urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Submission: On November 01 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 11 countries across 100 domains to perform 529 HTTP transactions. The main IP is 84.17.37.44, located in Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 55959.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
21 172.217.194.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
18 104.26.3.91 13335 (CLOUDFLAR...)
36 142.250.4.157 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
2 142.250.4.156 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
2 142.251.10.97 15169 (GOOGLE)
3 74.125.24.100 15169 (GOOGLE)
3 74.125.24.154 15169 (GOOGLE)
7 142.251.12.157 15169 (GOOGLE)
3 142.251.12.132 15169 (GOOGLE)
2 74.125.200.157 15169 (GOOGLE)
2 9 142.251.12.155 15169 (GOOGLE)
16 65.9.42.99 16509 (AMAZON-02)
1 74.125.24.94 15169 (GOOGLE)
24 74.125.68.132 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
1 8 142.251.12.104 15169 (GOOGLE)
2 74.125.24.157 15169 (GOOGLE)
2 182.161.74.19 55569 (CRITEO-AS...)
2 182.161.73.148 55569 (CRITEO-AS...)
2 2 35.227.252.103 15169 (GOOGLE)
13 34 74.125.68.155 15169 (GOOGLE)
2 3 103.231.98.196 62713 (AS-PUBMATIC)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 2 23.36.252.26 16625 (AKAMAI-AS)
1 7 23.106.127.38 59253 (LEASEWEB-...)
8 9 52.74.13.196 16509 (AMAZON-02)
1 1 35.208.249.213 15169 (GOOGLE)
21 182.161.73.129 55569 (CRITEO-AS...)
2 182.161.73.132 55569 (CRITEO-AS...)
2 104.17.25.14 13335 (CLOUDFLAR...)
14 182.161.73.135 55569 (CRITEO-AS...)
4 182.161.73.142 55569 (CRITEO-AS...)
4 74.125.24.95 15169 (GOOGLE)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 23.195.153.54 16625 (AKAMAI-AS)
1 35.213.117.18 15169 (GOOGLE)
4 34 51.79.234.101 16276 (OVH)
10 34.98.64.218 396982 (GOOGLE-CL...)
7 10 104.254.151.36 29990 (ASN-APPNEX)
1 54.189.51.32 16509 (AMAZON-02)
3 6 145.40.89.200 54825 (PACKET)
3 52.194.75.205 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
2 104.18.18.126 13335 (CLOUDFLAR...)
5 182.161.73.145 55569 (CRITEO-AS...)
1 52.77.150.163 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
12 54.228.225.243 16509 (AMAZON-02)
2 4 103.229.10.247 16509 (AMAZON-02)
4 74.125.200.94 15169 (GOOGLE)
1 13.33.33.127 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
8 203.75.214.136 3462 (HINET Dat...)
1 2 35.201.76.93 15169 (GOOGLE)
1 18.155.68.27 16509 (AMAZON-02)
4 18.179.87.8 16509 (AMAZON-02)
3 20.212.157.225 8075 (MICROSOFT...)
1 34.117.219.39 396982 (GOOGLE-CL...)
1 103.132.192.30 138552 (RTBHOUSE-...)
2 210.59.219.181 3462 (HINET Dat...)
5 10 34.96.119.68 396982 (GOOGLE-CL...)
6 6 172.104.45.159 63949 (LINODE-AP...)
4 5 50.116.239.135 6336 (TURN-US-ASN)
8 8 103.229.205.243 30419 (MEDIAMATH...)
2 3 34.126.167.117 396982 (GOOGLE-CL...)
14 15 3.33.220.150 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 4 185.84.60.20 198622 (ADFORM)
3 3 52.205.223.187 14618 (AMAZON-AES)
21 157.240.235.1 32934 (FACEBOOK)
3 182.161.73.136 55569 (CRITEO-AS...)
1 151.101.193.108 54113 (FASTLY)
3 10 52.223.2.229 16509 (AMAZON-02)
8 23.15.148.136 16625 (AKAMAI-AS)
9 23.195.152.23 16625 (AKAMAI-AS)
1 108.139.243.106 16509 (AMAZON-02)
1 104.18.13.76 13335 (CLOUDFLAR...)
9 14 69.173.158.64 26667 (RUBICONPR...)
2 2 124.146.215.47 2514 (INFOSPHER...)
2 2 13.227.254.129 16509 (AMAZON-02)
2 5 104.18.19.126 13335 (CLOUDFLAR...)
1 2 69.173.144.165 ()
1 2 23.106.127.52 59253 (LEASEWEB-...)
3 5 35.190.60.146 15169 (GOOGLE)
5 11 52.46.130.91 16509 (AMAZON-02)
15 19 67.199.150.82 62713 (AS-PUBMATIC)
4 6 35.213.12.39 15169 (GOOGLE)
3 3 184.31.5.52 16625 (AKAMAI-AS)
2 2 198.8.71.131 54312 (ROCKETFUEL)
5 23.72.44.196 16625 (AKAMAI-AS)
2 2 35.244.159.8 15169 (GOOGLE)
11 11 74.118.186.44 26120 (RHYTHMONE)
3 3 52.220.190.140 16509 (AMAZON-02)
2 182.161.73.146 55569 (CRITEO-AS...)
2 2 3.126.213.118 16509 (AMAZON-02)
2 18.233.195.161 14618 (AMAZON-AES)
1 157.240.235.35 32934 (FACEBOOK)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
2 2 35.213.93.179 15169 (GOOGLE)
3 6 52.77.4.205 16509 (AMAZON-02)
1 204.79.197.200 8068 (MICROSOFT...)
2 3 52.94.223.167 ()
1 10 139.5.84.243 27381 (CASALE-MEDIA)
5 5 151.101.2.49 54113 (FASTLY)
1 2 52.76.121.184 16509 (AMAZON-02)
1 104.18.12.76 13335 (CLOUDFLAR...)
2 52.193.50.121 16509 (AMAZON-02)
1 2 138.197.50.103 14061 (DIGITALOC...)
3 3 209.191.163.209 32475 (SINGLEHOP...)
2 2 209.191.163.208 32475 (SINGLEHOP...)
2 2 3.94.215.33 14618 (AMAZON-AES)
2 2 3.1.115.86 ()
2 35.214.236.176 ()
4 4 13.115.196.111 ()
3 3 104.254.150.241 29990 (ASN-APPNEX)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
16 18 67.199.150.86 62713 (AS-PUBMATIC)
1 1 18.138.18.111 16509 (AMAZON-02)
1 202.131.200.84 ()
1 1 35.186.193.173 15169 (GOOGLE)
1 18.179.176.172 ()
2 2 13.250.207.233 16509 (AMAZON-02)
2 169.197.150.7 ()
1 195.5.165.20 ()
1 2 104.18.25.173 13335 (CLOUDFLAR...)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 ()
2 103.231.98.195 ()
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 2 89.207.22.105 ()
3 157.240.8.23 ()
12 54.238.120.71 ()
1 1 74.214.196.131 ()
1 150.136.26.45 ()
2 2 13.251.186.113 ()
529 112
1    84.17.37.44 (Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
21    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
cdn.ampproject.org
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
18    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
36    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
securepubads.g.doubleclick.net
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
3    74.125.24.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f100.1e100.net
www.google-analytics.com
3    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
adservice.google.com.au
7    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
adservice.google.com
3    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
6730529b080eec956a27675ab371c12d.safeframe.googlesyndication.com
5b070f71561b5d3397630aece1716407.safeframe.googlesyndication.com
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
2    74.125.200.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net
partner.googleadservices.com
9    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
16    65.9.42.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-99.nrt12.r.cloudfront.net
adx.holmesmind.com
cdn.holmesmind.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
d-3777821193461222479.ampproject.net
24    74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net
tpc.googlesyndication.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
8    142.251.12.104 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f104.1e100.net
www.google.com
2    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
www.googletagservices.com
2    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
2    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
34    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
cm.g.doubleclick.net
3    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
cs.media.net
7    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
9    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
21    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    104.17.25.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
14    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
4    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
4    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
1    104.16.85.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
34    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
10    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
10    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    54.189.51.32 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-51-32.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
6    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    52.194.75.205 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-75-205.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
5    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    52.77.150.163 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-150-163.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
12    54.228.225.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
fonts.gstatic.com
1    13.33.33.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-127.sin2.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
8    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
546f153a-b126-4c5d-8fd4-2cab22c067cd.t.ssp.hinet.net
2    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    18.155.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-27.sin52.r.cloudfront.net
adcdn.holmesmind.com
4    18.179.87.8 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
3    20.212.157.225 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bi.adpushup.com
1    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
2    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
10    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
6    172.104.45.159 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1625-159.members.linode.com
gocm.c.appier.net
5    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
8    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    34.126.167.117 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
15    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    52.205.223.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-223-187.compute-1.amazonaws.com
sync.srv.stackadapt.com
21    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
10    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
8    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    108.139.243.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-106.mxp63.r.cloudfront.net
public.servenobid.com
1    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
14    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    124.146.215.47 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.227.254.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-129.sin52.r.cloudfront.net
cr-p3.ladsp.com
5    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    69.173.144.165 (None, )

ASN- ()
pixel-eu.rubiconproject.com
2    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
11    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
19    67.199.150.82 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    184.31.5.52 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-52.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
11    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    52.220.190.140 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-190-140.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    3.126.213.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-213-118.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    18.233.195.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-195-161.compute-1.amazonaws.com
cs.emxdgt.com
1    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.101.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
6    52.77.4.205 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
3    52.94.223.167 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
10    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
5    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    52.76.121.184 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-121-184.ap-southeast-1.compute.amazonaws.com
dpm.demdex.net
1    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    52.193.50.121 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-50-121.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    138.197.50.103 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
x.yieldlift.com
3    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    3.94.215.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-215-33.compute-1.amazonaws.com
ssp.disqus.com
2    3.1.115.86 (None, )

ASN- ()
sync.tidaltv.com
2    35.214.236.176 (None, )

ASN- ()
csync.loopme.me
4    13.115.196.111 (None, )

ASN- ()
match.prod.bidr.io
3    104.254.150.241 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
18    67.199.150.86 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    18.179.176.172 (None, )

ASN- ()
dps.jp.cinarra.com
2    13.250.207.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    169.197.150.7 (None, )

ASN- ()
match.deepintent.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    104.18.25.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
2    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    89.207.22.105 (None, )

ASN- ()
pubmatic-match.dotomi.com
3    157.240.8.23 (None, )

ASN- ()
scontent-syd2-1.xx.fbcdn.net
12    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    150.136.26.45 (None, )

ASN- ()
sync.technoratimedia.com
2    13.251.186.113 (None, )

ASN- ()
ad.360yield.com
Apex Domain
Subdomains		 Transfer
53 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
511 KB
52 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
6730529b080eec956a27675ab371c12d.safeframe.googlesyndication.com
5b070f71561b5d3397630aece1716407.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
687 KB
47 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 922
image8.pubmatic.com — Cisco Umbrella Rank: 886
ads.pubmatic.com — Cisco Umbrella Rank: 732
simage2.pubmatic.com — Cisco Umbrella Rank: 979
image2.pubmatic.com — Cisco Umbrella Rank: 1407
image4.pubmatic.com
simage4.pubmatic.com Failed
52 KB
39 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.as.criteo.net — Cisco Umbrella Rank: 13111
csm.as.criteo.net — Cisco Umbrella Rank: 13249
369 KB
34 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1095
15 KB
31 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1405
fastlane.rubiconproject.com — Cisco Umbrella Rank: 681
eus.rubiconproject.com — Cisco Umbrella Rank: 826
pixel.rubiconproject.com — Cisco Umbrella Rank: 483
pixel-eu.rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1289
token.rubiconproject.com — Cisco Umbrella Rank: 1059
pixel-us-east.rubiconproject.com Failed
54 KB
24 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 318123
cdn.holmesmind.com — Cisco Umbrella Rank: 127481
fcm.holmesmind.com Failed
c.holmesmind.com — Cisco Umbrella Rank: 96936
adcdn.holmesmind.com — Cisco Umbrella Rank: 121870
ad.holmesmind.com — Cisco Umbrella Rank: 87750
fp.holmesmind.com — Cisco Umbrella Rank: 119230
196 KB
22 fbcdn.net
static.xx.fbcdn.net
scontent-syd2-1.xx.fbcdn.net
620 KB
21 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 317
450 KB
19 bg3.co
www.bg3.co — Cisco Umbrella Rank: 55959
static.bg3.co
159 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 743
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819
dsum.casalemedia.com
14 KB
16 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 38042
gocm.c.appier.net — Cisco Umbrella Rank: 3582
3 KB
16 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 18673
ads.as.criteo.com — Cisco Umbrella Rank: 12929
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14115
bidder.criteo.com — Cisco Umbrella Rank: 866
gum.criteo.com — Cisco Umbrella Rank: 481
dis.criteo.com — Cisco Umbrella Rank: 941
103 KB
16 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15804
e3.adpushup.com — Cisco Umbrella Rank: 17081
aplogger.adpushup.com — Cisco Umbrella Rank: 17146
bi.adpushup.com — Cisco Umbrella Rank: 24623
300 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 457
8 KB
15 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 407
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 715
6 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 134
www.google.com — Cisco Umbrella Rank: 17
4 KB
14 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2116
rtb.gumgum.com — Cisco Umbrella Rank: 1753
usersync.gumgum.com
5 KB
14 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 412
aax-eu.amazon-adsystem.com
9 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 313
acdn.adnxs.com — Cisco Umbrella Rank: 880
secure.adnxs.com — Cisco Umbrella Rank: 690
41 KB
14 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2255
adpushup-d.openx.net — Cisco Umbrella Rank: 17501
u.openx.net — Cisco Umbrella Rank: 977
us-u.openx.net — Cisco Umbrella Rank: 683
jp-u.openx.net — Cisco Umbrella Rank: 7685
3 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2664
public.servenobid.com — Cisco Umbrella Rank: 4741
8 KB
12 media.net
cs.media.net — Cisco Umbrella Rank: 2342
prebid.media.net — Cisco Umbrella Rank: 1868
contextual.media.net — Cisco Umbrella Rank: 809
33 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 883
eb2.3lift.com — Cisco Umbrella Rank: 571
24 KB
9 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1182
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2623
rtb-csync.smartadserver.com
3 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 784
5 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
4 KB
8 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 81658
546f153a-b126-4c5d-8fd4-2cab22c067cd.t.ssp.hinet.net
7 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1351
x.bidswitch.net — Cisco Umbrella Rank: 415
2 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1470
2 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 57998
1 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 25673
sync.aralego.com — Cisco Umbrella Rank: 4131
4 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1296
ap.lijit.com — Cisco Umbrella Rank: 872
4 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 916
1 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 899
idsync.rlcdn.com — Cisco Umbrella Rank: 578
907 B
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1214
r.turn.com — Cisco Umbrella Rank: 4743
2 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 1002
2 KB
4 gstatic.com
fonts.gstatic.com
85 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1410
pixel.quantserve.com — Cisco Umbrella Rank: 911
cms.quantserve.com — Cisco Umbrella Rank: 989
11 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9877
46 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 815
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1319
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1759
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1051
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1432
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
519 B
2 360yield.com
ad.360yield.com
624 B
2 dotomi.com
pubmatic-match.dotomi.com
741 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1124
719 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1486
s.tribalfusion.com — Cisco Umbrella Rank: 3468
1 KB
2 deepintent.com
match.deepintent.com
83 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2319
1 KB
2 loopme.me
csync.loopme.me
40 B
2 tidaltv.com
sync.tidaltv.com
677 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2888
865 B
2 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 5211
464 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 285
2 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3318
971 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 926
501 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1377
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1347
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1229
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 20824
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1530
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 903
cdn.indexww.com — Cisco Umbrella Rank: 2284
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
87 KB
2 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 65036
193 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
10 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
94 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1047
1011 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 959
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 20628
10 KB
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 contextweb.com
bh.contextweb.com
664 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4946
462 B
1 linksynergy.com
tags.rd.linksynergy.com
391 B
1 iprom.net
core.iprom.net
279 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 16302
459 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 18116
653 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 5294
421 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 445
668 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
50 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3919
173 B
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 16242
180 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1196
635 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4421
517 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1607
519 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 475
2 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 2523
451 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 11949
540 B
1 ampproject.net
d-3777821193461222479.ampproject.net
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 zemanta.com Failed
b1sync.zemanta.com — Cisco Umbrella Rank: 822 Failed
0 mookie1.com Failed
odr.mookie1.com — Cisco Umbrella Rank: 1394 Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
529 100
Domain Requested by
34 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
34 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
eb2.3lift.com
www.bg3.co
g2.gumgum.com
25 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
www.bg3.co
adx.holmesmind.com
tpc.googlesyndication.com
www.googletagservices.com
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
24 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
21 static.criteo.net ads.as.criteo.com
cdn.holmesmind.com
cdn.adpushup.com
static.criteo.net
www.bg3.co
21 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
19 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
19 image8.pubmatic.com 15 redirects onetag-sys.com
public.servenobid.com
ads.pubmatic.com
18 static.bg3.co www.bg3.co
15 match.adsrvr.org 14 redirects cdn.adpushup.com
14 cdn.holmesmind.com adx.holmesmind.com
cdn.holmesmind.com
ad.holmesmind.com
www.bg3.co
14 pix.as.criteo.net ads.as.criteo.com
13 simage2.pubmatic.com 11 redirects ads.pubmatic.com
13 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
12 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
12 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
11 s.amazon-adsystem.com 5 redirects onetag-sys.com
eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
10 pixel.rubiconproject.com 5 redirects onetag-sys.com
www.bg3.co
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
public.servenobid.com
10 ad2.apx.appier.net 5 redirects adx.holmesmind.com
10 ib.adnxs.com 7 redirects cdn.adpushup.com
acdn.adnxs.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 contextual.media.net cdn.adpushup.com
contextual.media.net
ads.pubmatic.com
eus.rubiconproject.com
9 ups.analytics.yahoo.com 8 redirects onetag-sys.com
8 sync.1rx.io 8 redirects
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 sync.mathtag.com 8 redirects
8 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
7 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
7 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
cdn.ampproject.org
6 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 x.bidswitch.net 4 redirects onetag-sys.com
contextual.media.net
6 gocm.c.appier.net 6 redirects
6 prebid.a-mo.net 3 redirects cdn.adpushup.com
www.bg3.co
6 e3.adpushup.com www.bg3.co
6 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
6 adservice.google.com.au securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 image2.pubmatic.com 5 redirects
5 sync-tm.everesttech.net 5 redirects
5 rtb-csync.smartadserver.com contextual.media.net
public.servenobid.com
ssbsync.smartadserver.com
5 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
5 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
5 us-u.openx.net 2 redirects u.openx.net
5 bidder.criteo.com cdn.adpushup.com
static.criteo.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 match.prod.bidr.io 4 redirects
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ad.turn.com 4 redirects
4 ad.holmesmind.com cdn.holmesmind.com
adx.holmesmind.com
4 fonts.gstatic.com fonts.googleapis.com
4 adpushup-d.openx.net cdn.adpushup.com
4 fonts.googleapis.com cdnjs.cloudflare.com
securepubads.g.doubleclick.net
4 csm.as.criteo.net ads.as.criteo.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 scontent-syd2-1.xx.fbcdn.net www.facebook.com
3 secure.adnxs.com 3 redirects
3 ce.lijit.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 pm.w55c.net 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 id.rlcdn.com 2 redirects onetag-sys.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 sync.srv.stackadapt.com 3 redirects
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 bi.adpushup.com www.bg3.co
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 ad.360yield.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects ads.pubmatic.com
2 match.deepintent.com ads.pubmatic.com
g2.gumgum.com
2 cm.adgrx.com 2 redirects
2 cms.quantserve.com 2 redirects
2 csync.loopme.me ssbsync.smartadserver.com
ads.pubmatic.com
2 sync.tidaltv.com 2 redirects
2 ssp.disqus.com 2 redirects
2 ap.lijit.com 2 redirects
2 x.yieldlift.com 1 redirects public.servenobid.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 a.sportradarserving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com contextual.media.net
ads.pubmatic.com
2 p.rfihub.com 2 redirects
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 connect.facebook.net cdn.holmesmind.com
connect.facebook.net
2 prebid.scupio.com cdn.holmesmind.com
2 c.holmesmind.com 1 redirects cdn.holmesmind.com
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 cdnjs.cloudflare.com ads.as.criteo.com
2 cat.sg1.as.criteo.com ads.as.criteo.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 cs.media.net 1 redirects contextual.media.net
2 rtb.openx.net 2 redirects
2 ads.as.criteo.com googleads.g.doubleclick.net
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
2 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
2 www.googletagservices.com googleads.g.doubleclick.net
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 sync.technoratimedia.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 ipac.ctnsnet.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 www.facebook.com connect.facebook.net
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 546f153a-b126-4c5d-8fd4-2cab22c067cd.t.ssp.hinet.net adx.holmesmind.com
1 tr.blismedia.com acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
1 r.turn.com acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
1 prebid-asia.creativecdn.com cdn.holmesmind.com
1 fp.holmesmind.com cdn.holmesmind.com
1 acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adcdn.holmesmind.com cdn.holmesmind.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 trace.mediago.io 1 redirects
1 dsp.adkernel.com 1 redirects
1 d-3777821193461222479.ampproject.net cdn.ampproject.org
1 5b070f71561b5d3397630aece1716407.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6730529b080eec956a27675ab371c12d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.bg3.co
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 cs.admanmedia.com Failed g2.gumgum.com
0 b1sync.zemanta.com Failed ssum-sec.casalemedia.com
0 odr.mookie1.com Failed www.bg3.co
onetag-sys.com
ads.pubmatic.com
0 sync.go.sonobi.com Failed www.bg3.co
public.servenobid.com
0 fcm.holmesmind.com Failed cdn.holmesmind.com
529 168

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-10 -
2022-11-08		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh

This page contains 80 frames:

Primary Page: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Frame ID: 6A7DF4B4C440BA22B2DD64653CF475F3
Requests: 102 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F3482D918E6BC353CB18B3532B9796B3
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: DEF6D7E79E589E386B3875499221E9AC
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8A034ECD34331D5C705F1B39B595B635
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: DC776E1B2067D625F686C6649DF3D90B
Requests: 8 HTTP requests in this frame

