEekoOm5bBY0qgVRLBpH9XhhK7HjqNcHW2EJBQ1HaU_uK0z79CmeUQYEgWAFUDlSPdtPjXITlphBDkQVWxWIPu0NC1FCLlTjq6Guq3eLPZ81IjWSb6s1jm1IFAK1l3OceDYSpbx-K0jvbHxWBU4usrUf0bSyL0ewrfChthtMbNCFz265Go7FTQpQOAi-3GWre3a4nFpSHwms9ygHI037f94X7Mh0LRtaegZvX9e44bBOeRcBZ89b2S96PdtD4mIkjMOhniXH4RdTq42dMqEPZ-154PZe7vlfzEyMQADDaRSfmjvz8Vfk8jo6vXrFTAobm5yavBcaOGkHL2mJ-lOuk2ohpfsyiuDiSBAMIKC2HDaFIqtOBithZLZPLiZSF4ofze-ec0yqjkDSri64VXlBiu5kA5lUryhAr4qXuGq_fZiVxoYGIgdwyrfr0yVp2Cx4R88HrfwvGJ7M_xW7DiEIXPHp1bWcJ1KGuKU-RKSjjb5KLwdWj_aRx5a3X1i9AEG6DR7molJTneLWzGmEuxhR2vnN2uHRhsbg7gExExIjT8BNRXdwUoD8gmk4btDX7dFmO74fpH9rsbGNNfAg8y0UZv4h-V-mfdjFwQju_h-pRVpXTN-NlyzBsUPBaYXFO48N0ZEZz8v1F_d2tmsUnLwigM_r2vjeHweOyTSuTRxlrc-j5IYSaIgGvYD6v1hXv5sfS-fCV
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6D0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=653893321135499&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D03D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101801&jk=365017962843509&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 076F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?E92v4w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 73CA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9C96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221019&jk=238557065761273&bg=!tbaltvLNAAaaxvStusY7ACkAdvg8Wq3zozOs8Ay9Ppi_AjyLtjpDlhbdguokZ5iK5KNGB8foheWchgIAAAB8UgAAAARoAQcKAC1o1BB5rAkF_pp2B_cZMSvl7PBrYxTba5sTdiotKZHq_tIPyHiJBoB_CzF0O_6ZAqa7KhEgym2WiIOGenRPW-ie5PkVgFZZ2LvCkU00gH2oBdKreo7fW06Un5QTQ1IOF6bFRR2y-NbSFoQUwHsftngfqnNuRslzpQWOTSbXpRP642-13niNxTTUBCqVxT7hvnrqAPuiZv8Wmtk9IR9ie9wr2sdfeYOlUjGY2PHwoCHeePZ7bCboCR5Ny2vbzcEqwIJY_AdfFW_lcuyzYcEtzagwua2opatvyd6wfNU_jjsAO_yS1E-DecTjVJLKUhgZQICHXAfQxbbyGNxcW4n7kXLPN82JpaTcqo3-PZdVhOt_-x714hy1LiIVCTRywz3yg_taidbQc0GWs0wFLJN8-29O6FEyftqtJXkLM30tptLiAM3aYUjKGsBq6BzTbFKS74nVYvs0Uw4pu-Ybbr5JkojI5lMP5XJ8XMNnQzirnwYBWJPrEvco7kg59MN8iRXEFKR0aYJKh2RLJ9MkMYVFoJULCsr7QZmmD0--7nbgaKvtd0kiCFjeOrCipg6qTRuSAksBOsv9Px5p5tPAaUCKP8KmzAxQRJs4KJEKtzQl_lyxcr7smOMubDXjiG-I0h1sD0MbF9aWdxI4letbgfaGRt3hwFiNS5_PgJz6e_jTshMnaXyerKaZ_zTxlZIR9Q3-YRfTGy6j64MwvtYbkeIL6yS5WmxyiqgxZMFqct-g5dVXmkGUKYvFymCZJYX32dy0p_q4b59H5dJpru-ystSavYcvcgW64XvqGoC_NtwGJXl8151QE3itHBjY6hIiaIc0jKnLa-ceqDkguiqHCe9oKAsT3ZPu4WjwSsvuipJWGiij9oZZkrpsK05FcJcTxT5LulOlw5HQfEqz1F8Di_aKXBlsPAcxezN4U3nj-K3jJWY_C5T_BTJ6YzPWeFFT-D8aX6i664HkrXc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 7F22 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
generate_204
tpc.googlesyndication.com/ Frame 5B71 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0GKm7Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
index.html
s0.2mdn.net/sadbundle/10977312179645291841/ Frame ED3E 		365 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
8773c1b13cce7cb3a4f2a918f796c5ed7efe77572cacd73911f47d29457ec3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 10:01:40 GMT
expires
Sun, 22 Oct 2023 10:01:40 GMT
last-modified
Fri, 02 Sep 2022 01:22:05 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8A9F 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuT5KljTH9gdmmlQIPW7brulqqbyYsCArZhmwHm-mdsoqTD9CNkhW4V0ikmKwj0sMScm4idAHmJ9I_p-IUAqU9gtO4TEpi6wRu3KJQ4fPV1-YnpUhFqFnfWWO-GEY01Q3ZG7N_IPkWk4VIP7ipz10DPJTZPOmNpIOifEscPbp-M-IvyFq4hSmo9WumORRgCm9SKlrWAZizTt29bhxuLg1y2BcXL2qR8z8SZvWDYge7sZlv7wnuV3u9aoLixC7RS1yWcNn33FM0w8AMCGthUN2Ch49JmqHp3lBiSMHjjZ4DHaMK436HXQ8ELCV5bcewy9l5udIjbmuWKpn8-NA_sqHdItB4QDJ37zmSJR3AjbmUbhK9FTlLGZolNIBQBuNJ2jTi0WplaOkTTRRXYFtO3hYblY8-du1kSa7vMTuolMBK76gTuVop8FHDFwZUFNXWawE9O9NXoJ792k5GZMhz62LAD6TOMDsFm9LOfWxR8eNi9rD8pGAIvRxK__De9WMdEvB-kzRXTM21ci5UGuikGW1i1Yl3bdQHaOR89xg0LRWsbJFzAxSShC7eHP9K6vyVfETMlTSoRJZgHVk-3Yxd15lC93esRD-WxDwi_CuRlKeLsUdRf1yzhCp0AIoHjHEEFcEzLdKdQln24yEMjPca1vbK7uxLPFO_iIcYISyG2HVllFqj1oKVqmXtGWZc-gtyNvOm91Z-2qjrnTeqdsrEe-ky7iRrQQji8MjrhH-3ydD7xnyNIJuFc0ObXHnqcdZJk3hq4h1LnWl50zucqFEks5OaBxiATKZTlIz38XuX-1abEvnbU3Sc4zSqx8MYaO8PExy0FnvIDyDpg2eB4Hu3jFEuCqPcYBcczz_q-4_tdqsqOP4Yh6T9IzvpI4YFOHvBbmlWaUPQ9Xu6j28oetFeohWfs22_c_WFtCynJRiz0TbYVtXzWJlL9KgdCxtp0qlFVmVKzVH_jCtBVuaKGBR4jz3TLoe0WHfgqm8QziNbH_d-Yb-rsfAd9p2SaU_opRpBkUTvBGGt9YV-tM6PxLZB4djXrh9S2txHUizQEL1EK9B_ojuPS_LxPn5bMYCSkEXLqe6zFV2RpeFdtdorINI2UJWXnabJ8yrSepHRaRcZPM9x_dsutvHAX-HdMwuprv84-6w7Jp8pSuGcsNcHZL-ubYiyCBZusDHC0mVaDjjDBgR5Qkde29YvjPCPxBNkNn-fDpIJCMWZ-ObQVwK75aNP3SDxVsbcRjlNMcm56k_aowIFxWzkfJA1Hmj1y4iR1qD0HW-nOUg&sai=AMfl-YSxYgykZ60zXNkG_1AYIX3sLLfp2x5GGPVoKgiya4tSkBxqBy_ARPRjV1D_3lmGcVzr-tQh5M51bSZvbYP3bTU7AiuBeqeMA5T06M1Aka_TOAU4iAwliofMaNr8AOK1gWyAT8BRb9pZyO48Yipy2wjYqaG9BzDfmNWi2M_U5Tv3FdY4YaPZh8DgQu94QEScyBbrKUsWr8zgEvciGDXCs7s9nyJfejvJW6QTGDoBKh4ZdlluXBJrv9WJsE4HqJ2LwV_vUh0FSkF1mQ&sig=Cg0ArKJSzI7lDX40q_t0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=853&cbvp=1&cstd=849&cisv=r20221019.98308&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 22 Oct 2022 10:01:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/4341851026603666896/ Frame 2C62 		63 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
4b11a33fa63b8930d952a88a97d4b848f825456838441303fd7813e07185a781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
18364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
17829
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 04:55:36 GMT
expires
Sun, 22 Oct 2023 04:55:36 GMT
last-modified
Mon, 10 Oct 2022 03:53:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DA6E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstiDHZPcm6_6UwGIleEq6VlMENK2UxH_Z0bf43JMCDFagPqQ1nPOTZqbQHlMYnB1ps4ixlVqyRNxgOrw3bxA0s-0pNcZcy_IYFToMwV9kn-zL9s3-GQlkucKCkYAoZUBFH8YTqbIYKsX7pJQNZ4C3aztSdMKM4LzweESZ1Rr4LROGDBYPXviEV0uFHz_suYO1Vli-uiOhtXHrt_R3gHYyJ5Mod09OMPnsWQbQ64LoWmiGizFEF7Rd4Bohf_4qQ5tCcj07HexLA-IoxT93JcKc0WwNbvaleiEQsr-v8c12pexi4OefQeT4yGqzTakkmzy-vjj_GqzDd5_4eqAhhzLZBLc5hrvXCzYvhAk7g295INJFvjQpaiwJfNfF4Sb2MVU70PzpxZm6GXbG-XQ_GOz1QXcaXW2QeplZzyFB3ojXK2gK4hkopSBp3sW8X5c5rj8Trb4hevPpj2zdkuVb0wEbhbWvBKA98jJp_qcLRtqyQQWld4pbI6OR2l07GhjAMeSgxyr-gLixHw6LqzsqgaYayEcE3tnoYaomyqoLrCtmkXxNgBq6p19PsIfso2_15miBKNtp4TwvEDSEHF0lidl9a1pK63vlMigljRc6iNjztTtsDZa6W0iQ_PBNujPfayTqQAKWVLOQvEPbF0mN_8EkS5XeDcKNfc1EKVAm_zn2iMaFT_zXkUJ0VVGXmVIQWLOK-MYsL4fmobaiuBH-PtQuAxIHH9DTKoF_w1FjOPUxjHfoqh_jP5bqBDCOT0m49ZKYrnKvvJWvAzKUlSxa28UVPe3JLFKBWy-anPXMfdTPAGnnV7ncmuDFgf4EIroWfQO6gKKZ-H72S0-W9KIsGocI6VkcOEBd73dlvoxM_GdIVXRtp34rVA_hNMlYW5AQzU94O7ZsM5D5hsya1fuktSa-e3lWIE3s5LkdNmZLNB8KOE9iSCBLFxjAev3RObnnqJLtnIdaKUv5CPjHyjj8Xgrz7sUoETjQM9wrnZEsKu4HfbckQMUDsD6MKmK5gUlcREHg9E9aGSGjbPPw72YvKHmNuIAQY8JmYhR1BFWozJIRQoqg-fDQ0JRuWP5sO5MJMzp7NxdLp40e5BMfrfoEDGmrE0cw5sh4NVBL7ErsVzT9uvZgV_MlNzc157PcmmobnF5wDCxy38_DA7NZhHd1xEk7dyi1xPtjW2SZ11smRumM0I67X5tpaybI2pddeiByeFOoSNHCvjRRJ_wlCtXHPzblw43u4sCTucA8ktlnrLl8fBNwXUgMkmOH4APoy-twYqdzKV&sai=AMfl-YSWJ9WWffz_1TzjdgnYnDoUKv8ySecrA2A-DuXdCM_VPLGH1SFugfkMv6BYnN5gnIy69CsCQQzraiUqbTdGygQMqYhUjjSAjz8M6OXWG50yL5IjNaneYQUakhpRCo4I895Db0ZywFNoTPTml-ZpYJrZFTTnUYAqu6hr2M3mmwNimv2LEwZ2bbxAmtcenQkr-jj7lIalXGn3xxjnfcuFuciL8Y3jNNpmyrA6IsLz4wkpXOgxfI6Igu3twr0juQ3whrA09fVYQCbU5A&sig=Cg0ArKJSzNATgR1wIm-wEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=886&cbvp=1&cstd=883&cisv=r20221019.35048&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 22 Oct 2022 10:01:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 22 Oct 2022 10:01:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
578752
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		325 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
096751a01f1daf47642f3647c42f2fa4a11019f68292b71955c73b4abe17c68e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
744517
expires
0
rid
match.adsrvr.org/track/ 		108 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
267d2d5ef8af07710d9eed6561ee84838d04441bb6769ea7b9b275b9eb3273df