Frame: https://6730529b080eec956a27675ab371c12d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1DD7A3BBC4A1A26762AFCDB51D32F791
Requests: 1 HTTP requests in this frame

Frame: https://5b070f71561b5d3397630aece1716407.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5B493FC3BBB4F108ED6A521D87C6325F
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 0D4E3240C3EB07313D12404427527526
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Frame ID: EBDA6D5F8586E9C98A8EFA52BE40CD85
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-9864332413242520446&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3096&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=391121005144&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&ga_hid=5144&dt=1667314945676&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&bdt=4136&dtd=208&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: CF5A2D597CBA148BB586C76DE836049D
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: C5CAA88165D673C63A2449487C315D13
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4B5C9E4D63BE89D41C65224CA026492
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB359002A50713DF5317D5551CB8A1B1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 235298A0502AC1C4FD44EEF529E2E313
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A80F2DA7E9F5205B142CF3E67BB0B43B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D39AE0F64CE2785D4510804420B202DC
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Frame ID: DC205EC8432C91F4376112561F96B778
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 8D13601E6B5865D5074C413349BF57FB
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 0A96324FFB56AAA1F6A28308AE2E1689
Requests: 31 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 14E390FDF81BA9AC247D6DDB00630A2D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 570BC61F54116A78DFFB0DD98A15B66C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ABB08B09EF0AFBE1F2D12DB75732AC4E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: B3A465933DD0487C446C565FA864AA23
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 9043F2EF462787F4775A98BFF43D25EC
Requests: 18 HTTP requests in this frame

Frame: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8398F684611315387D1BE030F8488364
Requests: 10 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3233-Z4DewxfS094bwprgzDM8LicIRdM4eFxZ&CFFPCKUUID=5674-EU33A6Xo6d1vghISH00eMiInpaDG9wGo&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20221028%2FlfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html&maindomain=holmesmind.com
Frame ID: DC9390D036A7BB7A1036C6841987D918
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 99B7C2248B0844EE4E76C0E83B076902
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 536D5286D2E54A581196B6DCAF71D9E2
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/image/13299/copied_copied_7c0d4b2d2808fb14555f646dd55b8531.jpg
Frame ID: E46E97C1C41F6B1F609FC82637416B2B
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1667314948589
Frame ID: CCA1678A8C50B882D48E2AF06489FE07
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A5C06C9B30C848372CE676CB7111BA9E
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 373C84A6FA59C9B0E3F34B8478DCACBB
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4002883671C32BF0B17B466A6948C4BA
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: A1DC543E4681531F9A840F1976F6331F
Requests: 13 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 47F4011915D6C0DD12B5DCD3A5D92050
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 79CEDD9FB204D841D52BFD189DA55560
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6AE812AA14D47B24E3CA9C732FA6B4E2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 0AE831C044F77465B9CA599F3794CF87
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: AAC13BF53A809600F89C04EDF8D11361
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=rkt&refUrl=&vid=73149525273103165461530142000V10&ovsid=1917759394584409181
Frame ID: 78F2BF3DB0DB3BAEE0968DA0C8B138FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Frame ID: 9B2E42587FF1A29F724A786A70A3721A
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Frame ID: ECA776B221E997BAE41186B086BEAA61
Requests: 24 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: CADB9C079E2A6C0BFB17937660E92CD7
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E9B4F3A52DB5693EB70DE6C0E7FC4B87
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 83569E9594CEFBE8CEC941E20DCC9644
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 214A24949220E55F14995D8983EEA9EB
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 678B8BF3694BD21516127AE88D7D98F4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 2A5E9BD279B6B02DC3AD3F70341793A4
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: C66711C7AF2B9AEA7B6B226CADF5CFA6
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&gdpr=0&gdpr_consent=
Frame ID: A326E42B991FDE737480C1DE9A491928
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: FD1E56565416D31CF434897D9D7F2867
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: 6D2A4D5E07AE4DE1814BCD3A93A3948A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: C7DDBF2DCE9390E88C886DB9F2DCDABA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: 35289863B6CD6DE0F81699EE31CD6EDE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: F007329178589C8C2343947F2D616AA2
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A885C777054F427205F260E787651C28
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: 3451FE37C301D1451ED510E96E94B679
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: 57ACC4898ADC2138BA363091BAD8CF07
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 8B86FCBD409E6BAF12B838E3807096A5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: 9D4112D650DDEB8F64EE945BD7249A80
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: 73E97B436DE0AD582B3A0C7B38242AE1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: E416C88840E4EA281759968FD75E23D7
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: A9E5822C4D209DEFB5AEB64F6933C535
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 20AC90A5DF216C9804206D63D32DEBD9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: FEE885D04F24C6D534010D9BA6C84B32
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 475CD736C5B99D7B7C4C457D95C33138
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9F6AE369AE9CA321A48505002F8DFBC0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: 99BC66F430CDF912E15AFD6A9E72F8CE
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=pba&refUrl=&vid=73149525273103165461530142000V10&ovsid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Frame ID: B363961FF2E1969B9D5CE7BC2C20EEBB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 20C6E13CC42555DA6A8CD594F0413262
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=74559002-b79d-4ce9-8c63-aa03cf914794
Frame ID: 82FB2148AC2AE896119EAEAB224E6C7F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
Frame ID: 3E7259E0985BAD022B288555119B167E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y2E1CQAAAH1aDgA7&gdpr=0&gdpr_consent=
Frame ID: A49BA4EBD370277CC6C30E00A6606142
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wM2YwY2ExYy0xZDYzLTRhZjUtOTFiMi1kMmNlZjNmODU0ZGI=&gdpr=0&gdpr_consent=
Frame ID: 4165B11E762CCB1423595D9A61B60410
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: CA0A60E614A89BFF7EC7D16557188300
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y2E1CcCo8X8AAJW.UkQAAAAA
Frame ID: CCB12E8C3B043A11D3A36D8EFE489742
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: 6845E201D59B27CF9FF1AE3935BE4574
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y2E1CCaLQ3UUI9ms.cYTAwAA%265329
Frame ID: AB1505B25369E2637B280FFFF87EE8B1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=zFx2rhZvR8tvpiW8kQBk&pi=gumgum&tc=1
Frame ID: C119EA114BE84B32002A7F90E5C2AB8D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: FEBA517B817FD28CB9FD7207FF7AC515
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

房市敲警鐘! 10月南二都交易量「縮到5年新低」 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

529
Requests

74 %
HTTPS

0 %
IPv6

100
Domains

168
Subdomains

112
IPs

11
Countries

4184 kB
Transfer

12281 kB
Size

165
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 63
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314943946&bpp=13&bdt=1393&idt=1379&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=2&ga_vid=839052905.1667314945&ga_sid=1667314945&ga_hid=1174602103&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1364&biw=1600&bih=1200&isw=336&ish=280&ifk=1964632052&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44775017&oid=2&pvsid=3682522760567228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7t0f2pxb3k9i&btvi=1&fsb=1&dtd=1400 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 96
  • https://rtb.openx.net/sync/dds?google_gid=CAESEEiyNz7xTnEb8IeO8leJWOM&google_cver=1&google_push=AZmPxg9D_9eWbUY8hDBOk0UK1I5o01dfUyxpgvVPMYoVSrihSUdItn9ZjxzJ5owIf0QOL4SE10C2I3sn_vp03lAtP1XxbW3nZH205A HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEEiyNz7xTnEb8IeO8leJWOM&google_cver=1&google_push=AZmPxg9D_9eWbUY8hDBOk0UK1I5o01dfUyxpgvVPMYoVSrihSUdItn9ZjxzJ5owIf0QOL4SE10C2I3sn_vp03lAtP1XxbW3nZH205A&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9D_9eWbUY8hDBOk0UK1I5o01dfUyxpgvVPMYoVSrihSUdItn9ZjxzJ5owIf0QOL4SE10C2I3sn_vp03lAtP1XxbW3nZH205A&google_hm=XbB6youayXghmMIVic1SLg==
Request Chain 97
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHWwknEfAEeDAf_A--Us-Go&google_cver=1&google_push=AZmPxg8mIPrl_aDlZaG1DcFrXRMWsZ4S_fpYZ0yPibeQCrIK2kGy_dQGZORrNBb9m1Sd5nPy6PnYVV10Tri54RcLcO5Re_HpQxg7 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHWwknEfAEeDAf_A--Us-Go&google_cver=1&google_push=AZmPxg8mIPrl_aDlZaG1DcFrXRMWsZ4S_fpYZ0yPibeQCrIK2kGy_dQGZORrNBb9m1Sd5nPy6PnYVV10Tri54RcLcO5Re_HpQxg7&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=os2oqs2HSpiR5wicNtzbLQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8mIPrl_aDlZaG1DcFrXRMWsZ4S_fpYZ0yPibeQCrIK2kGy_dQGZORrNBb9m1Sd5nPy6PnYVV10Tri54RcLcO5Re_HpQxg7
Request Chain 98
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBc3gqpq4lkyBk0z7aWekl8&google_cver=1&google_push=AZmPxg9ua3My5a3h6wUc9hvAzDs_9nMmtegbVik2_t8706OQJO3bJtIft6MSHEH2Z-u1-NpmtViLSIMQkpt1wwbzCOkUu4gHfzFm_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwMDg5MTE1NzQxNzY3NTY5MQ&google_push=AZmPxg9ua3My5a3h6wUc9hvAzDs_9nMmtegbVik2_t8706OQJO3bJtIft6MSHEH2Z-u1-NpmtViLSIMQkpt1wwbzCOkUu4gHfzFm_Q
Request Chain 99
  • https://cs.media.net/cksync?type=g&google_gid=CAESEKOErb2_piz2Uv7abaKUB3s&google_cver=1&google_push=AZmPxg8ARHbtlrSm514qeshupnSTaK7QtwCRp1LNeAux0EykYNZ2XTP9iTCeyN2MI-c-c8BcP26D22crXaL7M9lHratHu53m_R-4lQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwMzE2NTQ2MTUzMDE0MjAwMFYxMA%3d%3d&mn_hm=MzEwMzE2NTQ2MTUzMDE0MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8ARHbtlrSm514qeshupnSTaK7QtwCRp1LNeAux0EykYNZ2XTP9iTCeyN2MI-c-c8BcP26D22crXaL7M9lHratHu53m_R-4lQ&gdpr=&gdpr_consent=
Request Chain 100
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFaIIDBXXCxFsHqkERukT1s&google_cver=1&google_push=AZmPxg880A6wbColInzSs8NB8CDJ8gZuYdn7clavP11y7vgLksjbbQ6JLdKhtbPP27RSjsHA_czbn0rpSrP5P4IBnbvp15Gbe54r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg880A6wbColInzSs8NB8CDJ8gZuYdn7clavP11y7vgLksjbbQ6JLdKhtbPP27RSjsHA_czbn0rpSrP5P4IBnbvp15Gbe54r&google_hm=ODczNjU3MzE3MjUyODI3NzAzMg%3D%3D
Request Chain 101
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGDqkpQNTLr3TyyT5NKBye8&google_cver=1&google_push=AZmPxg_qynm3tCGkZT1bcnDcQDBYXxA85qnh4cVJv3Q-81jcyjXWZGTYL43iH8WO2IcC672YP0NPoGF3c1SqdqwGOzk0tnpqTOvRuWA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGDqkpQNTLr3TyyT5NKBye8&google_cver=1&google_push=AZmPxg_qynm3tCGkZT1bcnDcQDBYXxA85qnh4cVJv3Q-81jcyjXWZGTYL43iH8WO2IcC672YP0NPoGF3c1SqdqwGOzk0tnpqTOvRuWA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lRGFDSDhORTJ1R1NLcEpISDlLWDdscGJ6Y3VuTkhieX5B&google_push=AZmPxg_qynm3tCGkZT1bcnDcQDBYXxA85qnh4cVJv3Q-81jcyjXWZGTYL43iH8WO2IcC672YP0NPoGF3c1SqdqwGOzk0tnpqTOvRuWA
Request Chain 102
  • https://trace.mediago.io/cs/google?google_gid=CAESEJAmu8CAPcToL9-MrkDX-Jk&google_cver=1&google_push=AZmPxg_FKdT5AcbpzxPdLEUb8NJgwpYEhSUaMUOP6fR0z6bteyh30VVe-pZubvhhEm-Xc0paA7AdIqaxivch8kyvMKJY-xS5hlkFjgs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_FKdT5AcbpzxPdLEUb8NJgwpYEhSUaMUOP6fR0z6bteyh30VVe-pZubvhhEm-Xc0paA7AdIqaxivch8kyvMKJY-xS5hlkFjgs&google_hm=cc485df27d749de673ce7882313132ae
Request Chain 139
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314947136&bpp=11&bdt=205&idt=339&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=8545687197764&frm=8&ife=1&pv=2&ga_vid=1443549548.1667314947&ga_sid=1667314947&ga_hid=1307981265&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44773614%2C31070617%2C44775017&oid=2&pvsid=697213879721454&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.nk27qfoq35dj&fsb=1&dtd=354 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Request Chain 183
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 239
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=p5uwInKrDrWGLe88BjVhYw
Request Chain 240
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=WI1TuaODBPi1ebRcBjVhYw
Request Chain 241
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=uNrJdvscChOVQgP8BjVhYw
Request Chain 242
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Oiz-HKQjBlm5ok9HBjVhYw
Request Chain 243
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=fWop6ZLVDT-gdFPTBjVhYw
Request Chain 258
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ-Q6gbxo7zh66BgCL11rHU&google_cver=1&google_push=AZmPxg8pfIibJo6dC9Kwl5SaqCyB6uKyXh1CR7Ebh9QSaPhzKF1fKkQwu_D_KrYOqZZSgrSy-JTcDiEIYbWHf_4M6Mm8UPBIV7Q2wQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM1NDkwOTE4MzQ3NjU0Mzg1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ-Q6gbxo7zh66BgCL11rHU&google_cver=1
Request Chain 259
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAG12aa9v9ialw1VcOuz7z8&google_cver=1&google_push=AZmPxg9Kr15bT6IMPOqWSwCr8N0D2WUvyAJ-1asOzsCbhKyZb1Miy-oJMYajPlUGR_0u2cM4Uk1hs6rm9Vl6y6jguFxEkXvXp4JjtA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9Kr15bT6IMPOqWSwCr8N0D2WUvyAJ-1asOzsCbhKyZb1Miy-oJMYajPlUGR_0u2cM4Uk1hs6rm9Vl6y6jguFxEkXvXp4JjtA
Request Chain 260
  • https://um.simpli.fi/gp_match?google_gid=CAESEPHDZYCmyEbUPnzf1Vd_-SQ&google_cver=1&google_push=AZmPxg_Q78rCYM7sBSAOHwbHHOyl-2HDHELKUUZ3kdrFg_JrwL1HOu-ok8quIpK3-yHHUNMrRM0NyEdeOT_V-T3W9NGSzopDHFGhfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DA8A55D9C5974F5C90D5B4B2092CE4CA&google_push=AZmPxg_Q78rCYM7sBSAOHwbHHOyl-2HDHELKUUZ3kdrFg_JrwL1HOu-ok8quIpK3-yHHUNMrRM0NyEdeOT_V-T3W9NGSzopDHFGhfA
Request Chain 261
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFRHj144vNMDzRq0_Mu4oqQ&google_cver=1&google_push=AZmPxg_jYiyAOkDEHCans2J-75PKi3fynGPRLeCvkh1q5JeZpCg2971yLx5S0h_atNDPSOVTQlJdXe02Q2kfSHP9iWQd0_GSzggBvg HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEFRHj144vNMDzRq0_Mu4oqQ&google_cver=1&google_push=AZmPxg_jYiyAOkDEHCans2J-75PKi3fynGPRLeCvkh1q5JeZpCg2971yLx5S0h_atNDPSOVTQlJdXe02Q2kfSHP9iWQd0_GSzggBvg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NzQ1NTkwMDItYjc5ZC00Y2U5LThjNjMtYWEwM2NmOTE0Nzk0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=74559002-b79d-4ce9-8c63-aa03cf914794
Request Chain 263
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFI6d-uOOQJfy-1oGUe8TOA&google_cver=1&google_push=AZmPxg86HsD3G6O5e7ZHgMd9ngPeMNdryF_CF6WD32j2m9I9R57hzjiHObLLPpiaoWPiUX9Qeb3QZuxvILoWyV-VI-XHUVpkyYoTEA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFI6d-uOOQJfy-1oGUe8TOA&google_cver=1&google_push=AZmPxg86HsD3G6O5e7ZHgMd9ngPeMNdryF_CF6WD32j2m9I9R57hzjiHObLLPpiaoWPiUX9Qeb3QZuxvILoWyV-VI-XHUVpkyYoTEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcwMTUxNDExMzUwNTY5MTkyOQ&google_push=AZmPxg86HsD3G6O5e7ZHgMd9ngPeMNdryF_CF6WD32j2m9I9R57hzjiHObLLPpiaoWPiUX9Qeb3QZuxvILoWyV-VI-XHUVpkyYoTEA
Request Chain 264
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENZlxwy3LUc7dPBTHq5pjZg&google_cver=1&google_push=AZmPxg9H8QmFfUBTAN9IGHIsyxo53xuYah4eGovznWnchuUfVKvC7Fv2c8Hw_Az72FrKCf01HioCcG0WmS1_RfAiLgAraqLjfKNG8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=DcQ-LXDqSlNRfhIrPhlI22fR_gU&google_push=AZmPxg9H8QmFfUBTAN9IGHIsyxo53xuYah4eGovznWnchuUfVKvC7Fv2c8Hw_Az72FrKCf01HioCcG0WmS1_RfAiLgAraqLjfKNG8w
Request Chain 278
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 314
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 320
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F22059%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1iNTI3ZDRlNC1kZDRkLTQ3ZmYtOTcwMC02ZDFhMGQ1M2ZhMjk%253D%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F22059%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1iNTI3ZDRlNC1kZDRkLTQ3ZmYtOTcwMC02ZDFhMGQ1M2ZhMjk%253D%26uid%3D&gdpr=1&gdpr_consent=&s=191503&us_privacy=1---&C=1 HTTP 302
  • https://prebid.a-mo.net/cchain/1/22059?gdpr=0&gdpr_consent=&us_privacy=1---&A=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1iNTI3ZDRlNC1kZDRkLTQ3ZmYtOTcwMC02ZDFhMGQ1M2ZhMjk%3D&uid=Y2E1CCaLQ3UUI9ms.cYTAwAA%265329 HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F22059%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1iNTI3ZDRlNC1kZDRkLTQ3ZmYtOTcwMC02ZDFhMGQ1M2ZhMjk%253D%26uid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS03NDljMTExMS1lYjY1LTM0NTYtYTYyZS1iZmM5YjVmOGE4NTkqpQJodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMi8yMjA1OT9nZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PTEtLS0mQT1iNTI3ZDRlNC1kZDRkLTQ3ZmYtOTcwMC02ZDFhMGQ1M2ZhMjkmYmlkZGVyPXpldGEmY2J4PWFIUjBjSE02THk5cFlpNWhaRzU0Y3k1amIyMHZjSEpsWW1sa0wzTmxkSFZwWkQ5aWFXUmtaWEk5WVcxNEpuVnBaRDFpTlRJM1pEUmxOQzFrWkRSa0xUUTNabVl0T1Rjd01DMDJaREZoTUdRMU0yWmhNamslM0QmdWlkPXVhLTc0OWMxMTExLWViNjUtMzQ1Ni1hNjJlLWJmYzliNWY4YTg1OTICEgw4AQ==
Request Chain 321
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A&gdpr=0&gdpr_consent=
Request Chain 322
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52b3421c-b360-4579-8d38-32d80058b81a&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=fb060f3e-aa3a-4c97-89fb-3382d257d44c&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10530401092153677328&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232923304322010812441&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 323
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L9YC9S34-1K-6US9&gdpr=0&us_privacy=1---
Request Chain 324
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2354909183476543857&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 325
  • https://match.adsrvr.org/track/cmf/openx?oxid=82e6f0f6-221c-7056-c7ec-8ea25ad46894&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=74559002-b79d-4ce9-8c63-aa03cf914794&ttd_puid=82e6f0f6-221c-7056-c7ec-8ea25ad46894&gdpr=0&gdpr_consent=
Request Chain 326
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2E1CMCo8X8AAJW.UgAAAAAA
Request Chain 327
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARjtJ88qfosQks8ADv_jDtZ9Es8AAAGEM7cqyQ
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHZxEMNsgAhHKDrEtjceTwc&google_cver=1
Request Chain 331
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 332
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=1&gdpr_consent=
Request Chain 334
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=893519410280744005
Request Chain 336
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhDO3KbNHB_LguewW-3HSvnl54iLCODuo5Q
Request Chain 338
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCIjqhJsGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 339
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yH8ccnkm2X_eTX0B218VTX7qqDSLp0tKzz1sxR9NoC8
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPOPUlMHUiXbz5fuu66qufA&google_cver=1
Request Chain 343
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=
Request Chain 347
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 348
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Drkt%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=rkt&refUrl=&vid=73149525273103165461530142000V10&ovsid=1917759394584409181
Request Chain 350
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dapx%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=apx&refUrl=&vid=73149525273103165461530142000V10&ovsid=893519410280744005
Request Chain 351
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dopx%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=opx&refUrl=&vid=73149525273103165461530142000V10&ovsid=4aca9969-891c-4ab6-a4a3-f0cce83bfa48
Request Chain 352
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dmma%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=mma&refUrl=&vid=73149525273103165461530142000V10&ovsid=ab586361-3506-4000-a74d-405dad1f9ad7
Request Chain 353
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dr1%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dr1%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D%5BRX_UUID%5D&cb=1667314952974 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2080097453 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/74559002-b79d-4ce9-8c63-aa03cf914794 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-115fce68-ef0a-45b0-876b-d2a4577ae207-004 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
Request Chain 354
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Ddxu%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Ddxu%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=dxu&refUrl=&vid=73149525273103165461530142000V10&ovsid=EwYaeG8W1OPSMF5
Request Chain 357
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dzem%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=7GBKCMoAXfOFrh4_QShi&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJXI5BEWQ2NN5AVQZSPIZZGQNC7KFJWQ2JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3TGMJUHE2TENJSG4ZTCMBTGE3DKNBWGE2TGMBRGQZDAMBQKYYTAJTWONUWIPJTGEYDGMJWGU2DMMJVGMYDCNBSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJXI5BEWQ2NN5AVQZSPIZZGQNC7KFJWQ2JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3TGMJUHE2TENJSG4ZTCMBTGE3DKNBWGE2TGMBRGQZDAMBQKYYTAJTWONUWIPJTGEYDGMJWGU2DMMJVGMYDCNBSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=7GBKCMoAXfOFrh4_QShi&refUrl=&type=zem&vid=73149525273103165461530142000V10&vsid=3103165461530142000V10
Request Chain 358
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3103165461530142000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3103165461530142000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=c64b5563-b536-4ea6-8a23-eaa4ef41f755&cs=1
Request Chain 360
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=74559002-b79d-4ce9-8c63-aa03cf914794
Request Chain 362
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=74559002-b79d-4ce9-8c63-aa03cf914794&dongle=0cfd
Request Chain 363
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4MDk1ODE2MjE2NDIyMDUyMTExNQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPwRXugFmDrrQJQvUAUxSZ4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 365
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4MDk1ODE2MjE2NDIyMDUyMTExNQ%3D%3D
Request Chain 366
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3680958162164220521115&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3680958162164220521115&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e57cfda-2cb5-4a45-9f55-5965466f9f05&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e57cfda-2cb5-4a45-9f55-5965466f9f05&_noobservation=1&_expected_cookie=d648db5a1b25ce7e73dacf359871f84d
Request Chain 367
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3680958162164220521115&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0b96bd3a-4512-441d-81dd-abe60a7cd6e2&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=52b3421c-b360-4579-8d38-32d80058b81a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 368
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3680958162164220521115?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-jkDNe.NE2oTFarDmNIhJKLDiZmHTnekaI2rIILC6hA--~A&dongle=0883
Request Chain 369
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3680958162164220521115 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3680958162164220521115&dcc=t
Request Chain 371
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=VnJV66llWbxWZiXZkxIq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KZXEUVRWGZWGYV3CPBLVU2KYLJVXQSLR&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KZXEUVRWGZWGYV3CPBLVU2KYLJVXQSLR HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=VnJV66llWbxWZiXZkxIq
Request Chain 372
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=&expires=30
Request Chain 373
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SfRtmb0YR_Gpei1UsGWUNg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SfRtmb0YR_Gpei1UsGWUNg
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENwjwRWMgayUoobJLiki2-k&google_cver=1
Request Chain 375
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LxGXQgIATeK0CroVkrVMVw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=LxGXQgIATeK0CroVkrVMVw
Request Chain 376
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9YC9S34-1K-6US9
Request Chain 377
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tiuhnxbMCNjQhj9ps1qg_sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2846431533973872647
Request Chain 378
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZQzlTMzQtMUstNlVTOQ==
Request Chain 379
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmY3OTM1MWQ5ZTk0MGU0YjNlMTZmYzdhY2RlNTA4MGY5Y2I3YTQwZQ
Request Chain 381
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&dcc=t
Request Chain 382
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2E1CMfbrAsjdOSeGuHmMgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJtOPP63dB8MnEPxFaC1238&google_cver=1
Request Chain 383
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=74559002-b79d-4ce9-8c63-aa03cf914794&expiration=1669906953&gdpr=0&gdpr_consent=
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELcYeNHFcJt6eF1KfWPX-bQ&google_cver=1
Request Chain 386
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y2E1CQAAAOgmnQAT HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2E1CQAAAOgmnQAT&_test=Y2E1CQAAAOgmnQAT
Request Chain 387
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ab586361-3506-4000-a74d-405dad1f9ad7
Request Chain 388
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y2E1CMfbrAsjdOSeGuHmMgAA%264797?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2E1CMfbrAsjdOSeGuHmMgAA%264797
Request Chain 395
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 397
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9YC9S34-1K-6US9&gdpr=0&us_privacy=1YN-
Request Chain 398
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=893519410280744005
Request Chain 399
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FlDmDRZH9d5m1Oj8SqenoaRC
Request Chain 400
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FlDmCLZHAMiHLH_fRc-hoCKi
Request Chain 401
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=3ccb3ecd-e909-49fe-bccb-4d86c594be0a
Request Chain 402
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1667314953059 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=318002345 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/74559002-b79d-4ce9-8c63-aa03cf914794 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-115fce68-ef0a-45b0-876b-d2a4577ae207-004 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
Request Chain 403
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1978557991396827271
Request Chain 405
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F20468%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/20468?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=893519410280744005 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F20468%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 406
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
Request Chain 407
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS03NDljMTExMS1lYjY1LTM0NTYtYTYyZS1iZmM5YjVmOGE4NTkqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNzQ5YzExMTEtZWI2NS0zNDU2LWE2MmUtYmZjOWI1ZjhhODU5MgIMBjgB HTTP 302
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FlDmCLZHAMiHLH_fRc-hoCKi&r=Cid1YS03NDljMTExMS1lYjY1LTM0NTYtYTYyZS1iZmM5YjVmOGE4NTkqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNzQ5YzExMTEtZWI2NS0zNDU2LWE2MmUtYmZjOWI1ZjhhODU5MgIMBjgB HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS03NDljMTExMS1lYjY1LTM0NTYtYTYyZS1iZmM5YjVmOGE4NTkqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNzQ5YzExMTEtZWI2NS0zNDU2LWE2MmUtYmZjOWI1ZjhhODU5MgIMBjgC%26buyeruid%3D HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F27896%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAzTkRsak1URXhNUzFsWWpZMUxUTTBOVFl0WVRZeVpTMWlabU01WWpWbU9HRTROVGtxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE56UTVZekV4TVRFdFpXSTJOUzB6TkRVMkxXRTJNbVV0WW1aak9XSTFaamhoT0RVNU1nSU1CamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Request Chain 408
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
Request Chain 411
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=c449e8d0-7bc5-46bc-9263-fc93ec38fd18&gdpr=0&gdpr_consent=
Request Chain 413
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACCcU7GwmoAAB8VAdylpA&gdpr=0
Request Chain 414
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1532598510 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/74559002-b79d-4ce9-8c63-aa03cf914794 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-115fce68-ef0a-45b0-876b-d2a4577ae207-004 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
Request Chain 416
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=893519410280744005
Request Chain 417
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2354909183476543857
Request Chain 418
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
Request Chain 419
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAIlU07GwmoAACE5haopDQ&expiration=1668524554
Request Chain 420
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682953353&external_user_id=be675e45-3fda-48a3-919c-1b77fb976389
Request Chain 421
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=LCHlZEW5IvVZ0ujvApD8&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TCDJBWFURKXGVEXMVS2GB2WU5SBOBCDQ HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TCDJBWFURKXGVEXMVS2GB2WU5SBOBCDQ
Request Chain 422
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&dcc=t
Request Chain 423
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=893519410280744005
Request Chain 425
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhDO3LPvvTHd1mkMd4eBnjfITtzd6Gs7KGA
Request Chain 427
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
Request Chain 428
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=L9YC9S34-1K-6US9&gdpr=0
Request Chain 429
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=893519410280744005
Request Chain 431
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=8736573172528277032
Request Chain 432
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PnhB3fl1zExV73vcwYY-7faHJxKmzCctNfW4aFdDPFM
Request Chain 433
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 434
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPOPUlMHUiXbz5fuu66qufA&google_cver=1
Request Chain 435
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
Request Chain 436
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52b3421c-b360-4579-8d38-32d80058b81a&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Donetag%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Donetag%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=33b7833e-ab65-4859-9558-a6de0c92be30&ssp=onetag&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10530401092153677328&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232403304322010809724&ssp=onetag&gdpr=0&gdpr_consent=
Request Chain 440
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 441
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y2E1CQAAAH1aDgA7 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2E1CQAAAH1aDgA7&gdpr=0&gdpr_consent=&_test=Y2E1CQAAAH1aDgA7 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 442
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xni6pxpx2e9 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 443
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1CzUidEq0ozPetve1C7P3NN5htzPL9GM1SbQn3XV HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 444
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=893519410280744005&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 446
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DcQ-LXDqSlNRfhIrPhlI22fR_gU HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 447
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Oiz-HKQjBlm5ok9HBjVhYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 449
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=36d706b62e024c5fb5d4e55642afb776 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 451
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EwYaeG8W1OPSMF5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 452
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36fb74b0-59f6-11ed-afe4-9113dbb19cb6 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 456
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 457
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DA8A55D9C5974F5C90D5B4B2092CE4CA&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 459
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=os2oqs2HSpiR5wicNtzbLQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 460
  • https://idsync.rlcdn.com/420486.gif?partner_uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=282404903cfd77934bf69adb04ec64e4ef5b0d92b40b05a1770ceb7472ef4f1d791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyODI0MDQ5MDNjZmQ3NzkzNGJmNjlhZGIwNGVjNjRlNGVmNWIwZDkyYjQwYjA1YTE3NzBjZWI3NDcyZWY0ZjFkNzkxNDI2YjU0MTdkY2UyMRAAGgwIieqEmwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyODI0MDQ5MDNjZmQ3NzkzNGJmNjlhZGIwNGVjNjRlNGVmNWIwZDkyYjQwYjA1YTE3NzBjZWI3NDcyZWY0ZjFkNzkxNDI2YjU0MTdkY2UyMRAAGgwIieqEmwYSBAgCEABCAEoA&google_gid=CAESEIn0to2JoCLN8A8ymW5_GTc&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ff953534-b822-400b-8b46-1af57e77d7cc
Request Chain 461
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ab586361-3506-4000-a74d-405dad1f9ad7
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTJDREE4QUEtQ0Q4Ny00QTk4LTkxRTctMDg5QzM2RENEQjJE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 463
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG9bToU8AdcnkcXrzXYtkRA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 466
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=74559002-b79d-4ce9-8c63-aa03cf914794
Request Chain 467
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_6OYEpJE2uWwk11MyAQkRi97CIZQONs-~A&gdpr=0&gdpr_consent=
Request Chain 468
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6701514113505691929 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 469
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52b3421c-b360-4579-8d38-32d80058b81a&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=82a3cce0-473b-47c8-8981-aa850cd7c1bb&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10530401092153677328&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232233304322010808762&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 470
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2354909183476543857&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Request Chain 471
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=893519410280744005
Request Chain 472
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=cf8011f8cd20a8&is_secure=true&networkId=17100&version=1&nuid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMTBVoVOdyrwMcwsaYAAAAAAA&expiration=1667401354&nuid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 489
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=893519410280744005
Request Chain 490
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_03f0ca1c-1d63-4af5-91b2-d2cef3f854db&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=iObVGY3g0xyTsNpOiOTOTI-zh0yT5dAciexElKiZ HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=52b3421c-b360-4579-8d38-32d80058b81a
Request Chain 491
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0dc43e2d-70ea-4a53-517e-122b3e1948db$ip$103.209.254.5
Request Chain 492
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_03f0ca1c-1d63-4af5-91b2-d2cef3f854db&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=NH8D18iMLnikIEXYgkWb&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TSIHBCDCODJJVGG42LLJFCVQWLHNNLWEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TSIHBCDCODJJVGG42LLJFCVQWLHNNLWEJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=NH8D18iMLnikIEXYgkWb&us_privacy=1---
Request Chain 493
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004&rndcb=7989670818 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=52b3421c-b360-4579-8d38-32d80058b81a&google_hm=NTJiMzQyMWMtYjM2MC00NTc5LThkMzgtMzJkODAwNThiODFh HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJOPqvjZRAnEqKRya6ZWVco&google_cver=1&ssp=adconductor&bsw_param=52b3421c-b360-4579-8d38-32d80058b81a HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/52b3421c-b360-4579-8d38-32d80058b81a?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-115fce68-ef0a-45b0-876b-d2a4577ae207-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
Request Chain 494
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=G21ZG6my4Jql&ev=1&pid=558355
Request Chain 495
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28PqcCElQaQnIHJlVOJUcEnIFzJZHX97GVQtYJ6a9X7Juia2-2YWVhMMkNzhCZDft_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28PqcCElQaQnIHJlVOJUcEnIFzJZHX97GVQtYJ6a9X7Juia2-2YWVhMMkNzhCZDft_%29
Request Chain 496
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=75db5486-0a09-4800-a097-9e4f928469d2
Request Chain 497
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-0AdcpkVE2pdtRa.PEMRvnPyk8X7KWiwcJezw~A
Request Chain 498
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=296e3200-92d9-4d39-a473-9dd14d621e73
Request Chain 501
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=87a6f697-c01b-46ee-942b-759cfb21aa09
Request Chain 502
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8736573172528277032
Request Chain 505
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=74559002-b79d-4ce9-8c63-aa03cf914794
Request Chain 506
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
Request Chain 507
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y2E1CQAAAH1aDgA7&gdpr=0&gdpr_consent=
Request Chain 510
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y2E1CcCo8X8AAJW.UkQAAAAA
Request Chain 512
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y2E1CCaLQ3UUI9ms.cYTAwAA%265329
Request Chain 513
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=zFx2rhZvR8tvpiW8kQBk&pi=gumgum&tc=1
Request Chain 514
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 517
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L9YC9S34-1K-6US9 HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9YC9S34-1K-6US9
Request Chain 519
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9YC9S34-1K-6US9 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L9YC9S34-1K-6US9