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 21 Nov 2022 10:01:40 GMT
checksync.php
contextual.media.net/ Frame 5421 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
fe76ac8037f1e137f6af98225dc93f4c6c5683e741fe70a848d9d6335440b1dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11834
content-type
text/html; charset=UTF-8
date
Sat, 22 Oct 2022 10:01:41 GMT
expires
Mon, 24 Oct 2022 10:01:41 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 72EB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1116
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75e1649d3d6fa7f3-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 22 Oct 2022 10:01:40 GMT
expires
Sat, 22 Oct 2022 14:01:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame F12F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.81 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
13853
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 22 Oct 2022 06:10:48 GMT
etag
W/"73e6cbdab99355b35d71abf2ea225ccb"
last-modified
Fri, 14 Oct 2022 20:27:38 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 0ea0aa067bccec2bca8820a976e6164a.cloudfront.net (CloudFront)
x-amz-cf-id
egFqAUszj7YtXo9vW9d7jlO_0XAFO41nJ7faBlmQtZ6SlJpbMxQS9A==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:3af1d685-3010-4d5a-b093-b3a07cfff8d4
x-amz-meta-codebuild-content-md5
7549bc6c6d823788ee0fb3e82c36711f
x-amz-meta-codebuild-content-sha256
a4bfb92c455b4ab78db908287ee14cc08cc0080652f1ca29578852e9526e8fda
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 04D1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
19959
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 22 Oct 2022 10:01:40 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
52, 28697
X-Served-By
cache-lga13626-LGA, cache-syd10179-SYD
X-Timer
S1666432901.673438,VS0,VE0
/
onetag-sys.com/usync/ Frame 7090 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1666432895658
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame A58B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
62962853b3542f487244d2de0be348f16094330c37be146b3834df3557a0e25f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1083
content-type
text/html; charset=utf-8
date
Sat, 22 Oct 2022 10:01:40 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 5B02 		533 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
357c86527b0f8f09e3ec545d9ff6d0ec3fc862d6264806b051c3e001893fdb19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sat, 22 Oct 2022 10:01:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame D052 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Oct 2022 10:01:41 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=716d80d9-3635-4295-a376-5230bc58a8c9&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=716d80d9-3635-4295-a376-5230bc58a8c9&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0fb8a272-a51e-4154-ac84-e05540e1007d&ssp=adaptmx&gdpr=0&gdpr_consent=
0
0
redirectuser
ssp.disqus.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D716d80d9-3635-4295-a376-5230bc58a8c9&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3783%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D7...
0
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L9JR4BXF-P-5T95&gdpr=0&us_privacy=1---
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L9JR4BXF-P-5T95&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L9JR4BXF-P-5T95&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=716d80d9-3635-4295-a376-5230bc58a8c9
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A&gdpr=0&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A&gdpr=0&gdpr_consent=
date
Sat, 22 Oct 2022 10:01:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73CA 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC8dTg79TY86qE-qZssUPxJuz4A8AAAAAOAHgBAI&bg=!m5ilmNzNAAaaxvStusY7ACkAdvg8WsagMf99IcRgkZxbIajXaeJPwfQxDMkLUcdmBBwFMao7w8LS_wIAAACTUgAAAAJoAQeZAtgIiCceBcW7KLFBjUDI7O67ebSO67dN1d_ehnWkC5TmgeTKxYTk4DgWl9_KKpwquddlxA4j7obiF7CT5uQ8i8RgK9Ife22trqYDqTVz_B5cCgHc6XPjCG-wwS14BhMNBkyWz06MTusdfsIhshSFxnHggSqe_czeM6hd84WyJ3Wmmma__4dEOJNxJr3JWGMQt01wCltKUoRKCdz3I2W7yh2Laq5Bbo-0HwH-8j8UDP4MtQTawgBvulukVNygclFRCUolrIp8lucDgm0NDgU5jqpQAEZLpIxZs4zFCg9rRSJFWxXYxJO5FIc1tMmeDkPmQ3L5TrlEZbZkHDjpWnGjlW68TkkzWuhyaGJCOrkszr1-jBtu-z36xR9NAQ9W8fZnCRTB2l68jEA8EWTjRxHBwcsmnkqhqhPWD_eqoJijbAgsqjLwfmwNTYZNhUQoaIF8pGc-Ae54HPI_rvpyqm3X7PfMa__MgenbECO5yo7MTdv7B5K9_y8wjlhoYnuiU7cQgHSryvii31qy6mUfiuGMtk3N_9l-DpB7GwrJ7mVLAJTEv4qx9sJzbMoz9QP_LwEo1wK58pdAui6oa_lRGCDsWlR2BlG9hEHv7E6BB4hAEfbO8DYgojGcXIIbvNXr7F42rqnJ1OHcihvnHx_Z6ZxYHbNRAvuZSn1LHoGUIsJed_kWUpEYUWyXfo0eQTXNIy83QUR3eb5ZzgeH0zoeMYaeukoWE2ZqKwsR6-H9JKiMvrhVbw-zyEW1ZnKUqLFQty2_eyxy5uw-jQ2w2eKnhRZibtW1UQxVtWCT1qZ1HLy5nOyPnOGAkllP0wfWcqwlFHZkwOJg7TmkPca80JjuaI8dDM3mDao1KvSyLHo3ksIk5kQhrv2uf_pQdoawrDOG9h_HizPjtUqwSJM91SycGQRqLybbSt3seW8G3Kvh3KtupusLdKJUt5qWygazBs6ubIohW54zJb67puMpSw
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F22 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Becodg79TY5SQFMOO1Abenrn4DwAAAAA4AeAEAg&bg=!S0ilSAzNAAaaxvStusY7ACkAdvg8WlXhwY215zmbAbPswRnTw9ObpHQydmdHRneJqNx9twZON7FM2gIAAAB0UgAAAAJoAQcKAJFcnFbk4c3DDkv86uy7jS9NyedpUhOQIPtKDNCgGphYH0tkAs9HRLSct596oOSiKF1xQ86n8Ey4yVfnWgZwCCObfRfgcHOVGihypt0Re_sWu_cTEtkVrVS1jDdlDMu3whFOsamFUD6nMSzl8R8QZebQuJ8w8b79ttrEFqV89yH3doGuU-M9FUrS84xee8oVJrT6mQLr3ou_ID_PeZQJT7orp5kcxlF9zdttwHu41vlqUX7cebnn2QoYODveKdIPozvxxTnMxNRM5YAA1_FNgRvEpa0qMiQIiHLhdLZrK19xYalcAI22_JpuP1AOuH51C_sE_MwWeU2upNMtwD2jhcI1CDtm86E4QhmNga4dSjUG2Btlnm2mqqYO5Tq34DNgfdHxqXP60-u8VmnWMNptkVsi6-Z4zfbwapx0rLpqR0QuldrHnqvIcOk4QYX9Hy3mChBDP2kTJzNt2EO9yZ0NNmOHI5RUeORXTwgjzW0OmsWproDKj8N-nF3dKwmiH4c2k7vWnj7uMcQ2FBOY0tjFznfMt6p_Ehi4VkI8vVmjwffUVrkUXSrigMNEjNn9SmQ2O8dc4SILoCnhXvrUBSXMfwSAQ7hQicdeN6ftpw7xoWn28FfWx0yAnXXsiJ6Gy2-XyXolTxMvD2KXomuY-WmILBybE2mV2CPoj02iTcCXZjcrvkaEmX-mgYxYQiMFWzTCouhoNqwvhQOvxeOEYr7A8JfVAI0C4uY1WlRQChSkcF_KAnzWAYE0l7lcxle7U_S_H_BcZvddGwyJbI6ygz1y3zpFgEFv5otJllVr0dyA5RoaKoc64OWVWCBr5tQo2Wb65Ea3DEi-QXkICaHZdek9aMaWgIXZx32Jr9yI8TVZqAhvYl2pnKv72aq3GemjNTh79STScfql-QYBkJmclyXCsKP8VQkTXfrYGW28rFdTdKD7MOWp94mDBraaTFEEDsNCSVKnet5SkMJrLN6Ylw7thqaYi4ViIuJibT6lKuJpCTCWmy1-lJRwOR2XP-4ZG0z1p1DhKpp4akT0XkhBx4YRiQvUGAwCLuRRfFYxzmZAXOCBCV-zGpTUbA4tfbjP3UVIKTshYF2tqsafRUthZdbR7RkKs5p7Z8W0DAyO_XyStxi9a72tgX0uElV71DckiHkGPu7_yyBQnp2_ARw6RbjuaxpqPYeuNDA45ssJDsqMH0mn
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E6FD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:40 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame E6FD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:40 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E6FD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 17 Oct 2023 10:01:40 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E6FD 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 17 Oct 2023 10:01:40 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame E6FD 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=F6FOvvCRCK5SnmW-DGxnLt0v35SLdIdmsvAIJtuBsBQR_qdpE75M4eNeEZn7CAbN-98AoS1C6GwN22R3dSKlwPqrT6F6_ocb5nOmzLdRYXpECKRLC3vYeY1pfvTWvfnWWP467Re7bYIiov2y8xq3Xe9Gb4h2XL2ABjY82E0gK13Lsp0JzFH2_vkkhwKmy7GMsZpWgH1FuCskVL-S5kXJweuFle31eJU6BqSpCdHX24GUN8n3hnGbvJTqbFCsVDxs7RvDztbDHdRwHvz7AS8TWFkb2axOTJ-xcgqWrR5yCU7xiC2qNMYw1lO7ipKHV5Sy92W74cp0qaPEiorxnQqfxWib7CQA_Tc4BzAhDx1EHHM-WFvPNeR5gjx2ixcbKjstw_N8gaNTm46-BgH0IrnSUWrhc5xROaNRw5ubjVzIQyV93xLVTLmLBj57lnEUOtgpHHnbNQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1558660