529 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
www.bg3.co/a/ 		51 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 , Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
01e04815103200455d51731849d512f6e706104abb4373f2b6e42e5272d61db7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Nov 2022 15:02:21 GMT
ETag
"cd80-JEvqF78Tom4udV98Gncc7YNZ9Tg"
Expires
Tue, 01 Nov 2022 16:02:21 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
ad2d94bc9242f8bc340a18b57e4515ba7726222cccff509b140254060744915e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 01 Nov 2022 15:02:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72656
x-xss-protection
0
server
sffe
etag
"bbbc87a61b096581"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Nov 2022 15:02:21 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a4309265903052524638da5af6d5447080aa47a72e9591a63f02c407f2b6c0be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 01 Nov 2022 15:02:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
sffe
etag
"0306c954ffbc2f1e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Nov 2022 15:02:22 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
02dcde77543120bc35b625b94c080f9be268af328c81fef34454a181caa8322d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 01 Nov 2022 15:02:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
etag
"6775092f92c2a700"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Nov 2022 15:02:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
f2164a3211cc8cb0f494c8925129fdc89f1acdc7fd35419de169c3415801c499
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 01 Nov 2022 15:02:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31972
x-xss-protection
0
server
sffe
etag
"750ba38df7e54722"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Nov 2022 15:02:22 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1645
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44539
last-modified
Thu, 27 Oct 2022 03:15:18 GMT
server
cloudflare
etag
"6359f7c6-adfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wiilAzTAHLkbkf5p0IWLrYQBu5GWybd51xleKCxndc9IhMdVtcIV0Qj7mWVg3pTsq9VFfUt38wV7Oyipo6K2q%2BV3GGy0KnwZfqdXsMyloq23bLA71kxR7w8K37L0j9aTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
763582d67e07dfa1-MEL

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 01 Nov 2022 15:02:23 GMT
content-encoding
br
last-modified
Tue, 01 Nov 2022 07:00:22 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=185, origin; dur=801
x-cf-geodata
AU
content-length
9035
expires
Tue, 01 Nov 2022 16:02:23 GMT
adpushup.js
cdn.adpushup.com/42753/ 		848 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0b438028bfa67d4d8e510277da5d2ef09e44259275b785306daa0194ec33eaa8

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 01 Nov 2022 15:02:22 GMT
content-encoding
br
last-modified
Wed, 26 Oct 2022 19:18:47 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=11
x-cf-geodata
AU
content-length
190253
expires
Tue, 01 Nov 2022 16:02:22 GMT
e0ee06c2c418c088d426b764c35da5ea.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e0ee06c2c418c088d426b764c35da5ea.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049287c739341feaaea55779dedef2fb1a8d27ecf96a813baa1adfd8a9fb3261

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 19:11:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E0EE06C2C418C088D426B764C35DA5EA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AenHnnDXbrfnkTIXXK%2Fneh670tZyxer9Mfdf4I2WHTCv4Vk%2BANFmHee8Kex0qotqbZ9d%2Bkj%2BsIr0z5QIjxz1rNljpdrvXER5lJLileonfc0xkh9s3snmIdnICMflEPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582d7ea053777-MEL
content-length
6491
expires
Tue, 08 Nov 2022 15:02:23 GMT
f4de87e149b8bee4be83dae759b2706b.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f4de87e149b8bee4be83dae759b2706b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
813bd8129f0d85af077a42b11cf5e159cf575e5cb4b4fb9755c07f68518c13e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 04:27:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F4DE87E149B8BEE4BE83DAE759B2706B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gPYYyv1FbkclCfvp0PKLNkyM%2FOALAWoXWL5HXVSrXeouGN2ZatlwhT9dv6L3pgP7Inf5oxPT8vFOyyd5kTQRDTZ5xl%2Fqh4whRGIkmHJbJK8IwWFOrnAe4aIT0CT8%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582d7ea073777-MEL
content-length
8859
expires
Tue, 08 Nov 2022 15:02:23 GMT
648ce0222ce0785265d5522b041d9550.jpg
static.bg3.co/imgs/202105/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/648ce0222ce0785265d5522b041d9550.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8494a92e1ff855ed072f3ccd7cb07a61ff843d3b3bc2166b61a0e844f3f557e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 06:35:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"648CE0222CE0785265D5522B041D9550"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dmaQzYotfGzmZU4fO1NKTCPicOQkxFtxtCwTwRkFc9GTQHlov02AWfVErXn8i56ZaVDfLv6jnQ660Bie%2FIdSUzTLulwmDaten9cfzJO0R3jg6EuJDDT0urAeyM8YfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582d7ea063777-MEL
content-length
9877
expires
Tue, 08 Nov 2022 15:02:23 GMT
9a61e560ed55a3e3f060c774ddab15a4.jpg
static.bg3.co/imgs/202106/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9a61e560ed55a3e3f060c774ddab15a4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c084f0a085fde56f21fbe98dd271ec6cec8c2fd8cf58c49c39a29f476d2d99

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 11:15:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9A61E560ED55A3E3F060C774DDAB15A4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c5KzN8g1ZBrDiBmSQ8va5HrgO3A5ToDBUY4y3249bs90%2F%2BxJwbA2o2I3ljf3W4R%2BZE02H3MDYGnpljsvpMotTMO98n%2BdqUYi0mEnoQKesbYgQvc4Yp5aHdGA3ja7Ao%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582d7e9ff3777-MEL
content-length
12620
expires
Tue, 08 Nov 2022 15:02:23 GMT
0f4a18088eef2e255238b79a54f9707c.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0f4a18088eef2e255238b79a54f9707c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33dce195ca850ff25398b0bfffdeec96356f9777c0f77d6535029e9705a0ddb1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 21:17:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0F4A18088EEF2E255238B79A54F9707C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJLZ7LHefAGTMprxpeGmFsatl6Fu%2BYEDUM62DmeZBnHpT6BeY96U%2BmqMnTDp8Mbj1n%2F0ClpQdvZFrdn%2BnQKmIfn1HHIXb%2BOl3ecXYZowG%2FxpOlUkCQb98HMCsTabwl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582d7ea043777-MEL
content-length
4263
expires
Tue, 08 Nov 2022 15:02:23 GMT
998d8dc90568c57dac7360b4e92091d9.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/998d8dc90568c57dac7360b4e92091d9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a43654ae4b4bce6e20dff843b3d7651ddd49d731b121fec07bfa49995d7505c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 03:31:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"998D8DC90568C57DAC7360B4E92091D9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YV7P5lhL3P49rWN60Il%2F792Ki2q8grS8PRg%2Bhq8aHTR1hKgVnf7W%2BiVi4pk1FsVyHiLBxetqdstyLePiz9tyjFrtzSbLZN3B8pVJqfn7gclLLPE6T%2BYAfcfTruBpneo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582d7ea033777-MEL
content-length
7604
expires
Tue, 08 Nov 2022 15:02:23 GMT
565188f87917cd583450197cf92074ad.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/565188f87917cd583450197cf92074ad.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61e073a889650ca898fe2b7889c69f2119e6e9c95df69d01048ee2d7a1b7049

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 03:26:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"565188F87917CD583450197CF92074AD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSFHOIKshLH8AEzUPiwzzlOQ%2FQ89rpTXIgqheu7z9KvqNCuMig%2B5JdUKjd1X8TMDntIBhPYwz9Bneuqeb%2BZUp0tf%2FioY4Hzlg1UZlWe1V3wlMaujGJush5wyyaUHu6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582d7ea013777-MEL
content-length
5045
expires
Tue, 08 Nov 2022 15:02:23 GMT
ec14838c7b7de8cb2d92e4d1cab0bc90.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ec14838c7b7de8cb2d92e4d1cab0bc90.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102ccb7abfb3860eb214a001d85862a4da4ed5e694bc25cfa5a5c6da145dccff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 10:48:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"EC14838C7B7DE8CB2D92E4D1CAB0BC90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wS6WWIV43GmaKo0CRldogU3Wc%2BbNmYGShfhERzgCaRJg52Vwq3%2F%2BMgR1wzwR4M1WZOz1M5Vba%2FeT%2BTEXkFgeIzxHm9w9t6kKuz1jbfxxbOVYQxteJCbB2%2B2DByZhZNc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582d7ea003777-MEL
content-length
6048
expires
Tue, 08 Nov 2022 15:02:23 GMT
6ec08b858be7905f7c7eb6acf2d3732d.jpg
static.bg3.co/imgs/202105/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6ec08b858be7905f7c7eb6acf2d3732d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e096b56d7b3224b0a0d33945157b62001d24f17368a5dd9a7deecf37cee612

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 22:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6EC08B858BE7905F7C7EB6ACF2D3732D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGc1er3%2BiXm4ZTVMxNzXyZDIsFOKbUdpGOfkxESHHI3IDeYDJOyHHZCkGBiioGoAM03H3iXszdQkLwomVYCJr55SVetmHWU1ga%2FXAmGizbSYTox7J28dINugqAjdWCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582dcdd103777-MEL
content-length
12096
expires
Tue, 08 Nov 2022 15:02:24 GMT
03fc48a236619b9f144f27b59c9ba17d.jpg
static.bg3.co/imgs/202110/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/03fc48a236619b9f144f27b59c9ba17d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7acace8f44f5b3f4cbb8e2786b9ae06dd85669e49b4ee3f35a0ec98cef165f02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
cf-cache-status
MISS
last-modified
Sat, 30 Oct 2021 04:06:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"03FC48A236619B9F144F27B59C9BA17D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pYpwhJY5r36alsMkI3AXL1Rlx1V13imqCaczihNwy43O9isA2Mv2PZ4xp5zbH%2FKKbrYcjKlVV5X%2F58%2Fvayg6S0Yda2j58oSaXqTscHdE%2BUJf2FAMIs1eAyOWGhUD2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582dfeef13777-MEL
content-length
6426
expires
Tue, 08 Nov 2022 15:02:24 GMT
922f37b5940e4502685800d0e446535b.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/922f37b5940e4502685800d0e446535b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c385cbfb4bd2ada2847a460006fcbc60941323a2426a6f71740775930bcba1c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 14:05:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"922F37B5940E4502685800D0E446535B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsYvMil19oBI2uJ%2FiWrqHl%2Fm2v2yFD4ViUPGJPmqb75eTyFGPzbMp9mzGvZMfHxbTcCRbtVr3HcleTpIbocwyOGKADMV5mypcxUE8fjpParOFHrSqVAmSwJ0iy2nanY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582e09f533777-MEL
content-length
6839
expires
Tue, 08 Nov 2022 15:02:24 GMT
2b1779ff5989f7806b81c47530157522.jpg
static.bg3.co/imgs/202108/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202108/2b1779ff5989f7806b81c47530157522.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b76a1114e93dc60819a1b1076c7f9873f3431ddf5bf221c2197cc88ad82439b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
cf-cache-status
MISS
last-modified
Mon, 02 Aug 2021 03:40:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2B1779FF5989F7806B81C47530157522"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGcIkQr3Hg2%2FZbXdJk9LlHKUfd6O4Ak6wvdZdrhcPJ1jW4JcUkyUXcqZ54fjPqbniKorZSqoHf3f1fG3siXyW3k5EtkIlIkp4ZjcLsagLSGdYOEs5x7wswG191ZIvlw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582e09f543777-MEL
content-length
9198
expires
Tue, 08 Nov 2022 15:02:24 GMT
4df0ca4dc9c75c7e1b9cdaa7fcc632c9.jpg
static.bg3.co/imgs/202105/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/4df0ca4dc9c75c7e1b9cdaa7fcc632c9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
609dfc2d4a85b136833c9010a2f0f30b380ba851f9ac370f1d834a7d8346253f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 02:37:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4DF0CA4DC9C75C7E1B9CDAA7FCC632C9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvkUxuC9nDqSDDVGOZacSCECOwsDIQIJxxJBkzm6t%2FSENV5UgkqMpJQzcDRSR1PbNaoMG7lUJzp%2FYpVoFDLylTVXQivf8sinzZDfSAO41GM%2F2VUf4E1dT4C86bTsnfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582e09f553777-MEL
content-length
12751
expires
Tue, 08 Nov 2022 15:02:24 GMT
e94c18185b2f478a86f0a0dd27d2e7d6.jpg
static.bg3.co/imgs/202204/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/e94c18185b2f478a86f0a0dd27d2e7d6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84aedc04921cf9d558550917fb78af7a7bd4735140a50093fba8719cc2b2f444

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
cf-cache-status
MISS
last-modified
Fri, 29 Apr 2022 10:34:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E94C18185B2F478A86F0A0DD27D2E7D6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwZGEAymZFniro9djLg8%2FDcmoQoJQx%2FgRW9CQ2V8VuQLdzZ60c0HC%2FiftCn0iR1GbvU00pyPpTKorvsP%2FyED5AXtZfXgKbADg7%2F16%2Ft9DZjsoXhbn9yTuGkgpwk29EI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582e3e9713777-MEL
content-length
6569
expires
Tue, 08 Nov 2022 15:02:25 GMT
4ec656a36d2979fcf6f0950f5d1af676.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/4ec656a36d2979fcf6f0950f5d1af676.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca35f2a1c73831ea689af594fc2c0e8bff4948f6b48bff08091507b10d134c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 13:02:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4EC656A36D2979FCF6F0950F5D1AF676"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsZABARMy7HATefGG3BFSV29Qe5XZA6%2BawFl3OW7xnbyHxHgJfsShRfIDFUShUZXvcTynYtujmXoj3WWK1UAPJ%2BPOQpcCopFZSMzCX6cGT28GO9cuzD710hmNbS%2BFzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582e3e9723777-MEL
content-length
5727
expires
Tue, 08 Nov 2022 15:02:25 GMT
f9f0fbf8c422b206e7b21527286f98f0.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f9f0fbf8c422b206e7b21527286f98f0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15016fc3078a739aefe3d4601c2185ffc7a0b8e73374491a467e5701490e48a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 16:18:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F9F0FBF8C422B206E7B21527286F98F0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oN6iBY3LtcNeFM8thBjy56HGItv5KiJtmNS9Gr29tveo4kgsc6bc6%2FFPjvBHKvvle3TG0JbT1iH3Pmxz6%2BQwARGCNv1S8VxdM7EGlZ2jlCOcmbUdA7fkGqm1r7KywHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582e429893777-MEL
content-length
6395
expires
Tue, 08 Nov 2022 15:02:24 GMT
bc1d8fc9835d2f0f2cecae2f8cf34a39.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/bc1d8fc9835d2f0f2cecae2f8cf34a39.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e9a99b68b712345e8202997de0d8d8e145b43fd2da7c798f22cc32fbc3f8c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 10:14:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"BC1D8FC9835D2F0F2CECAE2F8CF34A39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dv6XE6K2fvVjzQC3Vc4pSCwuJmiopJ22khqtUPLba49Z%2B6Y6cnZH0EuDvi45R1LqgIjz8CBAEE6KcnzHVmB6L7PwfaybqLxy%2B9ZXpgWsJ29dLr96f%2BhtOLw6ysrr6ow%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582e4298d3777-MEL
content-length
8525
expires
Tue, 08 Nov 2022 15:02:25 GMT
104ed5c6bdbb50ec34ccc4dafdc5d5eb.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/104ed5c6bdbb50ec34ccc4dafdc5d5eb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c48985297d47887789190b3745cc67d4633d31be13f9e77b8fd7a4077cf63069