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame A58B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4cd537a3-7670-435d-9e8d-1da11417b833&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=4cd537a3-7670-435d-9e8d-1da11417b833&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 22 Oct 2022 10:01:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=4cd537a3-7670-435d-9e8d-1da11417b833&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame A58B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A58B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED_vQQRThc7TTs2Im81DZ-M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED_vQQRThc7TTs2Im81DZ-M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 22 Oct 2022 10:01:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED_vQQRThc7TTs2Im81DZ-M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A58B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2ODUwOTM2MzYwNjg1MjUwODczNw%3D%3D
date
Sat, 22 Oct 2022 10:01:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame A58B
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1868509363606852508737&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1868509363606852508737&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=afc4f225-6487-4434-9f05-fc6875223ccf&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=afc4f225-6487-4434-9f05-fc6875223ccf&_noobservation=1&_expected_cookie=35c7b40...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=afc4f225-6487-4434-9f05-fc6875223ccf&_noobservation=1&_expected_cookie=35c7b40f20be630ef907ee02e87dd76f
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.98.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 22 Oct 2022 10:01:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75e164a54b47aac3-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=afc4f225-6487-4434-9f05-fc6875223ccf&_noobservation=1&_expected_cookie=35c7b40f20be630ef907ee02e87dd76f
date
Sat, 22 Oct 2022 10:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75e164a409d9aac3-SYD
content-length
0
sync
x.bidswitch.net/ Frame A58B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1868509363606852508737&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 10:01:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame A58B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1868509363606852508737?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iq8AaYpE2oS25u3O2oVKhhx0nTWdomXPEzq0Uw4TTA--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iq8AaYpE2oS25u3O2oVKhhx0nTWdomXPEzq0Uw4TTA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 22 Oct 2022 10:01:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 22 Oct 2022 10:01:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iq8AaYpE2oS25u3O2oVKhhx0nTWdomXPEzq0Uw4TTA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame A58B
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1868509363606852508737
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1868509363606852508737&dcc=t
0
0
c.gif
c.bing.com/ Frame A58B 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1868509363606852508737&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F31116E85E784D3A9761B84334EA8DA2 Ref B: SYD03EDGE1620 Ref C: 2022-10-22T10:01:40Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
23178
stags.bluekai.com/site/ Frame A58B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=a9XXYhZbN0umsRMqyAq-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
0
0
sd
us-u.openx.net/w/1.0/ Frame 5B02
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2798938831503202666&gdpr=0&gdpr_consent=&us_privacy=
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2798938831503202666&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2798938831503202666&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 5B02
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=0604f4d4-9e40-7d3a-e881-5e0a0c676129&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=4cd537a3-7670-435d-9e8d-1da11417b833&ttd_puid=0604f4d4-9e40-7d3a-e881-5e0a0c676129&gdpr=0&gdpr_consent=
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=4cd537a3-7670-435d-9e8d-1da11417b833&ttd_puid=0604f4d4-9e40-7d3a-e881-5e0a0c676129&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=4cd537a3-7670-435d-9e8d-1da11417b833&ttd_puid=0604f4d4-9e40-7d3a-e881-5e0a0c676129&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 5B02
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1O-hcCo5s4AAEhEibsAAAAA
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1O-hcCo5s4AAEhEibsAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
3
Date
Sat, 22 Oct 2022 10:01:41 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":3,"gdpr":false,"ipv4":"173.245.209.112","key":"Y1O-hcCo5s4AAEhEibsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad323"}
X-SO-Key
Y1O-hcCo5s4AAEhEibsAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad323
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1O-hcCo5s4AAEhEibsAAAAA
Cache-Control
private
X-SO-HostName
m-ad323.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-IP
173.245.209.112
sd
jp-u.openx.net/w/1.0/ Frame 5B02
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AU7VlLr7WpuTks8ADv_jB5NTO88AAAGD_yQhTA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AU7VlLr7WpuTks8ADv_jB5NTO88AAAGD_yQhTA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
via
1.1 9c281f6d3073335c1b2f806823d50e2a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AU7VlLr7WpuTks8ADv_jB5NTO88AAAGD_yQhTA
cache-control
no-cache
content-length
0
x-amz-cf-id
pUbhLrBmNI_JFkc7VH1hcWIFIqExrpI_MJN4FC2hK8lRhbdwcsIdkQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5B02 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmE2YjI3MWUtNTczNy0yMzllLWZkNjEtMDRiM2M2ODVhZjQ5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5B02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJD6s8f2mXIkGay_i8dXSU&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJD6s8f2mXIkGay_i8dXSU&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJJD6s8f2mXIkGay_i8dXSU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4A17 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
380f2e23e94f3756c0d3470d403fa391460884caeff151d6e638703d40ee4d91

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75e1649f6adba938-SYD
content-encoding
br
content-type
text/html
date
Sat, 22 Oct 2022 10:01:41 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 04D1 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:40 GMT
AN-X-Request-Uuid
eabc5383-40ee-420e-b960-ef36896749cb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 76BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=653893321135499&bg=!KCulK2_NAAaaxvStusY7ACkAdvg8WmQArRa-Iuc6yTe6cu-9EahbMct4aDMjXB5jGjDOIgTqJtH0ewIAAADLUgAAAANoAQeZArghm7TUWNWWeovgA0-bBrqOsMVV0xj4GgcN6Kyj7QGFPScWcPFATq3n_o4I8pMnwECmRCZsuWrQUh4PJsN8anbImFKOpOZdz93vSsR7YxN7z7eltR7zivzvU_gStaaCCvrfpvDdEQjCcHmhruJiDMkqR0w4r9WsWXROhPglEm7dSi1sbbv9xMDzPGqM5LhG1UPuF9DksgNfDjrEqxSkkWm_roiy6FmGsPxOSQg2C3HDlmd-9pndzXzJKkJM4Rio9HxLL7nApM9UusCj0hM5cQF7gjjOekR7wtdCo4MiMUDmeJ9N5M59lHDt2GkQaLiAv3pFORaVY6cVIxmA7jGr5-MjE7RMXPci1AyltcMbt9axz0bpodchXBOrmUgzgpaVvsMqWV1URYpb4JUlWTMctq4-RmCdbZE-qaBTOJQqdlgmAIdbBoXt7wW2WHgLJcugNTFDJ_-xrwIzplrg7nIK3tUgyXTUjYG6uXQzFstFURK9j3bMSfieMd5mZ4FKG8T-NwUL0MKId-9exxs0ZWBbHpBHP_Fxw4IAszULRn5A9HiJMM1TgH_-T0qTut6Pdx2vi0UnPbabnXoezJitYmZ1yMwgwtkFW8iDSh8L_GCdVMuHv_9icGAOioPJg4MClvwOLaBu3XFlY09fz1wO8FyUWqheg5kliQTPIvL04U1KlhMecQCfkzwU2MfRxvYzHh92AqXZ9OMMP9fKIZxFSxcfbhA5GZRtzCLLjp_YS3fUjyQXZ7CN22z8TiTT8hSP3JFs6NKvm_-27mxNckQjP-1iHak1WP4jRoxp9EvLGR7qYTQZLLRAG8wA-_UC52awBhezsDz3Od5FH2CVRClpuCF5RODiO7cj-3AvPfuDhpcPd0bMMuxgOsMAaGvoVOWiuuzZ8z5v32H970yz702VOqKxJ71mM6NE01iKxhc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3F64 