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 10:14:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"104ED5C6BDBB50EC34CCC4DAFDC5D5EB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72qGYXLf%2FafnJGxzQMazmfqAHfLIwE%2FDGc9QWNrsJkAWHVglKQiSHSBIklxG0Q1WUUxTJNa%2FUAXBViWQXZ5WzIojMukt7s3t1A3YRdW%2FCOEQnHovKgdTpr0ZnG2N9dM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
763582e4298e3777-MEL
content-length
6296
expires
Tue, 08 Nov 2022 15:02:24 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
eca37871db74e9bfe2f151b95a17fe2d97f240c7db8300c9e2ad200772d383cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 23:49:14 GMT
age
313990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
server
sffe
etag
"41b57bdb55ba6b86"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 23:49:14 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a9b53e109c7232f3045fe2df204525df9a166743f8fc0b9285bca0c227168413
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 08:49:01 GMT
age
108803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23048
x-xss-protection
0
server
sffe
etag
"bccc869aadbc1eb4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 08:49:01 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
953 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
d413591550d4dcedd8b1167426a8d2432bd7f3213f1757ab8df1a348e958c7b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
504
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
1015b52f3adc6a317d7cb0d123b45eb32ef3cc33289e122d7b31fd04dcaa1398
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 02:50:56 GMT
age
389488
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3838
x-xss-protection
0
server
sffe
etag
"b3bcb79edd33208c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 02:50:56 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3657
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7riZ1u8UUV%2Bll6axyU%2Bxha41cyAXsDrf2FXNMFTJ8j0HW7xVKFP8c5MyfQQ2eZ9CETFYkdMgYaocQ9UOSEsP3OmvCiKLVZ1WhILQxrbPtRhQZ8bRaE98ZHrH8PP3hx1EpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
763582d71e4cdfa1-MEL
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:23 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:23 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9968916297598285&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:24 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.08376529818015954&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:23 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
cd247b5b6412f4a83d6be7f1addf05635b26635e6a6ffb3db69b95fe940c4917
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 11:17:45 GMT
age
99879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10256
x-xss-protection
0
server
sffe
etag
"23f464919529ac52"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 11:17:45 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F348 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
17dbfdbaad7445f1c5ac46e2a97eb2e9b30151f7bde6ece690c887f041e58efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40167
x-xss-protection
0
server
cafe
etag
9460122462893819034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 01 Nov 2022 15:02:23 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame DEF6 		714 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3835
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
763582dc48f35a8b-MEL
content-encoding
br
content-type
text/html
date
Tue, 01 Nov 2022 15:02:23 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxYx2HIZ46Fo0uTj0CcGfP0tZirlT13JmcjTqQNIAixsk7UKZ03DhWPKxUaTHkMQP0rRlyFoCWG91SJPnL07gwVOqCsdB%2B52zeU6k49vwBp4jgqZXJ2Uky7RYy%2FbTfLuSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:25 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 8A03 		714 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3835
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
763582dc791c5a8b-MEL
content-encoding
br
content-type
text/html
date
Tue, 01 Nov 2022 15:02:23 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeqDXaXZmKEb60M%2Ft%2FUTRPZSRcnB646fzrXeED8igNGQKvLLywp4363KufpbD6PxuZKfGYrJtTylFFc%2FXrXjNeJr1Ax0tCWCCiiXdh3aPa8wUJBg8SoMp1z47sO1mOATaA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DEF6 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
sffe /
Resource Hash
4184848116254c260a6056065742ef2bb2fa75e1e9b155b67300662179981624
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27399
x-xss-protection
0
server
sffe
etag
"1380 / 215 of 1000 / last-modified: 1667300679"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 01 Nov 2022 15:02:23 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJGGhZsGEogBCiQ3ZDA2OTUxMy1mMzdlLTRkMGEtYTIwZC1jMWFhZTQzMjk3MGUQ6JCNkN3O+gIaBgiB6oSbBiINMTAzLjIwOS4yNTQuNSiK2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDFlZGQwMmQ4LWY2YjUtNGNkNS04OGM4LWNjNmE2YTY5NWJjORib8QE=.ZvZ5ceaQ4DxHPI1UITL/S/l+bPLGvh2NOhYerGkuSGQ=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1667314945.dop217.la3.t,1667314945.cds241.la3.hn,1667314945.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8A03 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
sffe /
Resource Hash
c3f3cc6712358bbb87082b9889725ae203f5901c681a0829718f439ce1546510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27584
x-xss-protection
0
server
sffe
etag
"1380 / 619 of 1000 / last-modified: 1667300733"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 01 Nov 2022 15:02:23 GMT
gtag.json
cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Oct 2022 06:16:34 GMT
age
290749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"0952bb84868037c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 Oct 2023 06:16:34 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJGGhZsGEogBCiRmOWRmYjFkNS1iODNiLTQ2YmQtYjg1My00YzZjYjc4M2Q1NGUQ6JCNkN3O+gIaBgiB6oSbBiINMTAzLjIwOS4yNTQuNSiK2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDllMGRkZTVlLWI0ZjgtNGE0My1hY2Y1LTlhOWMwMDhmMjI1Yhi46QE=.NhS9jLlSu3p9sup+ayfseAclusQ5NILKnLD4SIcEP04=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1667314945.dop217.la3.t,1667314945.cds241.la3.hn,1667314945.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ Frame F348 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
d50873ff85ee0621229f4340fb5a7cbd95d687dc51e0377fdf6dc95aec504abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119019
x-xss-protection
0
server
cafe
etag
5793260754206763117
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Nov 2022 15:02:25 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022102701.js
securepubads.g.doubleclick.net/gpt/ Frame DEF6 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 17:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130801
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 08:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Oct 2023 17:31:48 GMT
pubads_impl_2022102402.js
securepubads.g.doubleclick.net/gpt/ Frame 8A03 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102402.js?cb=31070571
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
e300b758cb554964985e8ed30626a0a9ab60eaeac6677708a64f05e1d2a1a571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131038
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 19:31:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 26 Oct 2023 01:42:24 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%88%BF%E5%B8%82%E6%95%B2%E8%AD%A6%E9%90%98%EF%BC%81%E3%80%8010%E6%9C%88%E5%8D%97%E4%BA%8C%E9%83%BD%E4%BA%A4%E6%98%93%E9%87%8F%E3%80%8C%E7%B8%AE%E5%88%B05%E5%B9%B4%E6%96%B0%E4%BD%8E%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.3050251237774626&gjid=0.8268045146586327&_r=1&a=5144&z=0.7530413109203369&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame DC77 		100 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
178f1ea47fde31d42f1f1533bdeb60348dab04db6b959f54ad6e5c1cb8968d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34463
x-xss-protection
0
server
cafe
etag
7007463270180754080
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 01 Nov 2022 15:02:24 GMT
integrator.js
adservice.google.com.au/adsid/ Frame DEF6 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DEF6 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DEF6 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=292449634905152&correlator=3530206006850173&output=ldjh&gdfp_req=1&vrg=2022102701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1667314944710&lmt=1644386353&dlt=1667314943468&idt=1211&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hknymj4brmzv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=564128483.1667314945&ga_sid=1667314945&ga_hid=1691437295&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
3da97220ba3388c499ce1ae4258a2aeb0b0c20ab49fb267286d6641e85bd1270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6730529b080eec956a27675ab371c12d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1DD7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6730529b080eec956a27675ab371c12d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:25 GMT
expires
Wed, 01 Nov 2023 15:02:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 8A03 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102402.js?cb=31070571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8A03 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102402.js?cb=31070571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8A03 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2894551627820154&correlator=46603759781094&eid=31070571&output=ldjh&gdfp_req=1&vrg=2022102402&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1667314944799&lmt=1644386353&dlt=1667314943519&idt=1260&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hqat7iyltxtj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=789384473.1667314945&ga_sid=1667314945&ga_hid=2122107681&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102402.js?cb=31070571
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
001765f8397279a40a2318933cf1316454a65fde0b8f24fa9f87c361b20a1fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5b070f71561b5d3397630aece1716407.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B49 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b070f71561b5d3397630aece1716407.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102402.js?cb=31070571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:25 GMT
expires
Wed, 01 Nov 2023 15:02:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ Frame DC77 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
d50873ff85ee0621229f4340fb5a7cbd95d687dc51e0377fdf6dc95aec504abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119019
x-xss-protection
0
server
cafe
etag
5793260754206763117
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Nov 2022 15:02:25 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210172057000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210172057000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
dba93323689cff5411c64ff0756958c6ccb41d970f9b017a4bc76a38954d0e4b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Oct 2022 10:37:41 GMT
age
361484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57887
x-xss-protection
0
server
sffe
etag
"2949ba982c8f3926"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 28 Oct 2023 10:37:41 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F348 		379 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
0407b8375e184a2d7d09dd8fc468ff58a7c73f30316fe87cd82757fa9cec8f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame F348 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F348 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 0D4E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
209
content-length
673
content-type
text/html
date
Tue, 01 Nov 2022 14:58:58 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
x-amz-cf-id
wZFdGlnunt42P8tOAU5DdAV5BXra48-UuhN3FFxtd_TRx2w4B3plyQ==
x-amz-cf-pop
NRT12-C5
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:26 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame DEF6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
9f1f25d2de7025b4df6316e6c428b67db02a9c652928044b5fe4f6b02c7b070b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11107
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8A03 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102402&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102402.js?cb=31070571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
9f3a19606efcdee2e3636f42ac1debb5536563025ef09dfc1a3ae88a13384567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11259
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame DC77 		379 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
5609d228cf036500872989ffea6ec42a0d7f1b0da992a15d2c20ee2d3423b35a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame DC77 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DC77 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EBDA 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a299eb6284063fbab26133dbd699cecc7bbc799c9f55c0ba7381f17d476daf46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11871
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:26 GMT
expires
Tue, 01 Nov 2022 15:02:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.json
adservice.google.com/adsid/ 		86 B
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-3777821193461222479.ampproject.net/2210172057000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-3777821193461222479.ampproject.net/2210172057000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame CF5A 		603 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-9864332413242520446&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3096&oid=2&is_amp=5&amp_v=2210172057000&d_imp=1&c=391121005144&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&ga_hid=5144&dt=1667314945676&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&bdt=4136&dtd=208&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210172057000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:26 GMT
expires
Tue, 01 Nov 2022 15:02:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DEF6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 15:02:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8A03 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102402.js?cb=31070571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 15:02:26 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
94168
expires
Wed, 01 Nov 2023 15:02:27 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=8
accept-ranges
bytes
content-length
317
expires
Wed, 01 Nov 2023 15:02:27 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
17440
expires
Tue, 01 Nov 2022 16:02:27 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
4184848116254c260a6056065742ef2bb2fa75e1e9b155b67300662179981624
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27399
x-xss-protection
0
server
sffe
etag
"1380 / 75 of 1000 / last-modified: 1667300679"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 01 Nov 2022 15:02:26 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:26 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame EBDA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 22:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
60044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Nov 2022 22:21:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame EBDA 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 22:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
60047
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Nov 2022 22:21:39 GMT
l
www.google.com/ads/measurement/ Frame EBDA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmnhawDn-fugS3uLh3p2zu98cOr2RRnx6yei_ZJcTOpMT6OOwKxpIURdvA7vQGWSpixAmC8MMcSMSJVZjRsJocPGAZUA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBDA 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47682
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667216034053804"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 15:02:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EBDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQN2wATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9AFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFDrDHU12t9kC5U96xXsAjbV21ogeJ21DTVHa1yvIseyZmNT9mf47gAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=ToHIUFjXXs4&uach_m=[UACH]&cid=CAQSKQDq26N9n19jhI-j0Iqc_60OpLpdiD2O6YZzD4S5sXAxtVB6TWiPuWudGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 01 Nov 2022 15:02:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame EBDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k861FJzIC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQATVhY94lIzs-5-gymVXPABIAAA&wp=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
163287
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame C5CA 		172 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
15e8278ebb5160f2564d927fde4c87af9281e0d4f90b71b4bde38f262503fc96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=JwMO_nL7Hha3MN1wAHt0VDXmdh2ysR6FM0ldz8ndWTZCDNc5h_oiKJRmKo2PYL6xi7b0_l_9Bb-l2DpxvNvhxj9hZA0dVWkT1HYHUztv0kS1uECVkPQmi1bCivMDUg7W6HIFemM7D72CLbhDFHaONhyk_S2iuZ8vpZs4ZTWseGSm-W6ziEgo4HyyyVRwiQ-IEwgyE-yhbzNFMRrGvPlrGLfuoQjOBXWxUEpjS9MJQphlVzWqK-YW9zv2v05KQmqjO8Rv1ZOSB4lXZNwV"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
72556951
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C4B5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 13:11:01 GMT
etag
48472445140208031
expires
Wed, 02 Nov 2022 13:11:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjczMTQ5NDYyMzUsInBhY2tldElkIjoiMDAwMEE3MDEtMGNkNjUzNTQtM2I4NS00MGJmLTgwOWQtN2IzNWNjMDdiOGI5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Zhbmctc2hpLXFpYW8tamluZy16aG9uZy0xMHl1ZS1uYW4tZXItZHUtamlhby15aS1saWFuZy1zdW8tZGFvLTVuaWFuLXhpbi1kaS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=5900.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjczMTQ5NDYyMzYsInBhY2tldElkIjoiMDAwMEE3MDEtMGNkNjUzNTQtM2I4NS00MGJmLTgwOWQtN2IzNWNjMDdiOGI5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Zhbmctc2hpLXFpYW8tamluZy16aG9uZy0xMHl1ZS1uYW4tZXItZHUtamlhby15aS1saWFuZy1zdW8tZGFvLTVuaWFuLXhpbi1kaS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=5900.900000095367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjczMTQ5NDYyMzYsInBhY2tldElkIjoiMDAwMEE3MDEtMGNkNjUzNTQtM2I4NS00MGJmLTgwOWQtN2IzNWNjMDdiOGI5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Zhbmctc2hpLXFpYW8tamluZy16aG9uZy0xMHl1ZS1uYW4tZXItZHUtamlhby15aS1saWFuZy1zdW8tZGFvLTVuaWFuLXhpbi1kaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=5901.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjczMTQ5NDYyNDEsInBhY2tldElkIjoiMDAwMEE3MDEtMGNkNjUzNTQtM2I4NS00MGJmLTgwOWQtN2IzNWNjMDdiOGI5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Zhbmctc2hpLXFpYW8tamluZy16aG9uZy0xMHl1ZS1uYW4tZXItZHUtamlhby15aS1saWFuZy1zdW8tZGFvLTVuaWFuLXhpbi1kaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=5905.400000095367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjczMTQ5NDYyNDMsInBhY2tldElkIjoiMDAwMEE3MDEtMGNkNjUzNTQtM2I4NS00MGJmLTgwOWQtN2IzNWNjMDdiOGI5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Zhbmctc2hpLXFpYW8tamluZy16aG9uZy0xMHl1ZS1uYW4tZXItZHUtamlhby15aS1saWFuZy1zdW8tZGFvLTVuaWFuLXhpbi1kaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=5908
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1667314946256
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 01 Nov 2022 15:02:26 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=78
accept-ranges
bytes
content-length
631
expires
Tue, 01 Nov 2022 16:02:26 GMT
pubads_impl_2022102701.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 17:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130801
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 08:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Oct 2023 17:31:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Tue, 01 Nov 2022 15:02:26 GMT
pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEEiyNz7xTnEb8IeO8leJWOM&google_cver=1&google_push=AZmPxg9D_9eWbUY8hDBOk0UK1I5o01dfUyxpgvVPMYoVSrihSUdItn9ZjxzJ5owIf0QOL4SE10C2I3sn_vp03lAtP1XxbW3nZH205A
  • https://rtb.openx.net/sync/dds?google_gid=CAESEEiyNz7xTnEb8IeO8leJWOM&google_cver=1&google_push=AZmPxg9D_9eWbUY8hDBOk0UK1I5o01dfUyxpgvVPMYoVSrihSUdItn9ZjxzJ5owIf0QOL4SE10C2I3sn_vp03lAtP1XxbW3nZH205...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9D_9eWbUY8hDBOk0UK1I5o01dfUyxpgvVPMYoVSrihSUdItn9ZjxzJ5owIf0QOL4SE10C2I3sn_vp03lAtP1XxbW3nZH205A&google_hm=XbB6youayXghmMIVic1SLg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9D_9eWbUY8hDBOk0UK1I5o01dfUyxpgvVPMYoVSrihSUdItn9ZjxzJ5owIf0QOL4SE10C2I3sn_vp03lAtP1XxbW3nZH205A&google_hm=XbB6youayXghmMIVic1SLg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:26 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9D_9eWbUY8hDBOk0UK1I5o01dfUyxpgvVPMYoVSrihSUdItn9ZjxzJ5owIf0QOL4SE10C2I3sn_vp03lAtP1XxbW3nZH205A&google_hm=XbB6youayXghmMIVic1SLg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
gvceeqmp4e9bfdurljbofeu3mob38ppl
pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=os2oqs2HSpiR5wicNtzbLQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=os2oqs2HSpiR5wicNtzbLQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8mIPrl_aDlZaG1DcFrXRMWsZ4S_fpYZ0yPibeQCrIK2kGy_dQGZORrNBb9m1Sd5nPy6PnYVV10Tri54RcLcO5Re_HpQxg7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=os2oqs2HSpiR5wicNtzbLQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8mIPrl_aDlZaG1DcFrXRMWsZ4S_fpYZ0yPibeQCrIK2kGy_dQGZORrNBb9m1Sd5nPy6PnYVV10Tri54RcLcO5Re_HpQxg7
date
Tue, 01 Nov 2022 15:02:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBc3gqpq4lkyBk0z7aWekl8&google_cver=1&google_push=AZmPxg9ua3My5a3h6wUc9hvAzDs_9nMmtegbVik2_t8706OQJO3bJtIft6MSHEH2Z-u1-NpmtViLSIMQkpt1wwbzCO...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwMDg5MTE1NzQxNzY3NTY5MQ&google_push=AZmPxg9ua3My5a3h6wUc9hvAzDs_9nMmtegbVik2_t8706OQJO3bJtIft6MSHEH2Z-u1-NpmtViLSIMQkpt1wwbzCOkUu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwMDg5MTE1NzQxNzY3NTY5MQ&google_push=AZmPxg9ua3My5a3h6wUc9hvAzDs_9nMmtegbVik2_t8706OQJO3bJtIft6MSHEH2Z-u1-NpmtViLSIMQkpt1wwbzCOkUu4gHfzFm_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwMDg5MTE1NzQxNzY3NTY5MQ&google_push=AZmPxg9ua3My5a3h6wUc9hvAzDs_9nMmtegbVik2_t8706OQJO3bJtIft6MSHEH2Z-u1-NpmtViLSIMQkpt1wwbzCOkUu4gHfzFm_Q
Date
Tue, 01 Nov 2022 15:02:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEKOErb2_piz2Uv7abaKUB3s&google_cver=1&google_push=AZmPxg8ARHbtlrSm514qeshupnSTaK7QtwCRp1LNeAux0EykYNZ2XTP9iTCeyN2MI-c-c8BcP26D22crXaL7M9lHratHu53m_...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwMzE2NTQ2MTUzMDE0MjAwMFYxMA%3d%3d&mn_hm=MzEwMzE2NTQ2MTUzMDE0MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8ARHbtlrSm514qeshupnSTaK7...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwMzE2NTQ2MTUzMDE0MjAwMFYxMA%3d%3d&mn_hm=MzEwMzE2NTQ2MTUzMDE0MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8ARHbtlrSm514qeshupnSTaK7QtwCRp1LNeAux0EykYNZ2XTP9iTCeyN2MI-c-c8BcP26D22crXaL7M9lHratHu53m_R-4lQ&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:26 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwMzE2NTQ2MTUzMDE0MjAwMFYxMA%3d%3d&mn_hm=MzEwMzE2NTQ2MTUzMDE0MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8ARHbtlrSm514qeshupnSTaK7QtwCRp1LNeAux0EykYNZ2XTP9iTCeyN2MI-c-c8BcP26D22crXaL7M9lHratHu53m_R-4lQ&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 01 Nov 2022 15:02:26 GMT
pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFaIIDBXXCxFsHqkERukT1s&google_cver=1&google_push=AZmPxg880A6wbColInzSs8NB8CDJ8gZuYdn7clavP11y7vgLksjbbQ6JLdKhtbPP27RSjsHA_czbn0...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg880A6wbColInzSs8NB8CDJ8gZuYdn7clavP11y7vgLksjbbQ6JLdKhtbPP27RSjsHA_czbn0rpSrP5P4IBnbvp15Gbe54r&google_hm=ODczNjU3Mz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg880A6wbColInzSs8NB8CDJ8gZuYdn7clavP11y7vgLksjbbQ6JLdKhtbPP27RSjsHA_czbn0rpSrP5P4IBnbvp15Gbe54r&google_hm=ODczNjU3MzE3MjUyODI3NzAzMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg880A6wbColInzSs8NB8CDJ8gZuYdn7clavP11y7vgLksjbbQ6JLdKhtbPP27RSjsHA_czbn0rpSrP5P4IBnbvp15Gbe54r&google_hm=ODczNjU3MzE3MjUyODI3NzAzMg%3D%3D
date
Tue, 01 Nov 2022 15:02:27 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGDqkpQNTLr3TyyT5NKBye8&google_cver=1&google_push=AZmPxg_qynm3tCGkZT1bcnDcQDBYXxA85qnh4cVJv3Q-81jcyjXWZGTYL43iH8WO2IcC672YP0...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGDqkpQNTLr3TyyT5NKBye8&google_cver=1&google_push=AZmPxg_qynm3tCGkZT1bcnDcQDBYXxA85qnh4cVJv3Q-81jcyjXWZGTYL43iH8WO2IcC672YP0...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lRGFDSDhORTJ1R1NLcEpISDlLWDdscGJ6Y3VuTkhieX5B&google_push=AZmPxg_qynm3tCGkZT1bcnDcQDBYXxA85qnh4cVJv3Q-81jcyjXWZGTYL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lRGFDSDhORTJ1R1NLcEpISDlLWDdscGJ6Y3VuTkhieX5B&google_push=AZmPxg_qynm3tCGkZT1bcnDcQDBYXxA85qnh4cVJv3Q-81jcyjXWZGTYL43iH8WO2IcC672YP0NPoGF3c1SqdqwGOzk0tnpqTOvRuWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lRGFDSDhORTJ1R1NLcEpISDlLWDdscGJ6Y3VuTkhieX5B&google_push=AZmPxg_qynm3tCGkZT1bcnDcQDBYXxA85qnh4cVJv3Q-81jcyjXWZGTYL43iH8WO2IcC672YP0NPoGF3c1SqdqwGOzk0tnpqTOvRuWA
date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJAmu8CAPcToL9-MrkDX-Jk&google_cver=1&google_push=AZmPxg_FKdT5AcbpzxPdLEUb8NJgwpYEhSUaMUOP6fR0z6bteyh30VVe-pZubvhhEm-Xc0paA7AdIqaxivch8kyvMKJY-xS5h...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_FKdT5AcbpzxPdLEUb8NJgwpYEhSUaMUOP6fR0z6bteyh30VVe-pZubvhhEm-Xc0paA7AdIqaxivch8kyvMKJY-xS5hlkFjgs&google_hm=cc485df27d7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_FKdT5AcbpzxPdLEUb8NJgwpYEhSUaMUOP6fR0z6bteyh30VVe-pZubvhhEm-Xc0paA7AdIqaxivch8kyvMKJY-xS5hlkFjgs&google_hm=cc485df27d749de673ce7882313132ae
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_FKdT5AcbpzxPdLEUb8NJgwpYEhSUaMUOP6fR0z6bteyh30VVe-pZubvhhEm-Xc0paA7AdIqaxivch8kyvMKJY-xS5hlkFjgs&google_hm=cc485df27d749de673ce7882313132ae
date
Tue, 01 Nov 2022 15:02:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame C4B5 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_9C4xNnmIYoOuq9sCXDjN2PnaILBDlGay0s25f4AEHU005dftC_TKQjMoj9zPUqVrzYznLNk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame EBDA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06143ddb66eb487130e9ab1fcd9d637cd49e83cb51450930d18bf158b828c1c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB35 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
83948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Oct 2022 15:43:18 GMT
expires
Tue, 31 Oct 2023 15:43:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2352 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
3f1d01347f505c92680bc260bf02bd49d364d1616016f6f948ad903f85f72f12
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pRbOvNmPublSEibsl9fo1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-pRbOvNmPublSEibsl9fo1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:26 GMT
expires
Tue, 01 Nov 2022 15:02:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A80F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
83948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Oct 2022 15:43:18 GMT
expires
Tue, 31 Oct 2023 15:43:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D39A 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
6490adad95087b887f0ae5d70814007b6a57b0321c5c6fc1a026d258e10f53ba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w9cDwz6yjpwzrrGYaBd_lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-w9cDwz6yjpwzrrGYaBd_lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:26 GMT
expires
Tue, 01 Nov 2022 15:02:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2352 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102701&jk=292449634905152&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D39A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102402&jk=2894551627820154&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
privacy_small.svg
static.criteo.net/flash/icon/ Frame C5CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:27 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame C5CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C5CA 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 27 Oct 2023 15:02:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C5CA 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 27 Oct 2023 15:02:27 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame C5CA 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=XIo1FO8k-x8deb9oStpNzgMQ_zaelC-TjHc6b_eD6t3yy82_FxhxLDUoC06F7NHwPCcIt1AoI09Zcg9IRp1TlI84bGM13d8oMY0NhUf32inHDhuKlQjFEjjeQqtGVfPldByiHQyUWtP5YMZ6lyKVsEfrIA0sXFlD9PZrN5Z2TPjDQeJbbR-evLXrtTpsfaD9gRNKGgMvErGJTcSP97AjfBgth3FNyxKjQ_ii3t36Ieufx_ZwqlEA9wi5AOqhB9kN_Mpx9Bk6yg_jhlD3bWi0OZ-EctGemLBpCb2v2sNKLzzQxQib7yJ6mrt_LS38w0RH-9F8gRGyEGc6SfelCs3A2LqJpmj9cpf3tS2vjcBLZh2T02IlujQPldiyEwbfEyo2tAGdiiTFRFf_05Sxm0IPTh5ZKqlonAtolsCtv2RapTYMsi5h
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2746273
expires
Mon, 26 Jul 1997 05:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0D4E 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
79cd1b975bfdcefba587178e02be8022c3061b66b10b75ed1c56264df094f614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40167
x-xss-protection
0
server
cafe
etag
4543365506110734666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 01 Nov 2022 15:02:27 GMT
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame AB35 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 01:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Oct 2023 01:53:44 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C5CA 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
306220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjN40voq4Alm%2BPSq8gFeUnW5EEiwzIR6BnbSm%2B4msh2%2F1djOZO%2FFEJ6uvf2cB224mvsIp%2BZydA6NFqUOomTGKBKnZaS1aC%2BNXulhqoP7DV8z8SXe6aBCK3Fj6OR9xirvPFW%2FttXq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
763582f41d7817cb-MEL
expires
Sun, 22 Oct 2023 15:02:27 GMT
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame A80F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 01:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Oct 2023 01:53:44 GMT
animejs.js
static.criteo.net/animejs/ Frame C5CA 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:27 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=98328&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F98328%2F220804%2F7ba2d22d6eed4b5d84faf95670d20a8d_bubba_bump_logo.png&v=3&w=668&s=EfE6JGDlweYYu1IJtH0g7XjK
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4f717ef7b790e028b442121ad67d8aacceda3e7b282ead53d5453379d559e424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28728417
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13021
expires
Sat, 30 Sep 2023 03:09:24 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2FScreenShot2021-03-17at1.08.37pm.png%3Fv%3D1619507040&v=3&w=400&s=GLKO3Z0pqKty8t8jxp_HjgKu&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ef0746632eb63f7110ab4bf659f4cc5c5cab6c6af06acfed1e5bb6b47c19d806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30068997
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7418
expires
Sun, 15 Oct 2023 15:32:24 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2FScreenshot_2019-03-29_16.41.00.png%3Fv%3D1619510766&v=3&w=400&s=Sr2JF4w_GmgylPNAt8_dDa4n&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e7345184b30aafeaf79febf1329591a401046bb725d059d1b1982b63ff2cecb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29879057
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10320
expires
Fri, 13 Oct 2023 10:46:44 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2FPhoto5-8-21_14717pm.jpg%3Fv%3D1628641541&v=3&w=400&s=zcwkHv2WrePN7jtduBuKHeyA&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a047da4062a51691dc2db494a89bb2f85abdd36cd2d278a6d62196df159b5685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29517450
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23768
expires
Mon, 09 Oct 2023 06:19:58 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2F121A0833_websize.jpg%3Fv%3D1656414625&v=3&w=400&s=2FmEIIGqg5GXQH-VBjCdKCUV&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9fec289372e6d2ae1d0c0cea24a79ddbe14155c69d736ff01f0ac90419f6426f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29212962
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1888
expires
Thu, 05 Oct 2023 17:45:10 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2F121A0927.jpg%3Fv%3D1656462089&v=3&w=400&s=uO45W5sdiMPRgRlVucMVwkKp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
88974e9fa2ae8eef6a3cda59172bf279353a7110a9f9bc0ebdb1db5948514aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29280758
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3030
expires
Fri, 06 Oct 2023 12:35:06 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2F2_0b1d3b8e-1dd2-4b00-919c-d2af1f14fcfe.png%3Fv%3D1661758983&v=3&w=400&s=9jaug0E9avYEuFZ9n1dxY50j&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
13a0808aa1d705ca7a3881cb67d8d6e28f99da10083c43fb03ca2981df5897c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28852065
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10924
expires
Sun, 01 Oct 2023 13:30:12 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2FPhoto22-1-21_125858pm_1.jpg%3Fv%3D1619506715&v=3&w=400&s=xIS7rFkyQkt-gzf1DfQoCq2u&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
18b4e5e95f755ada7152b380f93284a12bec400dd9ebc97b01c640be5f467f99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29883225
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16500
expires
Fri, 13 Oct 2023 11:56:12 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2Fimagejpg_77b92e10-054c-4d6f-bfdc-351f95fda0b3.jpg%3Fv%3D1619510634&v=3&w=400&s=GuXozFsCSRzH4loDtT66jQ5H&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4c54a7167d8f46db25633861195e63418e352c2901317be7c962edb16325f67c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29254604
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17404
expires
Fri, 06 Oct 2023 05:19:12 GMT
img
pix.as.criteo.net/img/ Frame C5CA 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98328&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0041%2F5016%2F5622%2Fproducts%2F121A0029.jpg%3Fv%3D1654647694&v=3&w=400&s=JocBnS5R4mVWR9iKemT6t71L&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
5d87c4d8b3ef0754c0cd891849d57881cbc84c79cd76bcd3ac31469fdd3156e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29254574
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5306
expires
Fri, 06 Oct 2023 05:18:42 GMT
all
csm.as.criteo.net/ Frame C5CA 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=JwMO_nL7Hha3MN1wAHt0VDXmdh2ysR6FM0ldz8ndWTZCDNc5h_oiKJRmKo2PYL6xi7b0_l_9Bb-l2DpxvNvhxj9hZA0dVWkT1HYHUztv0kS1uECVkPQmi1bCivMDUg7W6HIFemM7D72CLbhDFHaONhyk_S2iuZ8vpZs4ZTWseGSm-W6ziEgo4HyyyVRwiQ-IEwgyE-yhbzNFMRrGvPlrGLfuoQjOBXWxUEpjS9MJQphlVzWqK-YW9zv2v05KQmqjO8Rv1ZOSB4lXZNwV&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C5CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:27 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C5CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:27 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ Frame 0D4E 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
6aa29b65ce8ed708e234ee7d45fcc28071249cb18000fa2f4d97244fd0234911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119019
x-xss-protection
0
server
cafe
etag
6548292440890779061
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Nov 2022 15:02:27 GMT
generate_204
tpc.googlesyndication.com/ Frame AB35 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?sgtiCw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame C5CA 		1 KB
913 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
e58bb65e5ce1a00715d3571d44cf9040e3f2cc2bc2f6eae3e2caa25607fb0d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 15:02:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Nov 2022 15:02:27 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 0D4E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0D4E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
adx.holmesmind.com/adx-file/20221028/ Frame DC20
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
518 B
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37f50d698d42ce99170a2117356631ff733cf3a48df3b67942e3aabda4eb05b7

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1108
content-length
518
content-type
text/html
date
Tue, 01 Nov 2022 14:44:01 GMT
etag
"d9aea810b32fadbacb3637ab543fac5b"
last-modified
Fri, 28 Oct 2022 03:32:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
x-amz-cf-id
WcTXAF-ZlRoNv4UR1pY5eDQyEa4K7VZSA1akHU4oK1p9zDQaWm30ww==
x-amz-cf-pop
NRT12-C5
x-amz-version-id
PBTRTzTSdy.l4vMDLrIlX3EeTKvfonWS
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:27 GMT
location
https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame A80F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?N4Gtgw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221101
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c094de646468d98ffe85d965ddb7da81989f3c5aeef86f59f5fb5dc7068090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
63
x-jsd-version
1.0.1511
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4537-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"669-hJ42GnCV1pgb/LIQWT9FGqkDkqM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqqfHI31gN9bSLv303ZsEDGQu3Lgzc%2FBsWjxjezPTvPIHoiHZh2DJdQU1wW0WygGRDCrMI%2B6WfOqBAAscBsJ%2FwhrFRG76jCzuzleTyWGY1ITqLG8farPTzQCDx77A%2FKf5r4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
763582f8c8095a7f-MEL
bid-request
a.teads.tv/hb/ 		16 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 01 Nov 2022 15:02:28 GMT
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b6c298027e737f4a6c7f3ddf9aa9601058aa90f70159aee34bdcb0089339ddfe

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 01 Nov 2022 15:02:28 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=aa1eafa4-53e5-419a-9508-d7c73d48218b%2Cd275e8bf-26a2-401b-9131-22ba5b7c1092%2C05f35627-6b4b-4657-bcfc-6a8ec23a9af4&nocache=1667314947764&pubcid=9276d684-081a-4a7d-bcdf-205490cef536&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
60466fc9cd4e6b2b2f7a9a4303dde2abfde049ef7588d124b138d486534f8d8d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=88c165da-c3b6-4f0e-8103-a12cca10f476&nocache=1667314947765&pubcid=9276d684-081a-4a7d-bcdf-205490cef536&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=814735cf-03c6-4e6e-8d1a-1dbba3337c4f&nocache=1667314947765&pubcid=9276d684-081a-4a7d-bcdf-205490cef536&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b6b0c6df-8bda-460b-9119-6c8b35fa1f05&nocache=1667314947765&pubcid=9276d684-081a-4a7d-bcdf-205490cef536&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		49 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9ecdb6cc0ed3ba5910288b678955425d52180166235681701fa48fc90811a294
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 01 Nov 2022 15:02:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2804802a-6271-443a-ae84-d51b5d424ed2
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.189.51.32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-51-32.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Nov 2022 15:02:28 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
13
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		584 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
95928ff91c21039d1f10bba6d4f111a722c1de0a6a003e5aac96c5be2412146c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
133
content-length
301
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.75.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-75-205.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
80378b539376ef85a01c3563b1fab00dd57122085a184cc2c470d9ad511a78a5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.75.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-75-205.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
09d2e43f6fcd464259619898771d94cb963ecc071899c50d151bb3946ed73769

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.75.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-75-205.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
9e4116028965f182dbb7f77195fb6f470985e23d09c44002ceca88e83b2fea56

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=9276d684-081a-4a7d-bcdf-205490cef536%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=9b37149b-5e84-4891-abc2-f4d542243ca4%3B39fdd8c5-d6d2-4d6e-9cf5-43f0f90ea62a%3B24507fe1-a984-43a0-9cf6-36c5502f014a&l_pb_bid_id=35c5899bf81999c%3B36809c1ece9c0e6%3B3701600888eb5e2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.8324746518706159
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
80e2f7e2f74ce8084f774a117abf23e88898695afa9d459e8482374064f69bb5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223846b0118e988e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245965c527cd7776%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%224868a6b88cf8c1f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2249b1aacee6938ce%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229276d684-081a-4a7d-bcdf-205490cef536%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d262e39b90e72e3d8202728a95f96c564c5179ad756ee3ccecba98169b4501d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6mzX3PfeQkxS0jDglqmg%2FCsJHt0rhOwIAywSLW3gWa0qOqrjcwh0YaWB6BdYa8mHm7tYlkzH2b1mWMoy0bh51C%2BvvKH9dsGPcEgpP5B3aPfpnoH38sMqU%2Bz8GmGmInDOysQBnql"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
763582f90dce3771-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223846b0118e988e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224868a6b88cf8c1f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2249b1aacee6938ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229276d684-081a-4a7d-bcdf-205490cef536%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d262e39b90e72e3d8202728a95f96c564c5179ad756ee3ccecba98169b4501d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfMuVqbmR7ZdBPKYH9oc7HSPWJtHhITN5cw0j3bDlUF8ou7DPUsrWrz1UiFkZA3Utb%2Fd9BPr60xXgpf6XzExCxCwskv7A%2FlgGSjVa6DliXurkerC36mpGJ4Ho6ElcNuE3e0lan%2FN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
763582f91dd03771-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=30508677044
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
tlx.3lift.com/header/ 		133 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.150.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-150-163.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef63eacda662ee598260ddfff1e3027e8f7cd7c4a9bea5a9062c19aabaa175fc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
20072
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		48 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5891461efba0da69dded3e0f7837b17e43d97149818cd0c6d0c7d4db956f0997

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
151
alt-svc
clear
adreq
ads.servenobid.com/ 		405 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9326
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51320a20116f7c0177e7c3994e087c1c9f0a84eaa3562ef0cd6d2b5a566bd578

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
etag
"7pGeWjRhzCC16lj3m64eWg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 08 Nov 2022 15:02:28 GMT
qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v23/ Frame C5CA 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 03:16:14 GMT
x-content-type-options
nosniff
age
42374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21248
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:38:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 03:16:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DEF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102701&jk=292449634905152&bg=!iIuli8_NAAZPh4lnb4c7ACkAdvg8Wvg2jKeDfYqs-9QRGdcOXxzw57UqeVCYk62zCcBYuaDoA7AfuwIAAAD9UgAAAAJoAQcKAHYv8N0cr5CBlx65k9atSQlQ-mi_ej2ZA9mF-_ESGj9yPYNsLApV9s1mTBP1gHobE_HFA6cKcZuXNuvYzz1MItYBGGdDSp2bJnbMeELGYt226I2NEkTCkHVJgThLqqxEXJw_Wya1Vg8w_AVWZpnjyfyUqNe6ge60mQK_9fGyirEbVSM2OeBYZxMSuhMX71Pr3AaRZr0GeRivk9jHofQ4RpBJqZTx9ETI4cfr204kpma1h5HLvmET9iJyEbc7NeNfI1RGDmJBLQ2r6NDFcxC8_3L00exp6CeqijVPqUOJU826kx-vFLtjjsVMdrn9Ko5Syh9FIygStekAvLHBgpwlI1sRZWuZNCJIMKdhrUcvjNcrvoh9NuLa5u72m5nag8RpwOBpU7zrc6KbVdCnLVvVCms29nA5NkxrU6JeHt64jUp6k2uaG46H4i33Qpbg7mMsS_Jc2j-ojM2EL4dSDEGNPRN-j3FqCSqxlVh1FDFJKwm1kgVqS0EkMhnqqG1zVGNXEmsA7AiwpZV_sc1YV9vfjTSkd-F51-Mo5SEoFUEof9EsekfadiTOX15jh1t_03EXZLVyX2dI8I4uMpHZW8sWha-dltFcVzSc8MouAQOrOcQjKdK0Zb6G-vG8R61oHtcLQRf87tKcjqxqJONvQRfsCfTAlcC7qeCyH-dkw8N9Jac2OuKQ4GNNA3jKvx0C_bppWhUIcGBXsxSv2CmN_rtNakLrZaOFvelWm-DkIDs1H_GSnlseheHs6lOz5_VkwJPrL_mLKLGaa_L1MF2xCxL1AVI1mvtC5VaDopdqCUr1m_EeDGct7RSOsGEuDsYyv16Uo0WFsKpzjNrtsdj0l6THnLFC0lesEYJXsMtKdxWNTQB5-DqBxo3Mk4sLOQdnfI_rZy3RxFBmNkPhgzD8HduXz-Eo2MxAvtu_D0fRp_MOQdlKVk6XrgyJKJ-_KiJjy_HUDSDKCXXOfbaIME47Ho8-R8ITiiOVRoX86-QQBek2KnaifeZ9zRtMGflMmgtdxuQExeTsTN3cIjd9cyCtS5-X6nkwyOt0TaOMoNAxHihsK0CHBQpNDjQMkxKiwy0cykuRd1EKjt414b00cQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8A03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102402&jk=2894551627820154&bg=!xsWlxYHNAAZPh4lnb4c7ACkAdvg8WhIVp2d-jUSsOT2HHP-I8ITpJ08a3An4wRUo_0HYLEWrcjStHQIAAAEoUgAAAAVoAQcKAIRy9jMHa1BXNiDD0hMreyHZdox6ME4gR-U2xeHg7SbX77WA8w27X2R04tVVyU1Gk0Epnzrd0RwWaYhIA_rtYDShMV05Mjuak4erwVh4cDJ7a9MuInEqaLcOM6fmzQ3UzDrxpra5QgqWDH6Og6Pb3qqZvNrB-XoZTs0MB5QFLKaMazPZznuZAsOfjzepzzPsZxh2o0EGgrHP-cPO0lsDLhbUWfF5VddaQU0ZtBvFhVIHyV-HHqgQGsrZhtdAv88wxAygN4fYnnrwPLCNa7R7CehbQdP2lLxIjq7ZtbmH8g9vONQMLUVmjQa4hfGFHeVM1vg8EFRytVyTcu7ca9JLe9FXAVWbRb9RGH4yXTbiTHTTiXHfReeQ_wmkcYXqul2pZDL33h1HYw5YVLNIPBZEnA98cZQl5faRNjXJg3gjQWzyvWdfI5i_Xnkrs_7aOn1ymOrVFqQvO8pXmxXdIlYB_Ny05E_oT8Akpr9RrYh1Kc5COCgETHyx2vm1AwHusXPEAFVANlSyvCGONFmkAPNeKGNKnBNrnYaTQWspnbI_dflAD-BQnX9DTLgfwaCjZdVkhaZJvSfuCR6oUzfbXC8wYf6Wq1QTZgfK7XkexdSjuPhFAHS-dEm1fw70_1evxIy9LJJtJAowUFcWHd6uws-MbXlJ6wQ17LYxcBM_L1jubD-qBkT1eK4NrOeVuIiYCNZtnjqHBeJRVuDx93Jv5klfT4nBkiSPo0L5MK_OwBu8D6UDhKOLP44qvHmmetn2S_BxnMX1QSDbdDIsvb7DCMzWm5GuxPl4TdQ2L6MGyuLA6Ik_DLVSVxcqoL83gDbSj6qbl-8_MOPC-Y9smCtwYUIVjiyWPSXePOMl43nlfjEt47KVFkum3Ubi4jGNOf7HWQNdxapkkYWiWZl1JS1olgsMf1IMSSK9-cURjLs2Zedm90So2ksWp3MUe-0oYYM7rvDXMdhf5nhX73U7OFa8VhG-8-McvsEdxpv403CfGl0ScaBegbPBaZkIbofe1cT9QdbBpzqp5CYLixso9TfPDmVKFaiQrIHhbxCTp9hWLDGdeGj2eEjjeTQTVXectiaKRa-BrOYIhgLSFfGp9FDw_PPDiTEJ2ArgmQsX53x3AA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
all
csm.as.criteo.net/ Frame C5CA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=JwMO_nL7Hha3MN1wAHt0VDXmdh2ysR6FM0ldz8ndWTZCDNc5h_oiKJRmKo2PYL6xi7b0_l_9Bb-l2DpxvNvhxj9hZA0dVWkT1HYHUztv0kS1uECVkPQmi1bCivMDUg7W6HIFemM7D72CLbhDFHaONhyk_S2iuZ8vpZs4ZTWseGSm-W6ziEgo4HyyyVRwiQ-IEwgyE-yhbzNFMRrGvPlrGLfuoQjOBXWxUEpjS9MJQphlVzWqK-YW9zv2v05KQmqjO8Rv1ZOSB4lXZNwV&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1AQAL_5oAtwiFAA6qyq4PdF-BA9QaZ-WKcg&u=%7Cup9wtxwMMrOuCMhsT17uInSGfUTMta6SIfnkKWv4tDg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUG57I5SOVDTgZL_d5GIc1_px8FnI78kAkN14xy0eR2j9fOOJlzdmUbxUUoeEnuX8ISxzPnpwXCQ3cwxYO0rABB6Tmf5mKbuRs2XhCm4moMfWdxpRbNQd7gH1YlncCvTid5C_KQWGJwVEs04v429Xkp7A1Zof_RisGanf_lrJSNhs9Cc7i1-IJ61d603-1MTbbZEK7rIfDj1bc_Kjg3Ji4s9yNDNK_Pgh1vUId65sxkGVZ_Iv3zrUByA1NEtpk2243tdp2-665l4yNssQLsBlPaUxF-seDiq-eEn0jXscaoGo3szLh0jlVRmD8WWx5Sop6U22PIAHwr5SNyz_AprgDEIfL4vd7Tw5kzxdaw7J0qBTN03m1Du5Xj2BEbglFOsuFGPkmn3oXmLDa_Px211PRS2KJrLia4AwBRQ4OswJMAQ96HZOQ9G6nznKNYwDbhm2KcBXMMa7IoBErnWGxW09W7GSW-JOL1jqsHsxX2JhOYEHnxizRmMtLCc84QFzFo5v_8OeYwc0MR0OcF743BtEnRzSmVkpoQ5Fi1sJmMoCMBkVr2nvZ9wDzO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4ZiATVhY5r_L4WR3LUPytW68ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQKzWMcpm6GlPqgDAaoE9wFP0ME06VZQq4-tXkeHqTRLWiqnGg3amBAVkjHVCL-6WciSivNqZ3ZAWDtB0I0H-oNN84LmTxcd30dJF44vkmA4LOLLltUKyWVyzVMG4RW-7WUkK74qer4KXjoFroVc1L00uw3XY5sadQXP8kVItVoL8JzucxFjRLNbQ25MHWS-uH3gaYATka1-cxQKqdirlcxHbmFWlwz1liHRq1ck4cwc80L1sIyRzg56oAW4anEr0ClktiALcBizTF4gYWzUWUfbBjQF5bheyEhyu6xdFHjBPN-TeVB8GsYLW5BWF3ZfwoKJLUNbpdkpgbEBD_K1gDMWCIDE9QQigAao_ubIzfrBg4kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JJN-DpgGgYNA564msgQz5dUK6FQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 01 Nov 2022 15:02:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-127.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 14:17:21 GMT
via
1.1 d5845d4e49f77b7f0c9511096875b3b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Gw6ijoKjewzjwAVbjStMZpDhF9K3EO_8xIazU2eb4TPENeNqGDMuUQ==
init.js
cdn.holmesmind.com/js/ Frame DC20 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Tue, 01 Nov 2022 15:02:18 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
11
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
QKzbGduniOOEeoOhurq94iMaN2nwutpHRr_v6tt_aqkHCS5cefycqA==
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4NjI1OTBfMTY2NzMxNDk0ODQ0MiIsInVzZXJJZCI6IjQyNTk5MV8xNjY3MzE0OTQ4NDQyIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNDUxODk1XzE2NjczMTQ5NDg0NDIiLCJwYWdlUGF0aCI6IiUyRmElMkZmYW5nLXNoaS1xaWFvLWppbmctemhvbmctMTB5dWUtbmFuLWVyLWR1LWppYW8teWktbGlhbmctc3VvLWRhby01bmlhbi14aW4tZGkuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZmYW5nLXNoaS1xaWFvLWppbmctemhvbmctMTB5dWUtbmFuLWVyLWR1LWppYW8teWktbGlhbmctc3VvLWRhby01bmlhbi14aW4tZGkuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjY3MzE0OTQ4NDQyfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:28 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvZmFuZy1zaGktcWlhby1qaW5nLXpob25nLTEweXVlLW5hbi1lci1kdS1qaWFvLXlpLWxpYW5nLXN1by1kYW8tNW5pYW4teGluLWRpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvZmFuZy1zaGktcWlhby1qaW5nLXpob25nLTEweXVlLW5hbi1lci1kdS1qaWFvLXlpLWxpYW5nLXN1by1kYW8tNW5pYW4teGluLWRpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 01 Nov 2022 15:02:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=178, origin; dur=199
content-length
555
expires
Tue, 01 Nov 2022 16:02:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DC77 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221027&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
f472b5e617260cbd85fa264d50e47338f934dd89fa36a61dfd7ffd00c2116805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11344
x-xss-protection
0
capmapping.htm
cdn.holmesmind.com/js/ Frame 8D13 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
35
content-length
4730
content-type
text/html
date
Tue, 01 Nov 2022 15:01:54 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
x-amz-cf-id
dXahfcFUkwMB5i1sllbD9JEo8CM4JCP7VXaXNwoOs6rxxYD7TatRsw==
x-amz-cf-pop
NRT12-C5
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame DC20 		662 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 01 Nov 2022 15:01:54 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
35
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
7R5dPa0Lel9b5XBPIQCGndWDtN-S9NhUezoDAyXdCPqVqyYt5mryRw==
presetfn.js
cdn.holmesmind.com/js/ Frame 0A96 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Tue, 01 Nov 2022 15:02:21 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
17
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
PfbKS8aARP50BWflS7eJVvi-io2jtmopGqZCjMxBdbrfDdzX59GZUw==
activeview
pagead2.googlesyndication.com/pcs/ Frame EBDA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscECQjfbxuUUkEwZkIQdTbyVtescfeToCiYOSaMHtqzn-anu-mggSMs8C1xC0_2sRNteQcsRvOCNKFYnVuqb1T58mm&sig=Cg0ArKJSzHQYv0iK2zZgEAE&cid=CAASFeRo6jRELSm4qerndkDW4K5h84XsxA&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221031&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667314945472&rpt=2254&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DC77 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 15:02:28 GMT
pixel;r=882975261;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=882975261;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1100311919-1667314948341;pbc=9276d684-081a-4a7d-bcdf-205490cef536;ns=0;ce=1;qjs=1;qv=acb00a35-20221027125754;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1667314948865;tzo=0;ogl=;ses=99258308-5be4-4400-ac9d-ead1939a0979
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		143 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3851414701421855&correlator=493029789142366&eid=31070657%2C44761478%2C31070111&output=ldjh&gdfp_req=1&vrg=2022102701&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D786d5b421f56c23%26hb_ap_bidder%3Dtriplelift%26hb_cache_host_median%3Dprebid.adnxs.com%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_cache_host%3Dprebid.adnxs.com%26hb_ap_format%3Dvideo%26hb_ap_pb%3D0.01%26hb_ap_adid%3D755f0106385b222%26hb_ap_bidder%3Dmedianet%26hb_cache_host_median%3Dprebid.adnxs.com%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_cache_host%3Dprebid.adnxs.com%26hb_ap_format%3Dvideo%26hb_ap_pb%3D0.01%26hb_ap_adid%3D762331d7cc279ed%26hb_ap_bidder%3Dmedianet%26hb_cache_host_median%3Dprebid.adnxs.com&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D9b2ce0b2cd9987a1-22c98d38f6d70090%3AT%3D1667314945%3ART%3D1667314945%3AS%3DALNI_MYim9gCAewSz8u04tK2tkQd7OJcGQ&gpic=UID%3D00000b73059c87d4%3AT%3D1667314945%3ART%3D1667314945%3AS%3DALNI_MYpOd69SyrIqKMIZXKCN753kTWzbg&arp=1&abxe=1&dt=1667314948953&lmt=1667314948&dlt=1667314941540&idt=5008&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1089023156.1667314949&ga_sid=1667314949&ga_hid=5144&ga_fc=false&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
746c80519e445bfe59a0a43cc53c846d00dfadc4eb6d096ac7604bec231e3be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29057
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm.php
fcm.holmesmind.com/ Frame 14E3 		0
0
utag.js
t.ssp.hinet.net/ Frame 8D13 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 01 Nov 2022 15:12:29 GMT
cm
c.holmesmind.com/ Frame 8D13
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Tue, 01 Nov 2022 15:02:30 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 570B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
83951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Oct 2022 15:43:18 GMT
expires
Tue, 31 Oct 2023 15:43:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ABB0 		783 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
5787daf629809716954934c3d0e57c442cb12f86a7320abfc08555baf8392e39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W0wuvV1w8biuZOtH6Y9zNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-W0wuvV1w8biuZOtH6Y9zNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:29 GMT
expires
Tue, 01 Nov 2022 15:02:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Preset.js
adcdn.holmesmind.com/adserver/ Frame 0A96 		1 KB
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-27.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 14:53:55 GMT
content-encoding
gzip
via
1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
514
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
fSxqD6EnjLHncclz1kXm8beJa_6E3T3jZsI7adWXSp-MbjCxI6TRPg==
js
www.googletagmanager.com/gtag/ 		222 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b7bed7caed49d273178c91b630b00ca1be0a9258a699e85515217f75b03c7843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78108
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 01 Nov 2022 15:02:29 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9mYW5nLXNoaS1xaWFvLWppbmctemhvbmctMTB5dWUtbmFuLWVyLWR1LWppYW8teWktbGlhbmctc3VvLWRhby01bmlhbi14aW4tZGkuaHRtbCIsInRpbWUiOjE2NjczMTQ5NDkxMjl9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:28 GMT
server
nginx/1.14.0 (Ubuntu)
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame 570B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 01:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Oct 2023 01:53:44 GMT
generate_204
tpc.googlesyndication.com/ Frame 570B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NXpYkg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame ABB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221027&jk=3631704844640308&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads.js
ad.holmesmind.com/adserver/ Frame 0A96 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20221028%2FlfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html&n=702&o=1&d=1&b=2&ts=1&ii=2&FPCK=4348-oDHKZyLgldDLsJvTFjnbLz0zBQktier7&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.87.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ebfd1124c05fd4534a11aa9a529f614b16cd347916e0ec8deeac052f3c074ff2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.holmesmind.com
date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 0A96 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 01 Nov 2022 15:02:13 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
17
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
HFp4BgZj_XucBl20g8IxCfx2stZeaxiuucnLrfz63aSIBLnmt3h7yw==
publishertag.js
static.criteo.net/js/ld/ Frame 0A96 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:02:29 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 0A96 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 01 Nov 2022 15:02:22 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
17
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
kkl5E7oAiHj0zOzJIqTq7wM2mUAlDBZ11aN7QJW-Jt-8xt-Ep_sGQg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 0A96 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 01 Nov 2022 15:02:22 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
17
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
YGY4wuKJqIaBexH4VS0BfIOsVq0M1pg5dB5vpiS5p63GgnTKfGI3Ng==
appierV2.js
cdn.holmesmind.com/js/ Frame 0A96 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 01 Nov 2022 15:02:22 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
17
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
n1A0tuJoMh9kJxThDSuDU5020aUP4HOBdh-EDH7xpZBWQt6pLHbpYA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 0A96 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Tue, 01 Nov 2022 15:02:22 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
57
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
AeshJyIP7_eXEPmz7fSoEz6qiE5dNPeKDEFArF05gGlzAawqvkXL_A==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame B3A4 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Nov 2022 00:43:22 GMT
age
51548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Nov 2023 00:43:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame B3A4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:33 GMT
age
78657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame B3A4 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:33 GMT
age
78657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame B3A4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:33 GMT
age
78657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame B3A4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:33 GMT
age
78657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:33 GMT
css
fonts.googleapis.com/ Frame B3A4 		7 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
d37b6441dc4049f8fe981972f64903aa46280708aa7f2c4465b447df78459f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 14:52:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Nov 2022 15:02:30 GMT
css
fonts.googleapis.com/ Frame B3A4 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 14:54:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Nov 2022 15:02:30 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B3A4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 14:07:33 GMT
x-content-type-options
nosniff
server
cafe
age
3296
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Wed, 02 Nov 2022 14:07:33 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B3A4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 23:11:45 GMT
x-content-type-options
nosniff
server
cafe
age
57044
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 01 Nov 2022 23:11:45 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10592464605894349408/ Frame B3A4 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10592464605894349408/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qnK-UTKx5AzfV3deDkaoODog9vbfA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
788e0799f5ccfd237d4d2f3e3bd5d716e04b4c33ccdb7faa7eb1fc286fbd916d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13126
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 05:40:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Nov 2023 15:02:29 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4523945745344478390/ Frame B3A4 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4523945745344478390/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4ql1WWplSvJM5Chb9QvaniFaTb3jrQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
02473c6ad0f8b546bf0bfc9ec30c998ede0c7e7db6a23487fc853e26eebd7b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41864
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 03:15:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Nov 2023 15:02:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B3A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyCttBTVhY-aYBrCTmsMPhNaK6AyIl8aLbdPisrWCEMHaus_5LBABILqEwDNgpcCjgKQBoAGjy8v5AsgBBqkCs1jHKZuhpT7gAgCoAwHIAwqqBKkCT9BW8tDoldMSOBTyqXVqh7C4GKPDjbXCkWU-9zgwM5hVqTDQUg0ninGOgmbUkelRYNfyRj4HeULBKtgQHDgK6-EA5mdwkXyUBw0jtQubxYaR5WSk1kPtqKOyRCTHrBjj3h55WThtjvflGraSQ6h4TDfDs1uBBmP1x0aR-q0LPeh4J2KGNpPtrTJzUha0UVdmMTX1OWIsUwwquQ-Hf_oa4_VEqwgs0GtWFGjSn8I_HMitkQfnmw7ZLsJK91_dXKJcUCyBeyyjbgjCH0HPOfFNEOTHhvP02avXxjYYiqIF_kAyd03aI1zOXxk9y-3hh8WC-49xaUohPwyJckGfyiUI7WDecNx7NkJLLxkEcyaRcamKqrMuTf5LjdgNNc6QnkRWz5XMx1HQflVpwASp-62WjwTgBAGgBjeAB8W0tIYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQwKgC0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=XY1_G1Pur5c&uach_m=[UACH]&template_id=492
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame B3A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVu6VpHmORa_4fZUD3ct0_nojTumhZ_RjwhP5Kq8n6W-fec8Cc0a5eFmoIiNaPVX83v6frRoHkFhHdp6UM8g8RKSerTA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=9309.400000095367&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlMmE4ODdmZC0xMGUyLTRmZmItYWJiMC1lNTY0NzQwNWJiMzYiLCJzbG90SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTBjZDY1MzU0LTNiODUtNDBiZi04MDlkLTdiMzVjYzA3YjhiOSIsImNvdW50cnkiOiJBVSIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2NzMxNDk0OTY0NX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 01 Nov 2022 15:02:30 GMT
Server
nginx/1.18.0 (Ubuntu)
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame 9043 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Nov 2022 00:43:22 GMT
age
51548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 01 Nov 2023 00:43:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9043 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:33 GMT
age
78657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9043 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:33 GMT
age
78657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:33 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9043 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
cc38ba922c2e65ff11857509c99039217c99fd0082734fda32f4d8909730a114
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:52 GMT
age
78638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16647
x-xss-protection
0
server
sffe
etag
"3485a0301417bbb9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:52 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9043 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:33 GMT
age
78657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 9043 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 31 Oct 2022 17:11:33 GMT
age
78657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 17:11:33 GMT
css
fonts.googleapis.com/ Frame 9043 		4 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:500,300,700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
f2eed9f77b557dbfe264c1e845277bb99537d2049eb0cebcedfc93deb7c483bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 15:02:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Nov 2022 15:02:30 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9043 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 14:07:33 GMT
x-content-type-options
nosniff
server
cafe
age
3296
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Wed, 02 Nov 2022 14:07:33 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9043 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 23:11:45 GMT
x-content-type-options
nosniff
server
cafe
age
57044
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 01 Nov 2022 23:11:45 GMT
container.html
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8398 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:29 GMT
expires
Wed, 01 Nov 2023 15:02:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 9043 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBFDAvzw-Bfda-RxeH5vn5t0wj5Sg9ZwFZh5Uh7YOj65e4YRULUrowmliGX-lIuRyvnyA4DhrU6vcqsmzsIJRP_9flMQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 9043 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw60oBTVhY-eYBrCTmsMPhNaK6AyrlofKZ-zd2qS_DpaCzYWIFhABILqEwDNgpcCjgKQBoAHWlMioAcgBCakCs1jHKZuhpT7gAgCoAwHIAwiqBMACT9BXJJO0T9iYOg3Rsyavn_RJHny92ntBAY9UF5lFW63QI-A6NcQ7LWn5Wagz3z4DasA9HjR2rlZSDl-VBwqr17rH21PpYUyKVV0KpGDWwcKcD2ECZKRkR4kZb3Yo-NIvKYL893t4KDaLVMuviVtCQrcWgAqxAeKdJDvFp8Y1_obNie1I-NniAmw7yL0hOMeyyrOwKwJ5tiL-UexlQza4FB22sXHPL19EkNxe03KlBBuHCNuBSTqnV0Hfmq60IS3NxilHwRzatmCYdLYijCjG-_1I7_LypkL2sLby0LTbh0Lm-QXC6qQ56B_NmIip8Dv_SrayBeqQR5lZOcxuhJfwO8C39XSFdIcBVUykNGJwBGxWDGteZJQflqEPUjgnpWWqkTwssuu9Is8bJJmH9XZprodnwGgwHfTm8jGiyc_8cPjABKOtnqbaA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeS67fXAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENfSA9IIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=mOZv6jJzBNk&uach_m=[UACH]&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4ed7ed46bc252ebec4414882b9f47711.jpg
tpc.googlesyndication.com/sadbundle/17805490703998317642/media/ Frame 9043 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17805490703998317642/media/4ed7ed46bc252ebec4414882b9f47711.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
bf60c3b7b0b5d1880bc7fba14e4f0c19b35ff8c6d897dbd7e1d0972c243f220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 14:28:20 GMT
x-content-type-options
nosniff
age
88449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
last-modified
Sat, 28 Aug 2021 10:16:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Oct 2023 14:28:20 GMT
898ff0510bf7d7512de4316c8da7f15d.png
tpc.googlesyndication.com/sadbundle/17805490703998317642/media/ Frame 9043 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17805490703998317642/media/898ff0510bf7d7512de4316c8da7f15d.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
7361fe82be19af8763d3c93cff7236f3654d75b20245a35c05fc0ee204a024e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 14:28:20 GMT
x-content-type-options
nosniff
age
88449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3396
x-xss-protection
0
last-modified
Sat, 28 Aug 2021 10:16:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Oct 2023 14:28:20 GMT
82a162db285e45369bd724b7ffa0e763.jpg
tpc.googlesyndication.com/sadbundle/17805490703998317642/media/ Frame 9043 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17805490703998317642/media/82a162db285e45369bd724b7ffa0e763.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
aa62b4ce273ba426dc4b5ec99329d60780ed38723e6033015117725ba50a15ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 14:28:20 GMT
x-content-type-options
nosniff
age
88449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3997
x-xss-protection
0
last-modified
Sat, 28 Aug 2021 10:16:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Oct 2023 14:28:20 GMT
b54cc6961b713bca0bdefab380461722.jpg
tpc.googlesyndication.com/sadbundle/17805490703998317642/media/ Frame 9043 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17805490703998317642/media/b54cc6961b713bca0bdefab380461722.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
8f8b67534c99223c378db4cec253a3bfbf71f8fd02e590fcd5ce4b1f2e43bef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 14:28:20 GMT
x-content-type-options
nosniff
age
88449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3742
x-xss-protection
0
last-modified
Sat, 28 Aug 2021 10:16:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Oct 2023 14:28:20 GMT
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=9334.5&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlMmE4ODdmZC0xMGUyLTRmZmItYWJiMC1lNTY0NzQwNWJiMzYiLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTBjZDY1MzU0LTNiODUtNDBiZi04MDlkLTdiMzVjYzA3YjhiOSIsImNvdW50cnkiOiJBVSIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2NzMxNDk0OTY3MH0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 01 Nov 2022 15:02:30 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=9335.200000286102&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlMmE4ODdmZC0xMGUyLTRmZmItYWJiMC1lNTY0NzQwNWJiMzYiLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwicGFja2V0SWQiOiIwMDAwQTcwMS0wY2Q2NTM1NC0zYjg1LTQwYmYtODA5ZC03YjM1Y2MwN2I4YjkiLCJjb3VudHJ5IjoiQVUiLCJzaXRlSWQiOjQyNzUzLCJ0aW1lU3RhbXAiOjE2NjczMTQ5NDk2NzB9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 01 Nov 2022 15:02:30 GMT
Server
nginx/1.18.0 (Ubuntu)
truncated
/ Frame B3A4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0004ec92da4cb3cb51ba6a54d4e748d2b2c374cbfa7d8b90bef704422047be5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9043 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ec9f4635af1d7c046982d16250fb9c528515c240952de09991ac3e83679a13a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
t.ssp.hinet.net/ Frame 8D13 		37 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
15bc6abd5b07eab70b38a7c9db4f3a4993c31ad1694ce598d766925576bb180a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
landing.php
fp.holmesmind.com/ Frame DC93 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3233-Z4DewxfS094bwprgzDM8LicIRdM4eFxZ&CFFPCKUUID=5674-EU33A6Xo6d1vghISH00eMiInpaDG9wGo&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20221028%2FlfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html&maindomain=holmesmind.com
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 15:02:30 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 0A96 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 01 Nov 2022 15:12:29 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0A96 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.holmesmind.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adx.holmesmind.com
date
Tue, 01 Nov 2022 15:02:30 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 0A96 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4601883820470223
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.holmesmind.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://adx.holmesmind.com
cache-control
private
access-control-allow-credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 0A96 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9346604087662067
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.holmesmind.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://adx.holmesmind.com
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 0A96
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=p5uwInKrDrWGLe88BjVhYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=p5uwInKrDrWGLe88BjVhYw
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 01 Nov 2022 15:02:30 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=p5uwInKrDrWGLe88BjVhYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 0A96
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=WI1TuaODBPi1ebRcBjVhYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=WI1TuaODBPi1ebRcBjVhYw