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101801&jk=365017962843509&bg=!IiGlIWXNAAaaxvStusY7ACkAdvg8WncFJbsGvOGhhDy52mbX3OAJC8hjTGnIa7pjqKfwyxNuUcEASgIAAADHUgAAAARoAQcKAKA_JDwiGEFx74q_rTVBKB5IEC3eohLOZRmsrYQRERhjd9fT9giCSmlWAoxQtmhFdNKH-S2fbwE5VXRY2UYOEuLa9w4UL5McNZfMDice5zQktrhYf2UXfJAsZeU2wF7zW6TXcttEqWIF1qFsWe2vnfYmCumF50liivt0NTAL-es6pb1aCetxub6AoBI3FYB1VXzZMKvRurF6PLljkBeJiLY0mQK1zjccp1a1KGM8TO1ZjNRpAphW0mBYrZUf2MqwpT7oyijWmJLSVkPsFEnXTJwbPxEzGF66iXMAAmvFAtDoyygQBrVGrr7y_aA0ArZTBCy8ZoBAIo8qfd9QqUZgj30Eh4cnESqFzuMU6p8KHd2vU-4_MGwCn5xFMRpuVwfbSMSUCw0_kUZjIjbkYcMnFB2WEQJ0Oc0hrJRScnK61N4kjRp9WCZhHrEd3YmDPedTx_VlaLeQhUgV1XBXob_wEE2XsQUDohhvZG79o9UTo-CvUxG-5NQhA8ycSCIvzU6JocMSZxttNlyyWjQeJBKGx2ik1ceZ6OTmq8PEAc4jpEkO52vv5kszMSZaB2jfLt73Bt4DTt5CZ26qW8bMmUlp8UwR09tumeA67qbLQ5HErEB9MDMzELDGONRs-WZj9zaYfHRTpx3Bk1Tcw8Cs3dxAbg5I5O3fa4GL0uEyfz8Uv9ydx90a2RFF9WElOb76admRKGmnh-FIcU-S3vBj3wD6VClXLUbvG4AAtA3_Zapgjce5OuEpl4-GCf2jcX6WmngwAk1cz_td8e8UJEDz-WOQDhylVF8qWCdrQaFu2VfWQGXLICDRJvYeFgV-5_NIMZYnnz922m7yhA1khZdIn3BR0nmB1IM9zrAm5AbRHU01Dk6F8FiRCRBn6bXcV7uWtkFn00ThQgZ7Jo6k_tUNYsbMn7M87chy5UtBPkIqvxAGx1kvemPLd5jz0FKaTh_Co_jlYxpxrpojJ6mrFkzk73Sbv_GbWsaJgwMw8jY3vg4_uNoBnSDhZ_-iu3qbzJtFbZIs_ukGuRvJMGnrWzh-GwG2eIZxRCMOKdsIpFsiet_jRX4gYpD_qviK7qF2dQJJ-HETWBVf424biFloVcItUVLWWjwehPdHwncje9dSqiZSxr8LEIl6d8te0rIx
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E6FD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
239187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75e1649f8ec1a837-SYD
expires
Thu, 12 Oct 2023 10:01:41 GMT
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame E6FD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:40 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame E6FD 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:40 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame ED3E 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 18:31:23 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 2C62 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 18:31:23 GMT
animejs.js
static.criteo.net/animejs/ Frame E6FD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:41 GMT
2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
static.criteo.net/design/dt/39665/220428/ Frame E6FD 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/39665/220428/2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
69f12d85abfad64d722551b2a4d1abfb01e78a19a8c642a81010ba10850ed0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 14:51:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626aaa05-7332"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
29490
expires
Tue, 17 Oct 2023 10:01:41 GMT
img
pix.as.criteo.net/img/ Frame E6FD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=39665&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F39665%2F191118%2F27cc28017e0243f0b4a42882567130ea_logo_n_vertical.png&v=3&w=236&s=gyImudN-PISyWJF03NFUyGUp
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
ec02e823e01d1232cee2790c6af67c336c7d7381a961157538d42bc49bc35502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26591419
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5101
expires
Sat, 26 Aug 2023 04:32:01 GMT
img
pix.as.criteo.net/img/ Frame E6FD 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_553333_al&v=3&w=400&s=VjEObIMYvm-okPrFIaLPQz2W&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6166
expires
Sat, 22 Oct 2022 10:01:41 GMT
img
pix.as.criteo.net/img/ Frame E6FD 		0
0
img
pix.as.criteo.net/img/ Frame E6FD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_CW4298-602_C_0066_al&v=3&w=400&s=bS1OfQlCZK48cNsHB9OTafpS&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8200
expires
Sat, 22 Oct 2022 10:01:41 GMT
img
pix.as.criteo.net/img/ Frame E6FD 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_365069_al&v=3&w=400&s=CIUAnSFq-8yMlQfXrVmxAPAo&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6594
expires
Sat, 22 Oct 2022 10:01:41 GMT
img
pix.as.criteo.net/img/ Frame E6FD 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_210753_al&v=3&w=400&s=N-0eFnQujTzA_ph823BdqjD-&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10708
expires
Sat, 22 Oct 2022 10:01:41 GMT
all
csm.as.criteo.net/ Frame E6FD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=t1aEvaZIq2YPIVFHAFGS2xKLGNQFRiYR_EaQay46w9u86Xc0GJrf9dH79BT9B4qQgzxpVGZxJFlyXzFmPpEHP3q5eHCg0O-ig5WfQR1HBCXxvgatYjyHA_6l8XA1c1bG589fuQ4NWsPv8Rpvz1yb_3G3hzaDGhY6CANGa8HB5PYcw3ReruErXFrMS44iBWFFoggEBP5gnLSQdumPlL3tPn-7T3aHtTJYnm7dX7oBh0-ZyIt0_jd_JO3uZcsXnre6XMvK5By_UWikLcj4&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E6FD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:41 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E6FD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1O_ggAHYOYKjywDAAl3MfLSOlIFu-RfVZGNOw&u=%7CoXReJMhzN2mX5PwcjaYaiFSrm09naeIFr8LzesJyIsY%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---ArYQqkTQ5YvPLon3Kp1-d7aw1zlWdVBOSGFNGh7Ak1qrix145C_Ztgf6NRh2fbo_3mhcbEGjUS4dibEV23qOLp61TpbPtut1kwBqfGtiIWiM6t8BEoFYo63nZMVn4sd5iKKr7-QB3YLi46jOw7D00QP8le6pgXJ6SsA_mksM-ffue3w0rogVHpk9H7tTGdgJIxnz_46tSRBDCWwvYuEC2mD72cfvmIgPtmEEfKdvgNFfOABJcX9LfrudDICpjYD8s6rWt9UdXp2ZA0uslGKOnIrKsCXnZcGQ0ppMQQXPet30clx-EEYknSrg7TfdXIts12DbDoyC6ETdTtudgTpuhmWp6Mw8MWjf_xRdzfbYuGZUzLJ8iNkfvkDB1Nzs61G0jRqkg9w-1ePrBzoDPyOKfYhuKrqBaGHMbKApHLSVDc57vYYREKOBD8QVYBsWLrIoWH9EXp_7dkexsTVCjxvyaIgvMPUVeevCmhn0RbcmnHFUkNICGFjoZB4VQIXfAYC7gHVUdMvFrMtAMy06VMCjSOEvmQ1WnZPXl3nWHldvKNdOst3mMJ90Z0fbx2oUNTn4Dw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbRLwgr9TY-bBHYPYvASx7qWoA5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmfofvAlZ6U-4AIAqAMBqgTXAk_QIwB8NvWFHO-MVkrjkQLwU3KrsuOBQUwZzEbf-Zwf6kmTTeoquMZvYWJxhJzwz6BolH3S1jJqYhQmUg0fm9nWrNLDiVzXkzImH4A42e8rMHKRpH3bLFoqBsATkkLL-in2GkRBLJgpofMLnh5aAryn8zPy2EuuFNC-1X2Xh2IQQy1C4bDMVnN5eKGd75z0Dq8WNlCvB8gWqLKZ1jpyktcT3_fZyaoFFAH73xdsSDgNlKsueSorGIvBamnkjPQOjIUKXsrUCl0ui7zSWGg--VuPA6l0qNSfFid6_zCNoO2co2Kfd5_LWdgBCArml3Q1YaSEKWhpOwlHPPKiaE4O2_yYiUB38Ox3LqbkETlwwFOf_YonJYnWVle--nMcIv1CndvvPDftxt4M3CQm8EqYDM1twhjo6kC9eaJVcL7IGmIgL38FMhuzDd-01tmo9ZIe92EtPy8KE1bgBAGABu6ZzPGg8p7DlAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2v6x-YwEQY8AiPbNiPHYiMy9ecIg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 10:01:41 GMT
truncated
/ Frame ED3E 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23fd75b7439727bc3a808979dbb1450953dfc55c8ce81442672ec609e8aa60c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
null
s0.2mdn.net/sadbundle/10977312179645291841/ Frame ED3E 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10977312179645291841/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10977312179645291841/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sat, 22 Oct 2022 10:01:41 GMT
truncated
/ Frame ED3E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 4A17
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4cd537a3-7670-435d-9e8d-1da11417b833&expiration=1669024901&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4cd537a3-7670-435d-9e8d-1da11417b833&expiration=1669024901&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4cd537a3-7670-435d-9e8d-1da11417b833&expiration=1669024901&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 4A17
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB8HDTOc2nPoCLeZK3S9gdw&google_cver=1
43 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB8HDTOc2nPoCLeZK3S9gdw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75e164a39d47a8c4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB8HDTOc2nPoCLeZK3S9gdw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4A17
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB&dcc=t
0
0
Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4A17 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.4.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame 4A17
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=db7ed01d-e65c-c97e-e7b2c126
0
0
crum
dsum-sec.casalemedia.com/ Frame 4A17
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9E49B20D745842439922621207BBA731
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9E49B20D745842439922621207BBA731
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 10:01:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9E49B20D745842439922621207BBA731
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 21 Oct 2022 10:01:41 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame 4A17 		0
0
Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4A17
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.77.4.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB
date
Sat, 22 Oct 2022 10:01:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4A17 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1O-hLxHxCVJSWJG3oD2HwAA%264948
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
41573
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75e164a39e48aad1-SYD
content-length
43
expires
Sun, 23 Oct 2022 10:01:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DA6E 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstiDHZPcm6_6UwGIleEq6VlMENK2UxH_Z0bf43JMCDFagPqQ1nPOTZqbQHlMYnB1ps4ixlVqyRNxgOrw3bxA0s-0pNcZcy_IYFToMwV9kn-zL9s3-GQlkucKCkYAoZUBFH8YTqbIYKsX7pJQNZ4C3aztSdMKM4LzweESZ1Rr4LROGDBYPXviEV0uFHz_suYO1Vli-uiOhtXHrt_R3gHYyJ5Mod09OMPnsWQbQ64LoWmiGizFEF7Rd4Bohf_4qQ5tCcj07HexLA-IoxT93JcKc0WwNbvaleiEQsr-v8c12pexi4OefQeT4yGqzTakkmzy-vjj_GqzDd5_4eqAhhzLZBLc5hrvXCzYvhAk7g295INJFvjQpaiwJfNfF4Sb2MVU70PzpxZm6GXbG-XQ_GOz1QXcaXW2QeplZzyFB3ojXK2gK4hkopSBp3sW8X5c5rj8Trb4hevPpj2zdkuVb0wEbhbWvBKA98jJp_qcLRtqyQQWld4pbI6OR2l07GhjAMeSgxyr-gLixHw6LqzsqgaYayEcE3tnoYaomyqoLrCtmkXxNgBq6p19PsIfso2_15miBKNtp4TwvEDSEHF0lidl9a1pK63vlMigljRc6iNjztTtsDZa6W0iQ_PBNujPfayTqQAKWVLOQvEPbF0mN_8EkS5XeDcKNfc1EKVAm_zn2iMaFT_zXkUJ0VVGXmVIQWLOK-MYsL4fmobaiuBH-PtQuAxIHH9DTKoF_w1FjOPUxjHfoqh_jP5bqBDCOT0m49ZKYrnKvvJWvAzKUlSxa28UVPe3JLFKBWy-anPXMfdTPAGnnV7ncmuDFgf4EIroWfQO6gKKZ-H72S0-W9KIsGocI6VkcOEBd73dlvoxM_GdIVXRtp34rVA_hNMlYW5AQzU94O7ZsM5D5hsya1fuktSa-e3lWIE3s5LkdNmZLNB8KOE9iSCBLFxjAev3RObnnqJLtnIdaKUv5CPjHyjj8Xgrz7sUoETjQM9wrnZEsKu4HfbckQMUDsD6MKmK5gUlcREHg9E9aGSGjbPPw72YvKHmNuIAQY8JmYhR1BFWozJIRQoqg-fDQ0JRuWP5sO5MJMzp7NxdLp40e5BMfrfoEDGmrE0cw5sh4NVBL7ErsVzT9uvZgV_MlNzc157PcmmobnF5wDCxy38_DA7NZhHd1xEk7dyi1xPtjW2SZ11smRumM0I67X5tpaybI2pddeiByeFOoSNHCvjRRJ_wlCtXHPzblw43u4sCTucA8ktlnrLl8fBNwXUgMkmOH4APoy-twYqdzKV&sai=AMfl-YSWJ9WWffz_1TzjdgnYnDoUKv8ySecrA2A-DuXdCM_VPLGH1SFugfkMv6BYnN5gnIy69CsCQQzraiUqbTdGygQMqYhUjjSAjz8M6OXWG50yL5IjNaneYQUakhpRCo4I895Db0ZywFNoTPTml-ZpYJrZFTTnUYAqu6hr2M3mmwNimv2LEwZ2bbxAmtcenQkr-jj7lIalXGn3xxjnfcuFuciL8Y3jNNpmyrA6IsLz4wkpXOgxfI6Igu3twr0juQ3whrA09fVYQCbU5A&sig=Cg0ArKJSzNATgR1wIm-wEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1761&vt=11&dtpt=875&dett=3&cstd=883&cisv=r20221019.35048&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Myer_Promotion_Digi_Banners_Concepts_MREC_300x250_01_2.svg
s0.2mdn.net/sadbundle/4341851026603666896/ Frame 2C62 		135 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4341851026603666896/Myer_Promotion_Digi_Banners_Concepts_MREC_300x250_01_2.svg
Requested by
Host: 6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
URL: https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f149.1e100.net
Software
sffe /
Resource Hash
0d5edbf4fa2f41d5537480729dc50e6cfb4b9f5bfd07a15f0ec8e904bfedaefe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 03:53:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 Oct 2023 10:01:41 GMT
usync.js
eus.rubiconproject.com/ Frame D052 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 10:01:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56797
Connection
keep-alive
Content-Length
9455
Expires
Sun, 23 Oct 2022 01:48:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8A9F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuT5KljTH9gdmmlQIPW7brulqqbyYsCArZhmwHm-mdsoqTD9CNkhW4V0ikmKwj0sMScm4idAHmJ9I_p-IUAqU9gtO4TEpi6wRu3KJQ4fPV1-YnpUhFqFnfWWO-GEY01Q3ZG7N_IPkWk4VIP7ipz10DPJTZPOmNpIOifEscPbp-M-IvyFq4hSmo9WumORRgCm9SKlrWAZizTt29bhxuLg1y2BcXL2qR8z8SZvWDYge7sZlv7wnuV3u9aoLixC7RS1yWcNn33FM0w8AMCGthUN2Ch49JmqHp3lBiSMHjjZ4DHaMK436HXQ8ELCV5bcewy9l5udIjbmuWKpn8-NA_sqHdItB4QDJ37zmSJR3AjbmUbhK9FTlLGZolNIBQBuNJ2jTi0WplaOkTTRRXYFtO3hYblY8-du1kSa7vMTuolMBK76gTuVop8FHDFwZUFNXWawE9O9NXoJ792k5GZMhz62LAD6TOMDsFm9LOfWxR8eNi9rD8pGAIvRxK__De9WMdEvB-kzRXTM21ci5UGuikGW1i1Yl3bdQHaOR89xg0LRWsbJFzAxSShC7eHP9K6vyVfETMlTSoRJZgHVk-3Yxd15lC93esRD-WxDwi_CuRlKeLsUdRf1yzhCp0AIoHjHEEFcEzLdKdQln24yEMjPca1vbK7uxLPFO_iIcYISyG2HVllFqj1oKVqmXtGWZc-gtyNvOm91Z-2qjrnTeqdsrEe-ky7iRrQQji8MjrhH-3ydD7xnyNIJuFc0ObXHnqcdZJk3hq4h1LnWl50zucqFEks5OaBxiATKZTlIz38XuX-1abEvnbU3Sc4zSqx8MYaO8PExy0FnvIDyDpg2eB4Hu3jFEuCqPcYBcczz_q-4_tdqsqOP4Yh6T9IzvpI4YFOHvBbmlWaUPQ9Xu6j28oetFeohWfs22_c_WFtCynJRiz0TbYVtXzWJlL9KgdCxtp0qlFVmVKzVH_jCtBVuaKGBR4jz3TLoe0WHfgqm8QziNbH_d-Yb-rsfAd9p2SaU_opRpBkUTvBGGt9YV-tM6PxLZB4djXrh9S2txHUizQEL1EK9B_ojuPS_LxPn5bMYCSkEXLqe6zFV2RpeFdtdorINI2UJWXnabJ8yrSepHRaRcZPM9x_dsutvHAX-HdMwuprv84-6w7Jp8pSuGcsNcHZL-ubYiyCBZusDHC0mVaDjjDBgR5Qkde29YvjPCPxBNkNn-fDpIJCMWZ-ObQVwK75aNP3SDxVsbcRjlNMcm56k_aowIFxWzkfJA1Hmj1y4iR1qD0HW-nOUg&sai=AMfl-YSxYgykZ60zXNkG_1AYIX3sLLfp2x5GGPVoKgiya4tSkBxqBy_ARPRjV1D_3lmGcVzr-tQh5M51bSZvbYP3bTU7AiuBeqeMA5T06M1Aka_TOAU4iAwliofMaNr8AOK1gWyAT8BRb9pZyO48Yipy2wjYqaG9BzDfmNWi2M_U5Tv3FdY4YaPZh8DgQu94QEScyBbrKUsWr8zgEvciGDXCs7s9nyJfejvJW6QTGDoBKh4ZdlluXBJrv9WJsE4HqJ2LwV_vUh0FSkF1mQ&sig=Cg0ArKJSzI7lDX40q_t0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2050&vt=11&dtpt=1197&dett=3&cstd=849&cisv=r20221019.98308&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sync
gum.criteo.com/ Frame 5421 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 10:01:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
593107
expires
60
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame E0D1 		0
0
cm
p.rfihub.com/ Frame 6387 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1C3F 		0
0
cksync.php
contextual.media.net/ Frame 5421
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dapx%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3094345016830499000V10&type=apx&refUrl=&vid=64329016623094345016830499000V10&ovsid=911018867603646981
0
0
cksync.html
contextual.media.net/ Frame 5421
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3094345016830499...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3094345016830499000V10&type=opx&refUrl=&vid=64329016623094345016830499000V10&ovsid=ce289d4b-3540-47da-8bce-2064be88f3f5
0
0
img
sync.mathtag.com/sync/ Frame 5421 		0
0
4cd537a3-7670-435d-9e8d-1da11417b833
sync.1rx.io/usersync/tradedesk/ Frame 5421
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dr1%26refUrl%3D%26vid%3D64329016623094345016...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7140006552
  • https://sync.1rx.io/usersync/tradedesk/4cd537a3-7670-435d-9e8d-1da11417b833
0
0
cksync
cs.media.net/ Frame 5421
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA5NDM0NTAxNjgzMDQ5OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIpTz6uA5npQFXpSrGUFqj8&google_cver=1
0
0
ping_match.gif
pm.w55c.net/ Frame 5421 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 5421 		0
0
sync
odr.mookie1.com/t/v2/ Frame 5421
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f3c597a5-1eb4-4564-ad26-5253ae9a981e&ssp=medianet&gdpr=0&gdpr_consent=
0
0
23178
stags.bluekai.com/site/ Frame 5421
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dzem%26refUrl%3D%26vid%3D64329016623094345016830499...
  • https://stags.bluekai.com/site/23178?id=9eDnspFbB4s47UBLFfZe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0
sync
rtb.mfadsrvr.com/ Frame 5421 		0
0
um
cs.emxdgt.com/ Frame 5421 		0
0
cksync
cs.media.net/ Frame 5421
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=4cd537a3-7670-435d-9e8d-1da11417b833
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 21D9 		0
0
13926
g2.gumgum.com/usync/ Frame 20BD 		0
0
/
onetag-sys.com/usync/ Frame CEF3 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 8E5D 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame B232 		1 KB
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75e164a3fda5a8c4-SYD
content-encoding
br
content-type
text/html
date
Sat, 22 Oct 2022 10:01:41 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 2678 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 46F3 		0
0
setuid
x.yieldlift.com/ Frame F12F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9JR4BXF-P-5T95&gdpr=0&us_privacy=1YN-
0
0
sync
ads.servenobid.com/ Frame F12F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=911018867603646981
0
0
merge
ce.lijit.com/ Frame F12F 		0
0
pixel
ap.lijit.com/ Frame F12F 		0
0
getuid
x.yieldlift.com/ Frame F12F 		0
0
4cd537a3-7670-435d-9e8d-1da11417b833
sync.1rx.io/usersync/tradedesk/ Frame F12F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3582465395
  • https://sync.1rx.io/usersync/tradedesk/4cd537a3-7670-435d-9e8d-1da11417b833
0
0
cm
p.rfihub.com/ Frame F12F 		0
0
usa
sync.go.sonobi.com/ Frame F12F 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame F12F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
0
sync
ads.servenobid.com/ Frame F12F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A
0
0
redirectuser
ssp.disqus.com/ Frame F12F 		0
0
sync
ads.servenobid.com/ Frame F12F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D052 		0
0
token
token.rubiconproject.com/ Frame D052 		0
0
tap.php
pixel.rubiconproject.com/ Frame D052
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4cd537a3-7670-435d-9e8d-1da11417b833&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4cd537a3-7670-435d-9e8d-1da11417b833&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/bao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 10:01:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4cd537a3-7670-435d-9e8d-1da11417b833&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame D052
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMSqYk07D_C0gpWJWlRa0D4&google_cver=1
0
0
token
token.rubiconproject.com/ Frame D052 		0
0
dcm
s.amazon-adsystem.com/ Frame D052
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
0
0
token
token.rubiconproject.com/ Frame D052 		0
0
token
token.rubiconproject.com/ Frame D052 		0
0
async_usersync
ib.adnxs.com/ Frame 04D1 		0
0
all
csm.as.criteo.net/ Frame E6FD 		0
0
getuid
secure.adnxs.com/ Frame B232 		0
0
cs
ad.turn.com/r/ Frame B232 		0
0
ie
match.prod.bidr.io/cookie-sync/ Frame B232 		0
0
img
sync.mathtag.com/sync/ Frame B232 		0
0
getuid
ib.adnxs.com/ Frame B232 		0
0
/
b1sync.zemanta.com/usersync/index/ Frame B232 		0
0
Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B232 		0
0
pm_match
um.simpli.fi/ Frame B232 		0
0
sync
ads.servenobid.com/ Frame B232 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r.turn.com
URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFVV_UXKqEKZVrem0qnuPts&google_cver=1
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0fb8a272-a51e-4154-ac84-e05540e1007d&ssp=adaptmx&gdpr=0&gdpr_consent=
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3783%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D716d80d9-3635-4295-a376-5230bc58a8c9%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD03MTZkODBkOS0zNjM1LTQyOTUtYTM3Ni01MjMwYmM1OGE4Yzk%253D%26uid%3D%24UID
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1868509363606852508737&dcc=t
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=a9XXYhZbN0umsRMqyAq-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5ME4VQWCZNBNGETRQOVWXGUSNOF4UC4JN&gdpr=0
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_365736_al&v=3&w=400&s=1c_hgxfXi2oaTIbT_PrX9lgp&b=400
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB&dcc=t
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=db7ed01d-e65c-c97e-e7b2c126
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Drkt%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D%7Buserid%7D
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dpba%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3DPM_UID
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&vsid=3094345016830499000V10&type=apx&refUrl=&vid=64329016623094345016830499000V10&ovsid=911018867603646981
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.html?cs=8&vsid=3094345016830499000V10&type=opx&refUrl=&vid=64329016623094345016830499000V10&ovsid=ce289d4b-3540-47da-8bce-2064be88f3f5
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Dmma%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D%5BMM_UUID%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/tradedesk/4cd537a3-7670-435d-9e8d-1da11417b833
Domain
cs.media.net
URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIpTz6uA5npQFXpSrGUFqj8&google_cver=1
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Ddxu%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D_wfivefivec_
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f3c597a5-1eb4-4564-ad26-5253ae9a981e&ssp=medianet&gdpr=0&gdpr_consent=
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=9eDnspFbB4s47UBLFfZe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJZMVCG443QIZREENDTGQ3VKQSMIZTFUZJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DIMZSHEYDCNRWGIZTAOJUGM2DKMBRGY4DGMBUHE4TAMBQKYYTAJTWONUWIPJTGA4TIMZUGUYDCNRYGMYDIOJZGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3094345016830499000V10
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3094345016830499000V10%26type%3Demx%26refUrl%3D%26vid%3D64329016623094345016830499000V10%26ovsid%3D%24UID
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=4cd537a3-7670-435d-9e8d-1da11417b833
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9JR4BXF-P-5T95&gdpr=0&us_privacy=1YN-
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=312&uid=911018867603646981
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/tradedesk/4cd537a3-7670-435d-9e8d-1da11417b833
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F2230%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D716d80d9-3635-4295-a376-5230bc58a8c9%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=337&uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=339&uid=y-wjrTSIRE2uENd9Oa8POnVocLC_g59T67DfCBJ8A-~A
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMSqYk07D_C0gpWJWlRa0D4&google_cver=1
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=36584
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Domain
csm.as.criteo.net
URL
https://csm.as.criteo.net/all?cppv=3&cpp=t1aEvaZIq2YPIVFHAFGS2xKLGNQFRiYR_EaQay46w9u86Xc0GJrf9dH79BT9B4qQgzxpVGZxJFlyXzFmPpEHP3q5eHCg0O-ig5WfQR1HBCXxvgatYjyHA_6l8XA1c1bG589fuQ4NWsPv8Rpvz1yb_3G3hzaDGhY6CANGa8HB5PYcw3ReruErXFrMS44iBWFFoggEBP5gnLSQdumPlL3tPn-7T3aHtTJYnm7dX7oBh0-ZyIt0_jd_JO3uZcsXnre6XMvK5By_UWikLcj4&sds=2&rev=83303&sendBeacon=true
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB?gdpr_consent=&us_privacy=&gdpr=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=333&uid=Y1O_hLxHxCVJSWJG3oD2HwAAE1QAAAIB

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| listeningFors number| 3pla object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

68 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQp7uQ-b8wCgoIgQIQp7uQ-b8wCgoI4gEQp7uQ-b8wCgoI5gEQp7uQ-b8wCgoIhwIQp7uQ-b8wCgkICRCnu5D5vzAKCQg6EKe7kPm_MAoJCAsQp7uQ-b8wCgoIjAIQp7uQ-b8wCgkIXxCnu5D5vzA=
.aralego.com/ Name: sspid
Value: 217f3b73-3dae-30f3-bbac-9f5bab0f0a91
www.bg3.co/ Name: __AP_SESSION__
Value: 10bdcde9-6d33-448b-8f70-7590ceda0b9c
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: 82a58580-51f0-11ed-a032-000d3ac98693
.adpushup.com/ Name: ap_usid
Value: 82a58581-51f0-11ed-a032-000d3ac98693
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: d5a8cb8d-37c7-42cd-b257-96e2684052d4
.openx.net/ Name: i
Value: d5a8cb8d-37c7-42cd-b257-96e2684052d4|1666432895
.bg3.co/ Name: __gpi
Value: UID=00000b68d6ce669f:T=1666432895:RT=1666432895:S=ALNI_MZXurGWg4IvxLXNAPofcZhXEpHlZw
.omnitagjs.com/ Name: ayl_visitor
Value: 50ae77b5a48d7f3e31218f1d49b2478c
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw__7OmgY4AUABSAEQ__7OmgYYAA..