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 01 Nov 2022 15:02:30 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=WI1TuaODBPi1ebRcBjVhYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 0A96
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=uNrJdvscChOVQgP8BjVhYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=uNrJdvscChOVQgP8BjVhYw
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 01 Nov 2022 15:02:30 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=uNrJdvscChOVQgP8BjVhYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 0A96
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Oiz-HKQjBlm5ok9HBjVhYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Oiz-HKQjBlm5ok9HBjVhYw
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 01 Nov 2022 15:02:30 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Oiz-HKQjBlm5ok9HBjVhYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 0A96
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=fWop6ZLVDT-gdFPTBjVhYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=fWop6ZLVDT-gdFPTBjVhYw
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 01 Nov 2022 15:02:30 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=fWop6ZLVDT-gdFPTBjVhYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 8398 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMxL1BTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnAJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2xEzA8cDKbhZvaPwwVnUgVJ-oxOTSxdM29Gnt313ioyQV1sGfwBe-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=0lWtnsiKqLo&uach_m=[UACH]&cid=CAQSPADq26N9VyXLwgVRr6eEn2yzPk6wKXLkjqtyP76eTEoYHvp4dlkeE32NngfppkJK5rl--qEENZeEfdobJRgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 8398 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMjjDc7xBnjYBGL4LRICAAAA-ONZtFtuTcMQBDVhY3ASv4hg4-vyHT59ABIAAA&wp=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
187171
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 99B7 		148 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0ee32eb0e64bc0061fde3956a8f2cb2523a415a200bd86084774ebff178a8a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:29 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=JV4ZmnL7Hha3MN1wHGWtr5dD1GCzT6MjJQQwSjihnaCl-cAaFzblQlgmfbtc9ISXpin0VeFml1FlKC-SIe0qowKx4eyTsgR5IoaTbmZRmfzzgpJUTi_5pLZBzGuPiNRZwFcZSUDEzP7AE6CNyU7TcWAhUnIUn-dqQtw8PSdStw7xvai4HyDdIZE6iBJCwBFa3iQ-qjQ4QICo2uWSn1dpMQQbRTWlgP4ALFVGU_Q5mCHPxz5jeGDE_xgw5PoBKAk7Pz2zXT61eX5jpGij"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
87413959
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 8398 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 22:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
60047
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Nov 2022 22:21:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 536D 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 13:11:01 GMT
etag
48472445140208031
expires
Wed, 02 Nov 2022 13:11:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 8398 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 22:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
60050
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Nov 2022 22:21:39 GMT
l
www.google.com/ads/measurement/ Frame 8398 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwCNQin_3kcppezypDc95AzCqy19YEq_XiocZ0ZXEeCI1yxibf2nBWk4_BFcx0ZBSW26Kz77KcBC3_uqDkUVA3kbn61w
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8398 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 04:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Oct 2023 04:12:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8398 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47682
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667216034053804"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 15:02:31 GMT
emome2
t.ssp.hinet.net/ Frame 8D13 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=546f153a-b126-4c5d-8fd4-2cab22c067cd
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 0A96 		177 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=29221661709
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d30a4bf397e76b1ba9971d234e0f759a6ab48fdf42d284d7ec0647cd68f6e351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://adx.holmesmind.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
cdb
bidder.criteo.com/ Frame 0A96 		177 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=87077158756
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4c6e1b9fb31d28c7417ebd64d3bae4c235b10b383a577589a481242dff2b63f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://adx.holmesmind.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
sodar
pagead2.googlesyndication.com/pagead/ Frame DC77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221027&jk=3631704844640308&bg=!ODulO3_NAAZPh4lnb4c7ACkAdvg8WnvMLrYwzPxJcPcNd_2bG3LZzTNsGyx1Gwoy342m0vFGa7uiawIAAABQUgAAAAJoAQcKAGvrdYaosieRRcn0EJQYOE8PFsV9c_UKzM1e77aaLD_HAB21b1E8Bg1Xk2hHopY_gZkEQ18X8BCdNUgxaDF1c60epmGn7XEVCQ0oe7By8F2sLIVsckmMivJ3VbEPSic6fGKxMbCCxo0vVflOiJkCo-L3MMIZOIPNcdpEmr9d-USCM6YMJNAsG16KluAL-lUXSL3IUQsrh5fo4oc5K2iM6_lYFw4o7N8YdCzW98ix_GqxgYuGIpraty0YhSwgDgNQKPu48moaG9S0WrYS6D3cM8kzNbyqroWHWq_EJObcm0x-kphzYy5VDBWJz3_qCM7uQeHzn5d7I9qcS1hfFsFMhK8Bv8raVRGk3VbR_9G6HehMSdXYoj3TxHyzZFL3K_qqcBIY6QlnKTdDo1pxyvchLKEEZFcqYECCZHu5OgIU5iE26DgV1qRd11qLwTLe1_FYrhx58n1DV6I_gSsEjF44P9FC9anJDrMYN0w0uqW5PzO_GgD6TqHqyULYnvjaLR2ui0rS0KRizlNoJDDExK5pSkoGZgNJTN110ZmtngRZZ_wWHZrwwkWd_jZgrLbPXIcMedDGvRwJxoEkGldMkUkubcjXCz76m_0i5y3Yopy9_jCny4c0t30jHr9GdnAY7t2X-eFW7oYtC9VB7P2n3HqMjWIIFLcPkOKfLhrB-iUvetS69nCYZ4UhD2zLULkdnO-rDCCMPO3zCPfk_o4BrQnu08wMsmopLy9Fl_oTfnuhBjZ4Hx2Q5heLr0nB2VZ5HfmnEaUJ69gT5oD_g8HVgII5OuTAZ-yHI3s4KVjLMA_SOTnl8Zgh5DeBr5UDJrITpxfsQFyABu11kxaKJNjAVyxNz8rCdiY0LxUKZA_HJqr2AVaKyHo4DCh7a23VIM7PEao4DowkShHIEl1oI1hblh5NuaP3xsAhwVTJVWCztw7mPgAZwjPZ67dhyFp4EskLJXx8qLjjMpkvrOE1LajRVqaqETxOXM_pZGz1CsXKPlzv9Ly6tUU11SFTGOxa-C5xHAfajr0iJknfL3D4MoDRfiDngbZ5eA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
t.ssp.hinet.net/ Frame 0A96 		36 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
4fef5e5985aefe814cb1e61862c1a809cdd2cdbd5cfb1435ef48366ea0bcbb27
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 536D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ-Q6gbxo7zh66BgCL11rHU&google_cver=1&google_push=AZmPxg8pfIibJo6dC9Kwl5SaqCyB6uKyXh1CR7Ebh9QSaPhzKF1fKkQwu_D_KrYOqZZSgrSy-JTcDiEIYbWHf_4M6Mm8UPBIV7Q2wQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM1NDkwOTE4MzQ3NjU0Mzg1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ-Q6gbxo7zh66BgCL11rHU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ-Q6gbxo7zh66BgCL11rHU&google_cver=1
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ-Q6gbxo7zh66BgCL11rHU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 536D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAG12aa9v9ialw1VcOuz7z8&google_cver=1&google_push=AZmPxg9Kr15bT6IMPOqWSwCr8N0D2WUvyAJ-1asOzsCbhKyZb1Miy-oJMYajPlUGR_0u2cM4Uk1hs6rm9Vl6y6jg...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9Kr15bT6IMPOqWSwCr8N0D2WUvyAJ-1asOzsCbhKyZb1Miy-oJMYajPlUGR_0u2cM4Uk1hs6rm9Vl6y6jguFxEkXvXp4JjtA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9Kr15bT6IMPOqWSwCr8N0D2WUvyAJ-1asOzsCbhKyZb1Miy-oJMYajPlUGR_0u2cM4Uk1hs6rm9Vl6y6jguFxEkXvXp4JjtA
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 01 Nov 2022 15:02:30 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9Kr15bT6IMPOqWSwCr8N0D2WUvyAJ-1asOzsCbhKyZb1Miy-oJMYajPlUGR_0u2cM4Uk1hs6rm9Vl6y6jguFxEkXvXp4JjtA
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Nov 2022 15:02:29 GMT
pixel
cm.g.doubleclick.net/ Frame 536D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPHDZYCmyEbUPnzf1Vd_-SQ&google_cver=1&google_push=AZmPxg_Q78rCYM7sBSAOHwbHHOyl-2HDHELKUUZ3kdrFg_JrwL1HOu-ok8quIpK3-yHHUNMrRM0NyEdeOT_V-T3W9NGSzopDHFGhfA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DA8A55D9C5974F5C90D5B4B2092CE4CA&google_push=AZmPxg_Q78rCYM7sBSAOHwbHHOyl-2HDHELKUUZ3kdrFg_JrwL1HOu-ok8quIpK3-yHHUNMrRM0NyEdeOT_V-T3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DA8A55D9C5974F5C90D5B4B2092CE4CA&google_push=AZmPxg_Q78rCYM7sBSAOHwbHHOyl-2HDHELKUUZ3kdrFg_JrwL1HOu-ok8quIpK3-yHHUNMrRM0NyEdeOT_V-T3W9NGSzopDHFGhfA
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DA8A55D9C5974F5C90D5B4B2092CE4CA&google_push=AZmPxg_Q78rCYM7sBSAOHwbHHOyl-2HDHELKUUZ3kdrFg_JrwL1HOu-ok8quIpK3-yHHUNMrRM0NyEdeOT_V-T3W9NGSzopDHFGhfA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 31 Oct 2022 15:02:30 GMT
pixel
cm.g.doubleclick.net/ Frame 536D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFRHj144vNMDzRq0_Mu4oqQ&google_cver=1&google_push=AZmPxg_jYiyAOkDEHCans2J-75PKi3fynGPRLeCvkh1q5JeZpCg2971yLx5S0h_atNDPSOVTQlJdXe02Q2kfSHP9iW...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEFRHj144vNMDzRq0_Mu4oqQ&google_cver=1&google_push=AZmPxg_jYiyAOkDEHCans2J-75PKi3fynGPRLeCvkh1q5JeZpCg2971yLx5S0h_atNDPSOVTQlJdXe02Q2kfSHP9iW...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NzQ1NTkwMDItYjc5ZC00Y2U5LThjNjMtYWEwM2NmOTE0Nzk0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=74559002-b79d-4ce9-8c63-aa03cf914794
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NzQ1NTkwMDItYjc5ZC00Y2U5LThjNjMtYWEwM2NmOTE0Nzk0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=74559002-b79d-4ce9-8c63-aa03cf914794
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NzQ1NTkwMDItYjc5ZC00Y2U5LThjNjMtYWEwM2NmOTE0Nzk0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=74559002-b79d-4ce9-8c63-aa03cf914794
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 536D 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGKHnmFj6UWixKvhazfNJ4A&google_cver=1&google_push=AZmPxg9NdYsW3ELJtvAo25VcRHLf7fBYgMcejBhbHASlgteFuPN7fmIkRb4IJ3m1Q60hKJsKEvqQ3ng3vt5C7ak3uGALZTsGbMHilQ
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 536D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFI6d-uOOQJfy-1oGUe8TOA&google_cver=1&google_push=AZmPxg86HsD3G6O5e7ZHgMd9ngPeMNdryF_CF6WD32j2m9I9R57hzjiHObLLPpiaoWPiUX9Qeb3QZuxv...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFI6d-uOOQJfy-1oGUe8TOA&google_cver=1&google_push=AZmPxg86HsD3G6O5e7ZHgMd9ngPeMNdryF_CF6WD32j2m9I9R57hzjiHObLLPpiaoWPiUX9Qeb3...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcwMTUxNDExMzUwNTY5MTkyOQ&google_push=AZmPxg86HsD3G6O5e7ZHgMd9ngPeMNdryF_CF6WD32j2m9I9R57hzjiHObLLPpiaoWPiUX9Qeb3QZu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcwMTUxNDExMzUwNTY5MTkyOQ&google_push=AZmPxg86HsD3G6O5e7ZHgMd9ngPeMNdryF_CF6WD32j2m9I9R57hzjiHObLLPpiaoWPiUX9Qeb3QZuxvILoWyV-VI-XHUVpkyYoTEA
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcwMTUxNDExMzUwNTY5MTkyOQ&google_push=AZmPxg86HsD3G6O5e7ZHgMd9ngPeMNdryF_CF6WD32j2m9I9R57hzjiHObLLPpiaoWPiUX9Qeb3QZuxvILoWyV-VI-XHUVpkyYoTEA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 536D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENZlxwy3LUc7dPBTHq5pjZg&google_cver=1&google_push=AZmPxg9H8QmFfUBTAN9IGHIsyxo53xuYah4eGovznWnchuUfVKvC7Fv2c8Hw_Az72FrKCf01HioCcG0WmS1_RfA...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=DcQ-LXDqSlNRfhIrPhlI22fR_gU&google_push=AZmPxg9H8QmFfUBTAN9IGHIsyxo53xuYah4eGovznWnchuUfVKvC7Fv2c8Hw_Az72FrKCf01HioCcG0WmS1_Rf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=DcQ-LXDqSlNRfhIrPhlI22fR_gU&google_push=AZmPxg9H8QmFfUBTAN9IGHIsyxo53xuYah4eGovznWnchuUfVKvC7Fv2c8Hw_Az72FrKCf01HioCcG0WmS1_RfAiLgAraqLjfKNG8w
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=DcQ-LXDqSlNRfhIrPhlI22fR_gU&google_push=AZmPxg9H8QmFfUBTAN9IGHIsyxo53xuYah4eGovznWnchuUfVKvC7Fv2c8Hw_Az72FrKCf01HioCcG0WmS1_RfAiLgAraqLjfKNG8w
Date
Tue, 01 Nov 2022 15:02:31 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 536D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lqfg6vrsJuaUJLCaZ1bguu43ozpNQvB9oxRhTtLPxXqgLlfccmrvBoqaUCU1DkdAIRzPhy
Requested by
Host: acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
URL: https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3A4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 02:33:18 GMT
x-content-type-options
nosniff
age
44952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 02:33:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3A4 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 02:45:28 GMT
x-content-type-options
nosniff
age
44222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 02:45:28 GMT
events
bidder.criteo.com/csm/ Frame 0A96 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://adx.holmesmind.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 0A96 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://adx.holmesmind.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ Frame 9043 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:500,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 02:32:09 GMT
x-content-type-options
nosniff
age
45021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33580
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 02:32:09 GMT
truncated
/ Frame 8398 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
582e09ee21e516303420d8125a11e8ce79682ae98188cb458dd2f962afeb259f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaq0&_p=5144&cid=1089023156.1667314949&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667314950&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&dt=%E6%88%BF%E5%B8%82%E6%95%B2%E8%AD%A6%E9%90%98%EF%BC%81%E3%80%8010%E6%9C%88%E5%8D%97%E4%BA%8C%E9%83%BD%E4%BA%A4%E6%98%93%E9%87%8F%E3%80%8C%E7%B8%AE%E5%88%B05%E5%B9%B4%E6%96%B0%E4%BD%8E%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 99B7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:30 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 99B7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:30 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 99B7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 27 Oct 2023 15:02:30 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 99B7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 27 Oct 2023 15:02:30 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 99B7 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=tWgvrfCRCK5SnmW-DGxnLt0v35SO3mm9rDv_sr_yI07T3OYMvFyMz4sIDoWitkIvLqbK-NIEBcMd-a0-ygwToa8nYEKGr9pbJ30yTPTndoIM9qR86_D1hTJOZcoiRk0ARYaG3a6R3P5cSbyV6chtFv3_zPChhSWD5yFxIM1LzO_CcnlfsuO-yM_qiqvFZhY2kVkqRqGRvAipv9hzwF4O6-cduUjfjKyWic0bj1Tdo7kHi0WzaVp9wojGGeVKKVB2lAgEpq_A2K1Nlc4HJ8-4m98wace6V_dxZuSwogTirJoxeVswgpjji4MoTZP_XfVEP_DFVK0aG5L18TuasuPWBmQKGqL0aFNOZNl0QUvIVMEyImB1nrLD5jHZjErAgplpqE_jGmAuRxBw0_nE63b5kqvgP8TsZXGhklDSCBJMdAUCrJP7
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1790873
expires
Mon, 26 Jul 1997 05:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B3A4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 01 Nov 2022 15:02:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 99B7 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
306223
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BQ%2B9hwCi4YJEtiSqdQNMt7k14pkz1Z9U3yme5HD8NXa1IlvOc71n5xVw2lGXhSxLKcenNEUMmmEvyyLRbQGeH8XvAzK5ovRw%2BaDxVThde8fZ%2Bn8uqpapJItIVR8fDIc0zgUSQfC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76358307fa865a8b-MEL
expires
Sun, 22 Oct 2023 15:02:30 GMT
emome2
t.ssp.hinet.net/ Frame 0A96 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=546f153a-b126-4c5d-8fd4-2cab22c067cd
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 99B7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:30 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 99B7 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:30 GMT
animejs.js
static.criteo.net/animejs/ Frame 99B7 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:30 GMT
2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
static.criteo.net/design/dt/39665/220428/ Frame 99B7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/39665/220428/2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
69f12d85abfad64d722551b2a4d1abfb01e78a19a8c642a81010ba10850ed0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 14:51:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626aaa05-7332"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
29490
expires
Fri, 27 Oct 2023 15:02:30 GMT
img
pix.as.criteo.net/img/ Frame 99B7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=39665&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F39665%2F191118%2F27cc28017e0243f0b4a42882567130ea_logo_n_vertical.png&v=3&w=236&s=gyImudN-PISyWJF03NFUyGUp
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ec02e823e01d1232cee2790c6af67c336c7d7381a961157538d42bc49bc35502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28486234
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5101
expires
Wed, 27 Sep 2023 07:53:05 GMT
img
pix.as.criteo.net/img/ Frame 99B7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_148464_al&v=3&w=400&s=kP064FTmJ7UYY5bn18_NQTUw&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
7b715c5505596b0861f320caa8ee6ff434fd5f4c53f38e6e769baab3a92848da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5116
expires
Tue, 01 Nov 2022 15:02:30 GMT
img
pix.as.criteo.net/img/ Frame 99B7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_523247_al&v=3&w=400&s=9i4R5uV4oVF508dL9jrhiveE&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
027890c8998a63c290b041c61d1ff6282d3a356bff29a6ddee40ac7eea1e1194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15928
expires
Tue, 01 Nov 2022 15:02:30 GMT
img
pix.as.criteo.net/img/ Frame 99B7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_009318_al&v=3&w=400&s=a-4Nes7CzGB6vjXuR7ZRWe0b&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6970410762235c3a131ac5c18bf534680d43203ad4960c31b5564f599bdad8f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7326
expires
Tue, 01 Nov 2022 15:02:30 GMT
all
csm.as.criteo.net/ Frame 99B7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=JV4ZmnL7Hha3MN1wHGWtr5dD1GCzT6MjJQQwSjihnaCl-cAaFzblQlgmfbtc9ISXpin0VeFml1FlKC-SIe0qowKx4eyTsgR5IoaTbmZRmfzzgpJUTi_5pLZBzGuPiNRZwFcZSUDEzP7AE6CNyU7TcWAhUnIUn-dqQtw8PSdStw7xvai4HyDdIZE6iBJCwBFa3iQ-qjQ4QICo2uWSn1dpMQQbRTWlgP4ALFVGU_Q5mCHPxz5jeGDE_xgw5PoBKAk7Pz2zXT61eX5jpGij&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 01 Nov 2022 15:02:29 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 99B7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:30 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 99B7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:02:30 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 0A96 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20221028%2FlfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html&n=702&o=1&d=1&b=2&ts=1&ii=2&FPCK=4348-oDHKZyLgldDLsJvTFjnbLz0zBQktier7&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 01 Nov 2022 15:02:23 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
18
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
MeCNIlF5W9NXU5ID47Y8X5W7HCOBPirdYE4AQeD7OaE1nxMExJivcw==
cm
t.ssp.hinet.net/ Frame 0A96 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3233-Z4DewxfS094bwprgzDM8LicIRdM4eFxZ&mp=546f153a-b126-4c5d-8fd4-2cab22c067cd
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
546f153a-b126-4c5d-8fd4-2cab22c067cd.t.ssp.hinet.net/ Frame 0A96 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://546f153a-b126-4c5d-8fd4-2cab22c067cd.t.ssp.hinet.net/pixel?bd=546f153a-b126-4c5d-8fd4-2cab22c067cd&t=50ef57&referrer=https%3A%2F%2Fholmesmind.com
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:02:30 GMT
Live_Streaming.js
cdn.holmesmind.com/js/modle/ Frame 0A96 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2ce48828cc513e392a4dbc14b34377b236a57fa1e4eea2862067724bad131a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
H2J3qUoJw1_n4UfcwHjDEW4ajPHxFh.W
date
Tue, 01 Nov 2022 15:02:20 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Mon, 09 May 2022 09:51:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
12
etag
"b478631c17ab4e0fca2103e8d324981e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
38250
x-amz-cf-id
bbYn74ANLdaVy6qL1GiB7IOhjiPaDvN41hstvWeGG28KCaNIP6I1vg==
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:02:31 GMT
av
ad.holmesmind.com/adserver/ Frame 0A96 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=14006:59710:132911:f537470f823f6886a23cc21ee8f21f37:13299&type=0
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.87.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
copied_copied_7c0d4b2d2808fb14555f646dd55b8531.jpg
cdn.holmesmind.com/image/13299/ Frame E46E 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/13299/copied_copied_7c0d4b2d2808fb14555f646dd55b8531.jpg
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e552ba8cbb2c9caaec7d5e7215f838bc55f45da09a3d578c80f4e3dc1d4f15c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 13:47:26 GMT
x-amz-version-id
WMTzyhX_HmKBD.AryEiq.91I4VdxzP6N
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 11:36:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
4506
etag
"8eecb7ed834e7467fabecff3f0d4c5a3"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
99657
x-amz-cf-id
N4h1SislqymLGUJT2MUay1Mak3_inf7vwqaCDlh4dqkqG1k_MSdVpQ==
ade-tracker.js
cdn.holmesmind.com/js/modle/ade/ Frame E46E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NaKVz_HCicjxM9ESQPttcJqfpSisoaZU
date
Tue, 01 Nov 2022 15:02:20 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Wed, 20 Apr 2022 09:24:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
12
etag
"cc88de770769cdecaa524a5801120c78"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1646
x-amz-cf-id
fNHiUxZhZNQhuEHa7GUIJzXOawbs0nGOTsn0uco0OM2EjLk4jD3KAg==
v_sdk.js
cdn.holmesmind.com/js/modle/v/ Frame E46E 		192 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-99.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XbcfHlCv0YU6yVSgKouNneQhxA5kNsN1
date
Tue, 01 Nov 2022 15:02:20 GMT
via
1.1 55c659e0e2fe3ace02c4b6599c432138.cloudfront.net (CloudFront)
last-modified
Tue, 29 Mar 2022 07:13:07 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
12
etag
"8644272abfaa44219b2ed3d118b43dbc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
192
x-amz-cf-id
iQ8rz4dSldeWHeyfcJtPuTAmrIOIgN_izbjFbzGHFt9d58fcc9BodQ==
sdk.js
connect.facebook.net/en_US/ Frame E46E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
5e386357d83c2185bce194fd5aff173c3a7c085a1b689db879f1dd2a3c56bcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Nov 2022 15:02:31 GMT
content-md5
JhZwnrWZODvWiliS83fTlQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
lfKRQKxLqHbpPjlvtm9QUeCnfi43abYbJe3uct9PUrvLe9biXr9ChyEIkci97ZwxtCEdeGmahA/ZVjNdGnEwhQ==
x-fb-trip-id
548340344
x-fb-content-md5
b8b5ca342b6b5430c629b84b60ef65cb
cross-origin-opener-policy
same-origin-allow-popups
etag
"0afac9f9a8f23467516e55b544fb2026"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 01 Nov 2022 15:06:20 GMT
i
ad.holmesmind.com/adserver/ Frame 0A96 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1667314950&p=14006:59710:132911:f537470f823f6886a23cc21ee8f21f37:13299
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.87.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
date
Tue, 01 Nov 2022 15:02:31 GMT
server
nginx/1.14.0 (Ubuntu)
av
ad.holmesmind.com/adserver/ Frame 0A96 		0
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/av?p=14006:59710:132911:f537470f823f6886a23cc21ee8f21f37:13299&type=1
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221028/lfLsVq5iGAHU9C7Iu4Sgw8A8KSF2eBEdCzGvBxVF.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.87.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame B3A4 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD7GBzk2Ray6bgeRGfj4CRGJIrLFZ3nIPYijpnbT5nw3BdQa03t0yhkowYrRl4JHQf2fY1gTK0TDqKIuYgtWegJpSnnHp0lzN9giUathwO67yP0uwPboDfVEVBqBfDBdNbf7KOxhFEw6i9nrGzVnb9P252A3TeZDZHBYQTz7V0wXEFDFVKgYGE9_oBXFbH0ShAQ6dW2gJvLyB-LWGE-PcnB3WyiJfvi3iqdfVL6scljR4F_KddBaLDp4bvbqoPL4-4igHOYNYoJP5EKx19fUeHs_IipeMH2ZQthBxkKWIHTTZYqtc71ZYYHbYNKKyuOOG2-mXYZqJfe6WxzjNeUCPpfYG3K-29_P1vBzgc5rEgxns9tm7728c7dlS39A1DJjI7Wm69iJ6-HYfmPnp015uq1bc1yGaDwlVaL0RTnus0a5DlrJ83o8l0mleSD8YZwXBHBoCGfa8RxR-Fb0A99vp3YjpbEfEKKk7kU6W7kaj5YszQuglZyB7NgZ1Ymunyhnr05SFqewXA24jccikCIpZERpUIeng0M35HFvhh6FDVIIwP6lwzp3TEUFGR1tBFWcRCOpmG1NEuxGqfLNjwEbtejRLKGqyEDNF2Yp-tkNs8CcGCzjiNYrVjuWBsdxntUTks2KKCACSs8yQyR40D6u8ctORwIQ-4qJaVVpaTfy5YQuvsvVS8CCEc4gs92UDzBAAsgZb5mPZ97HK-o4RHlisoq-Y1671VwxNXJriFb01uDLAamEFJY6oR6WfnohUz7hAWcHTjS_10RzkwJTFzoqc9cdoco9PQazN5nnhW0Y41UkaxR-KehhRNGzLxiSJ0b5LZztyVK9TVfiyhEthK41YpEQCu_R79LG-jYi9hWC__7afxe-IBMSYZLPglNgjBC6zNQIn2svJyO6QgSeuofiu7hLGtvvEXn49DPpeGi_qiF-jJo6tAybkx_QjruLlg9nhx7t9l7h3EA0fzlRMOl4liiTzJIpoIv1rlzDL6xVJQXvryTvRqRCCA9R672mtYM70ebqDTQ_RclHVPy9yMMFwEcWTXD6AmYcBwqKwLVvjF6upfGvQ6kNn-tR2-mMhAHChbFK7b-TLqFj7WNLPxCPOkodg_IkW_iukoRdohXY4JclfKmC6q2YH4th8950UFe_-ER1ZJHsEcqOIJ8WOUFCY-_LgJHwk9&sai=AMfl-YQpL3iZ9_IEMV6KPWagP6mlEnF3HLUGUdLewsVowPiV7lC322m1DaHQ-srR8JKhyfKsxvI92KMSXJR18mcp_pdE9e5se9NAJbeUsf6G0kYodo6vD-bYV9ue7EuVCfIDaZEpjw8dE2vJOgdI&sig=Cg0ArKJSzDo9Y_907WMOEAE&cid=CAASFeRodSPyvAPjBG2SYJp-LKApMxuXpg&id=ampim&o=450,60&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=715&tls=1715&g=100&h=100&tt=1715&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 99B7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=JV4ZmnL7Hha3MN1wHGWtr5dD1GCzT6MjJQQwSjihnaCl-cAaFzblQlgmfbtc9ISXpin0VeFml1FlKC-SIe0qowKx4eyTsgR5IoaTbmZRmfzzgpJUTi_5pLZBzGuPiNRZwFcZSUDEzP7AE6CNyU7TcWAhUnIUn-dqQtw8PSdStw7xvai4HyDdIZE6iBJCwBFa3iQ-qjQ4QICo2uWSn1dpMQQbRTWlgP4ALFVGU_Q5mCHPxz5jeGDE_xgw5PoBKAk7Pz2zXT61eX5jpGij&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2E1BQABjGgCZomwAAKrBMgsxZjbR1MAbZmEyg&u=%7CrSzMZBt8zW5woOMRYOHV0BnkB8jLyUVCLppp4rJRGwE%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y-WX3CIeLB4QjIdiKLIb1QI0YcBTjuCuzrXxQlUNGe49CDkMIeIVGWe1sA2u4P4BDUmG8Hagv4h-OLfYQS1RFe7Gc7s94A9bf5JBj09kEwJhhe8OQ2snj4A5IakcBnzz9k-l4vScSHuVucAh4AA5M2SWQgL7ipqOoMyK1WahglX3Rx3EEojeD-9iA9iNo7MP_M5oxj5HC4uhezTyy5CQVb9qSQCYI3vEs5SUZG6DLqb68T3Ur4r_pX90NL4B6MHRfsQabj6zBZTYTIf2H7-42pRlTOQXMZ1_1EThKbwPqksZiubV0L4OcC0SutjH9XIiJCT_F5jDVXKMpuHbd3OdHhXISpXlqIsl20pOlXjZ1RGU9XtmQKub1VTwKsQnmvOUcOnYoVdFDxDpwrfbNpnfjku22ULSG1Nw2hXmtOL-AMhG6RFFBBoGjsGc_FAWTLuabGvQCpvLrdxQ4QYt1uyKt0k3EJPzZgRBoAYKRnHCHBZWj9bxgQL62oIXbKWs2MDx3qrm97xP95Ovnw1PUdrUg3D9wzUVah8YY6agztxP1lgZ3ae3IxcWfjs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJJJLBTVhY-iYBrCTmsMPhNaK6AyY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQKzWMcpm6GlPuACAKgDAaoEnwJP0BFQSz2ZeEOHOuFFfjlP4J-nK-4nvqUcCHcSnKX4GkmXYjtOZ2reZo1a3acwujNio9MkDdy_YvEpOAKfjFI6BQyMsHITpWBBqNa9zyRjYPWYcccuPAYNWHohVozmtvcHhldGaahLCUdiYO5qFNQ-pKUqTeJz0FJ_5D-s4-jkRf_VfEzkJpdc_i_4V9IB6r2l0zKu5ifQlvu8-8Jz8FtjdKYf-MqSDbdpqXRZoYWUNWR41D1f-59UfT85KG3IuMt2xNAq8JiwFl73pAGV8mbmf8ppG-_CV7SQNY6LGKpS9sXEvMp4LsGrpr_6bNayOYhKxJCEH2wGzi6O6WhoGAkGspuMBJ-K05hE2iZzK4fObYtvF5QsbUWL8m1_hLyWQ-AEAYAG7pnM8aDynsOUAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1dlUMa4T__kM5cfqiv9Vs1B_VzHg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 01 Nov 2022 15:02:30 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9043 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNh_gWUmRKsFrmc0_wXQNl7SvBSiVOO2oH4gpEN-66M8SvmOvj6bqsDmK91c_7Isdy3PVXBemcVA_-FL77yMwOxrQ7egClU3jTeoAFB4Ey-G1UeRC4qE_rsWpW3h6OEYnouWc&sai=AMfl-YQ1bWO5PDuVj67MJCOfQa6jR34jvJjPMzuRYeO9sPbo55Qwh1VxBbKpiA2-pXHUnI495ribrIHRBtCfFvCJFw0hWd63S67tXDnU74GHIcTh74m1hHwE9ZZDPC5w4ww&sig=Cg0ArKJSzAY5d2PB7-twEAE&cid=CAASFeRocl1mWdMcZoN-fr9nUwUWTpkNkA&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=932&tls=1932&g=100&h=100&tt=1932&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame E46E 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=9f881ac8a799afc2d106cc7f0c50885f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
5b50a58b3403e5e0732c8fc9d6f47d99282b06491a41546d6b0c3dc81fb7e096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Nov 2022 15:02:32 GMT
content-md5
obZaYcpMCNej5ADLU0VLQw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86894
x-fb-rlafr
0
x-fb-debug
7wPbUZzOqEfHKQqObgQ7RlSFoicRdr4vjcSB407qtENThu4ofKJTvJfKtgonKrTcpN5S5huWlSXcpRmybBCatg==
x-fb-content-md5
3f55512f4d44251cbeb23de1bd28240f
cross-origin-opener-policy
same-origin-allow-popups
etag
"13233049b2e8f79f824e98b554ba22a9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Nov 2023 05:50:44 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 01 Nov 2022 15:02:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
560266
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		344 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c295f0d07e86bf0d9590dbd8fc9bd5be96d013bb57b6d6fb84c85512f66a6ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
569228
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
a8f7e348a985fd57c038bbcbcca666e421097835d1becb6df2c7165c646b5227