.adnxs.com/ Name: uuid2
Value: 911018867603646981
.doubleclick.net/ Name: IDE
Value: AHWqTUkTUAwrT8kPUMCfaBKLI8IO-xDL6wKIrtjpcXdqy7Ei8MWMFyZ5T-xAhDuevL8
.quantserve.com/ Name: mc
Value: 6353bf80-0e8ce-c19c8-4ce32
.bg3.co/ Name: __qca
Value: P0-1629134091-1666432895949
.prebid.a-mo.net/ Name: __amc
Value: 1_1666432895_1666432895
.a-mo.net/ Name: amuid2
Value: 716d80d9-3635-4295-a376-5230bc58a8c9
.prebid.a-mo.net/ Name: sd_amuid2
Value: 716d80d9-3635-4295-a376-5230bc58a8c9
.rubiconproject.com/ Name: khaos
Value: L9JR4BXF-P-5T95
.teads.tv/ Name: tt_viewer
Value: 1d5a019f-44a0-44a7-9250-4fb7090d2c8a
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1666432897.1.0.1666432897.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.3280498.1666432897
.bg3.co/ Name: __gads
Value: ID=8537ff1599dd2583:T=1666432895:S=ALNI_MZ7UVrO4LwGYr0GA5GfvozROssCdg
.3lift.com/ Name: tluid
Value: 1868509363606852508737
.yieldmo.com/ Name: yieldmo_id
Value: g92cae9e72e530ec884e%7C1666432900010%7C0%7C
.c.appier.net/ Name: _auid
Value: Lv_8HSgiDuuf2GI4hL9TYw
.c.appier.net/ Name: _gu
Value: CAESEFkfGBrDf9wEWskUhtn9qaI
.adsrvr.org/ Name: TDID
Value: 4cd537a3-7670-435d-9e8d-1da11417b833
.casalemedia.com/ Name: CMPS
Value: 4948
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HbyHxl]M!@wnfH8K6pQK`!5=E<*L5?%M/7#<0(e8frAie7AQkARJuY.7cJ?p[:TaURdb%nugO%v4VB%nmtW*(Ds4
.uncn.jp/ Name: t
Value: v_551a5189-47bc-4cbd-becf-f94b1d51b666
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%224cd537a3-7670-435d-9e8d-1da11417b833%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-22T10%3A01%3A40%22%7D
.casalemedia.com/ Name: CMID
Value: Y1O-hLxHxCVJSWJG3oD2HwAA
.casalemedia.com/ Name: CMPRO
Value: 4948
.openx.net/ Name: pd
Value: v2|1666432900|jElYiuvOiahI
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~27uy:196y~27uy"
.yahoo.com/ Name: A3
Value: d=AQABBIS_U2MCEMQUXOPNa_i3MO5PXCtNANQFEgEBAQERVWNdYwAAAAAA_eMAAA&S=AQAAAhEweAl4uEdTMB9Ssf3lUWc
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9a612cc5-bf98-4c3c-bbe3-7b68fefceb51-004%22%7D
.send.microad.jp/ Name: TR
Value: 5b4ce17e5663f0821dfaf41b56c0dd2cc20a0ff7700508dc
.yahoo.co.jp/ Name: XA
Value: cj14u95hl7fs4&sd=B&t=1666432900&u=1666432900&v=1
.yahoo.co.jp/ Name: XB
Value: cj14u95hl7fs4&b=3&s=vi
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsInPvqqc6HmjsQBRgFIAIoAjILCP7o2tXkh5o7EAU4AQ..
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A4753226572732632030
.ad-m.asia/ Name: uid
Value: Kv4shrydgz
.openx.net/ Name: univ_id
Value: 537072971|4cd537a3-7670-435d-9e8d-1da11417b833|1666432900849052
.dotomi.com/ Name: DotomiTest
Value: 3cbef8449def1b32
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.uuidksinc.net/ Name: jcsuuid
Value: PnRfS6m9c3YfEYworE3X
.zemanta.com/ Name: zuid
Value: 9eDnspFbB4s47UBLFfZe
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-518a8115-8beb-4761-43ae-939aea8c6b82.lsrRn9MrbyoYPk0CkjyWfrT65JAXYk7SU5AlJ1DV3RI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUYqBFYvrR2FDrpOa6oxrgq310XA.artTEGzLt6z%2FdIVluDjmkVlXeRjZiY%2FQ2gk7gK1LGuI
.bing.com/ Name: MUID
Value: 276264AB942F63F305F876EE951D620B
.c.bing.com/ Name: MR
Value: 0
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: f3c597a5-1eb4-4564-ad26-5253ae9a981e
.bidswitch.net/ Name: c
Value: 1666432900
.bidswitch.net/ Name: tuuid_lu
Value: 1666432900
.linkedin.com/ Name: li_sugr
Value: afc4f225-6487-4434-9f05-fc6875223ccf
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e3ac1639-e4fb-4d02-85ea-8b887e17ea3e"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2752:u=1:x=1:i=1666432901:t=1666519301:v=2:sig=AQE0u0nJQKt0q6UDHL37-uxugQ6cWTQV"
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ5FAzufaqac7UyebV3a1stjzpRGqtmwIDINqGoJcJllCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Em9dRdKCTFZDCax3pyYFnS0=
.casalemedia.com/ Name: CMTS
Value: 5339
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9a612cc5-bf98-4c3c-bbe3-7b68fefceb51-004%22%7D

4 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666432895&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbao-quan-bei-xian-tai-du-chai-guo-lai-ren-jie-an-hei-zhen-xiang-qiang-xian-xiang-xiang-ni-men-zuo-liao-shi-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666432894511&bpp=13&bdt=1365&idt=477&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=4293929091020&frm=23&ife=1&pv=2&ga_vid=304541093.1666432895&ga_sid=1666432895&ga_hid=1982216866&ga_fc=0&ga_cid=amp-HQ9VDu9WiKvLz5Fem-SzTw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1030435192&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C42531705%2C44773614%2C31069973%2C31070415%2C44775017%2C44773745%2C31069795&oid=2&pvsid=2708831728714388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qf2tv72a8el7&fsb=1&dtd=496
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvYmFvLXF1YW4tYmVpLXhpYW4tdGFpLWR1LWNoYWktZ3VvLWxhaS1yZW4tamllLWFuLWhlaS16aGVuLXhpYW5nLXFpYW5nLXhpYW4teGlhbmcteGlhbmctbmktbWVuLXp1by1saWFvLXNoaS15YW8uaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEA19ODrMXrQF-PM70SBVWdo&google_cver=1&google_push=AZmPxg-uxoHHwIrt2HtSOAJdsXCTujQFEORV8_zXIQB7--giRvOiqQsExaSi5zPqxCM9c8jcMXU0S5WrfHtBgAMRHU1J5el9CMZ_wfw
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://s0.2mdn.net/sadbundle/10977312179645291841/null
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25cd982469f6774599cd7413a19565df.safeframe.googlesyndication.com
6b03f3741d307daf56404e535b50cf4c.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
aid.send.microad.jp
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bidder.criteo.com
c.bing.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
d-1932882742609460837.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
f809bdd58a113f424b582e7188b13a87.safeframe.googlesyndication.com
fastlane.rubiconproject.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
image8.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
r.turn.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
y.one.impact-ad.jp
aax-eu.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
ce.lijit.com
contextual.media.net
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
dis.criteo.com
dsum.casalemedia.com
g2.gumgum.com
gu.dyntrk.com
ib.adnxs.com
image8.pubmatic.com
match.prod.bidr.io
odr.mookie1.com
p.rfihub.com
pix.as.criteo.net
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync.smartadserver.com
ssp.disqus.com
stags.bluekai.com
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
token.rubiconproject.com
um.simpli.fi
x.yieldlift.com
103.229.10.192
103.3.63.48
104.16.87.20
104.17.24.14
104.18.12.76
104.18.19.126
104.18.98.194
104.211.156.162
104.254.148.252
104.26.2.91
104.26.4.103
104.83.196.24
104.83.197.63
13.107.42.14
13.115.197.13
13.227.254.11
13.227.254.129
13.76.45.37
139.5.84.243
139.99.49.250
142.250.4.155
142.250.4.97
142.251.10.155
142.251.10.157
145.40.89.200
151.101.65.108
172.217.194.155
174.137.133.49
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.148
182.161.74.19
183.79.219.124
185.84.60.30
202.131.200.84
202.233.84.1
202.241.208.100
204.79.197.200
216.239.34.178
23.108.102.145
23.15.148.136
23.36.49.63
3.33.220.150
3.82.239.128
31.220.27.155
34.107.148.139
34.223.235.65
34.246.170.209
35.213.109.249
35.213.117.18
35.213.12.39
35.230.38.116
35.244.159.8
35.71.178.8
42.99.140.144
42.99.140.161
50.116.239.135
52.74.120.52
52.74.162.2
52.77.4.205
52.77.5.11
52.84.45.81
54.150.80.212
64.120.88.131
64.74.236.63
69.16.175.42
69.173.158.64
69.173.158.65
74.118.186.44
74.125.130.105
74.125.200.94
74.125.24.132
74.125.24.156
74.125.24.157
74.125.68.149
74.125.68.155
84.17.37.44
89.207.22.137
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
046287e7b5b6a4fc2f116869b74bb293f3495214a6f936c45f5194365db5e5b5
052c6fd971ce6c2f8d80552e29e6271129f9c5629ae533ac5c9d9f90edf72a0e
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096751a01f1daf47642f3647c42f2fa4a11019f68292b71955c73b4abe17c68e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d00a656516e1d3d59691e8ce46d64c7cc3693b2d054cf6f3b2493665f91845d
0d5edbf4fa2f41d5537480729dc50e6cfb4b9f5bfd07a15f0ec8e904bfedaefe
0f4f48a5b149c01e2172d043d67794faf038a806d8313a8cb5d42973061af4b2
11d50a4e20c37652a71ffc2afde71810d57f5c50ce2800901eb422b97b15bb89
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128ea47e3b5b2e56080c8937090ef94bcefa47255866606ba25f585cc99e4fdf
14a2c91fb720c33b46379b2318e70c953933042617d4360726ddd83386b599d1
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1904751ccfd62fb4368f0c10c93aa705878d726a2ecfe982877e838437735b0e
1a12e03c6e7368771df0045c0d29660585881ec9e385b5cc885351c2a0bc3905
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
1df5d09af236379feb80cf45c61c75873437ed13e297a5dffc943e74f8128802
23fd75b7439727bc3a808979dbb1450953dfc55c8ce81442672ec609e8aa60c6
267d2d5ef8af07710d9eed6561ee84838d04441bb6769ea7b9b275b9eb3273df
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
27e96cc63d6f2de1e68571f3ede3bcd1635fcbc2f8742f09e9c5b0aa32620399
280f65f41d5c1f1c884ca450563c5830c78c3157ca8ae30083d52f653f672997
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4
29bea596866098e6264b67f5bb435c06b3d4b5c32365e406b3e70a7a650aa093
2a42afe3f95e065e32f837ef95125257c1e16f6464cb981b1b5e6faae2a5fae5
2e8a854dbb9d8baf325f950347fa3b876ed124fd58546abdd1ce0c9e69b63d46
30c13878ec598cd5f3f00e151916a8836bf60cc3fc1dc5eb1a3df200e720b582
30ca27f6a96516b0065d6b5d0dc419284613d13606fc85926cbf4b93bd1f5df7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3337882a799735725966ea2dae40c627be227a4107e9e6d8c80277409045286f
342d9207010dbb5769fc2988004bf46d4f579e8284fa3931374049e0dd55075f
353d7a9363fcc00c2010ef929bf45c5fd6cc6f210f4bea961beac84766768021
357c86527b0f8f09e3ec545d9ff6d0ec3fc862d6264806b051c3e001893fdb19
360af8367592521fcd7ec8624cdef05e84e34d1c542c4a374828dfbe450da284
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
380f2e23e94f3756c0d3470d403fa391460884caeff151d6e638703d40ee4d91
3b17e5d516f9bd51ed05461dcca0a156e97a77768ff453f678a493de698783ec
3b35f9a6208582658f1fd4b575bd43a43ebeccf585e5050f64063196a786cf78
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e32821d9fb7d097ae2947687180f9d72e8d6587ca146961aff1e5c91cfe7957
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aec1ecd408212e55a232ff0508473b05fc80930d8430dccc42e04be4aca979
4a0db9fa48c4a85001fa4e639e2b1405f945eaf77c0dc366300d37d3d7f3c02d
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
4b11a33fa63b8930d952a88a97d4b848f825456838441303fd7813e07185a781
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c46f7fadb683c44c08212442b5b1af83da52fd88bda523456fc4e6d72dc70a8
4cd681fe7c0cefa8801429ab998ae195090d0abe220a567a090e093c6a8b3df5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fddbf15fc35d1ac1e21320cc5dd30341a6e2a75d1c11dfdeebd163084f9cac8
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508294ccaf3791d246e421d9672e8a60f012b15e74ba53f7ddcc754bdf29d92b
5376d7a44acbf5d0bd17a3553f6604496f85e651d1f6beb7e469172bf4ad35e5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56df0a279f759f13bf5024aaf4547c82d47fad55498ba1473aece0f2c9587531
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ad3326d564dba608933ec3ab0a5185044a9f0bf4c3be8ae162b09c1ecda7a8b
5c646bb45dabe62963e2fde2925d8ab803270d3d2612dfe2dad369e9ed082b14
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60f7b1c22bfd3acb78e69e571962eed7e1e50a3d0beb7c9c2ee9441682cd2108
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62563a704a976e44c61d08682b0582cd3238c628a76939ce8150e124410d6062
62962853b3542f487244d2de0be348f16094330c37be146b3834df3557a0e25f
65a0bcddb77bc961b7b695e26a62a9fff8c33d2d2af144f56c60076dfefc2e8a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
681df207d4374b8e9e640352612fc262c7218311b0f97f777884f5b708108f35
689d691bc0a94e08a5731d2e34dd06ea9b907d40c1ccca65e8f9a4feb4fa9742
69f12d85abfad64d722551b2a4d1abfb01e78a19a8c642a81010ba10850ed0e2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa4fea57808440a7965b583aeef3388af760a79e488c94485f3a13a4cffdf76
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73084a5191b8cd7a2b5b32aaa0972ffb72b2810af279f83838d5cadcbf0b444f
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
76e1b353ad8b888eb77cf1b62b4fb4ee02ff5126f7ffc39c8c01582f93dc6e57
7919cb538c77c65dfee673cd49da9af64b870322fb2021d2d4251b4160962682
7a050644ef76a1df465f3bc31740c774021dbb68eb94d738cb21768b0b54ae83
804fc65037c616b4df477ddafa1bc7ae44428d71d41c41ba858b19ceeb07e0c1
8132b94cb6029f8da550fef5405705b28fd6c4e7d2c3eae77c9c76b10d102378
81d39db3161b2ccd67bd2671c9098a55fc0b3196b9250d7c4fe8bb91e7a9a187
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8773c1b13cce7cb3a4f2a918f796c5ed7efe77572cacd73911f47d29457ec3a8
87da6367710a464cd40e9eccba2dc010ba6f8b35a1ab03f8849eae124a1d8bf9
895ee8bd56930be4c918b55bbcd58a7fa7683d67979c71fcb1d12ea748581625
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c70e44f58722f7cbc1ec7401085b17a2b19d847d2a3f189cd476e87274396d9
8d44f790ecc325c5c72b9b4722977abf93717b5e00b0ccad0e6f4b4186fa58cf
8e48d1da06dd2b75cca913e298fb8903580cfb49e98fd99b30126ec2dca8afae
8e638f18fb5aac741438e996c49c772dd2ac5d027d76f895bbb8bae75bbeefa4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
919c2ed6a47d1ce2404240f4f94e52ee394dd1c95ad1384809a4449b3016b6fb
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
99a897b1b6bf0d20afe286cd5e66a7281c3c8eeb69c9aa0dfd42175fc8290aee
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf2bfa32849994e40eb345fe31a4431129f31ff10618283ba2923008e8d5095
9d3070435515a2f064a25a9c0258c69413dfc339b4de8f98297e51109ebd69f6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aed5d6070276dcbf847b073b7d275ae9fce1b5759926b8486938019f13223a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a522b146a93eb0ce705d7f790a0b2751c06c3f4f03ae3f74702a6d7befea8ae3
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
ab4f92ad47a1b313c1c5a71e6447172e7bf192a542676c9dc9ccba0702a458f1
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b59336021f518adc64584507f3c953926d06251d573bcde6e51482c051d0071e
b7f8a33337b7fce3e7b3dd76d839d1e9bf3b83dc7c5c6fabdc44e2795459c2e0
b9441e02a38f1ea83d5e5a54fd792f5b757600322cc22634b99d9aa650176024
ba78a8b66c87134e3881deaeca731ddad5d7940d1132864e97b598da754926b4
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf996172fe017c0555d7514326c30271949540935334f199e37a1b223b6898c
bcaac4f169edf0ae35f3730bb5dc0ae5b227f352b190e0b3b15933998593fdd9
bce9e081d218c2af98e81169cc19d412a8c7274f00c6c42ae1230bdb14f59394
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe
c0216a4ae9eb4d295edfee2917969c200cefbb28bedbbf8ead8f4a4609b82403
c348814574844dc34888a238188191abbd53a02901a7ff1be1550d02dc706b1f
c5d427d01fba95c893d3aa40ef80d0535cb00af662bf8a6bc8a257849ba77c07
ca5b32d294b4ff8d1b20ec812d8534d3f07624ea4623ab95b236387c44426a75
cd653cd194d2c099b0dd3606439291742ac1e2ef84b8a2537422274c8a5587f0
cdd422a206559353c92762719433cd9a46317af452197dcaf96191c982c4b233
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2ed3fd545568285345130ea7f5bb020dc63073584458309435e74476ffa462a
d54633573668b4703db3bdccede99c1076819aa2bb287773cf8ef5d2bebae418
d69de8ab9ce1f98039bce9f4b2f86d62555bcb84564e5f5d77f330e1b05280df
d723ddc89dc7b299c50e4af810131ae511e709fda9650ce69ce047e592d143a4
dbd4823276e5ec482f818631f1af3b15fa4c6d600a3617097eb7bae9538669f6
dcc0517fe6d4d0bdb1cdbbb2901ec6c3843a123cce2d2afc2bdc620cfd7a14e3
dd077349a06d9c21c75ffc7b287de576f506a262b218d8a9926dc10145ccf4df
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1701c85587c195a4310fdca042939347b12384ad4c8e67e8378954d92ed3b3e
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb98e4308e9b95b01747587d46c6c9f5cffe4d2d38fda4338b084376c11e1549
ec02e823e01d1232cee2790c6af67c336c7d7381a961157538d42bc49bc35502
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f75ab72d3c3cfd942cadcc6075bc34830f90a39caf644969cdb1eaad79a6231e
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8e5ab4eecd6341b9c4f4e3794387a6e24e75ea4a05063b1f646afd9dbad1636
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
fb74828f49856baede3283fd399f5b9d4b7c56914cfe96cedeedce0f733fa875
fe76ac8037f1e137f6af98225dc93f4c6c5683e741fe70a848d9d6335440b1dd
fee867c100f938352ded8e611ae9f716afa3a67252d39ea5f920c8d0b833fa8f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50f9c43744ebf7b6b411afab16ba6f806450f795976c4d6e40c6083427a818