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 01 Dec 2022 15:02:31 GMT
/
onetag-sys.com/usync/ Frame CCA1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1667314948589
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
d10c5e544972a880b188f42eb7335d043a39f3a35783c5341e34e4b09f447357
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1372
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame A5C0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
33930
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 01 Nov 2022 15:02:32 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 28 Oct 2022 06:00:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
35, 34975
X-Served-By
cache-lga13626-LGA, cache-mel11278-MEL
X-Timer
S1667314952.174487,VS0,VE0
sync
eb2.3lift.com/ Frame 373C
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
f7a247282f05c5986872e3e42ffc4772fe959a398e362e6f47df2972effb48a9

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1083
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:32 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 01 Nov 2022 15:02:32 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 4002 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Nov 2022 15:02:32 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame A1DC 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
337a0ff86fb108f43a9ee58f11221a1c78945db75a20c2ca6f4ed479f0d26e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=157916
content-encoding
gzip
content-length
11833
content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 15:02:32 GMT
expires
Thu, 03 Nov 2022 10:54:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 47F4 		533 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
25717e5d1ed0c53ccd0dd4275e6a29aa8b66fc7d0b95b3e4399edd2bbaab7e0d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Tue, 01 Nov 2022 15:02:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame 79CE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-106.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
34412
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 01 Nov 2022 05:29:01 GMT
etag
W/"73e6cbdab99355b35d71abf2ea225ccb"
last-modified
Fri, 14 Oct 2022 20:27:38 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 b4a15133db3a2b8a3148547f5267d170.cloudfront.net (CloudFront)
x-amz-cf-id
4hCfqEiFsQAZWBp3KsRGUCzhtuBrP3vGmBfOkliHFmf9uDrPzExTgg==
x-amz-cf-pop
MXP63-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:3af1d685-3010-4d5a-b093-b3a07cfff8d4
x-amz-meta-codebuild-content-md5
7549bc6c6d823788ee0fb3e82c36711f
x-amz-meta-codebuild-content-sha256
a4bfb92c455b4ab78db908287ee14cc08cc0080652f1ca29578852e9526e8fda
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 6AE8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
978
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
763583132ef717cf-MEL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 15:02:32 GMT
expires
Tue, 01 Nov 2022 19:02:32 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
us
sync.go.sonobi.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F22059%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F22059%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidde...
  • https://prebid.a-mo.net/cchain/1/22059?gdpr=0&gdpr_consent=&us_privacy=1---&A=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14J...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F22059%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D...
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS03NDljMTExMS1lYjY1LTM0NTYtYTYyZS1iZmM5YjVmOG...
0
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A&gdpr=0&gdpr_consent=
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:31 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A&gdpr=0&gdpr_consent=
date
Tue, 01 Nov 2022 15:02:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v2
odr.mookie1.com/t/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52b3421c-b360-4579-8d38-32d80058b81a&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=fb060f3e-aa3a-4c97-89fb-3382d257d44c&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10530401092153677328&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232923304322010812441&ssp=adaptmx&gdpr=0&gdpr_consent=
0
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L9YC9S34-1K-6US9&gdpr=0&us_privacy=1---
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L9YC9S34-1K-6US9&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
9
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L9YC9S34-1K-6US9&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 47F4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2354909183476543857&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2354909183476543857&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2354909183476543857&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 47F4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=82e6f0f6-221c-7056-c7ec-8ea25ad46894&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=74559002-b79d-4ce9-8c63-aa03cf914794&ttd_puid=82e6f0f6-221c-7056-c7ec-8ea25ad46894&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=74559002-b79d-4ce9-8c63-aa03cf914794&ttd_puid=82e6f0f6-221c-7056-c7ec-8ea25ad46894&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=74559002-b79d-4ce9-8c63-aa03cf914794&ttd_puid=82e6f0f6-221c-7056-c7ec-8ea25ad46894&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 47F4
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2E1CMCo8X8AAJW.UgAAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2E1CMCo8X8AAJW.UgAAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
41
Date
Tue, 01 Nov 2022 15:02:32 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":41,"gdpr":false,"ipv4":"103.209.254.5","key":"Y2E1CMCo8X8AAJW.UgAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40288"}
X-SO-Key
Y2E1CMCo8X8AAJW.UgAAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40288
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2E1CMCo8X8AAJW.UgAAAAAA
Cache-Control
private
X-SO-HostName
a-ad40288.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-IP
103.209.254.5
sd
jp-u.openx.net/w/1.0/ Frame 47F4
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARjtJ88qfosQks8ADv_jDtZ9Es8AAAGEM7cqyQ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARjtJ88qfosQks8ADv_jDtZ9Es8AAAGEM7cqyQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
via
1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARjtJ88qfosQks8ADv_jDtZ9Es8AAAGEM7cqyQ
cache-control
no-cache
content-length
0
x-amz-cf-id
eIbCrlrabxgv4U3OvLrLELiUExGXOJAMyAz_lfY6NzM_oZ5EaV1Irg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 47F4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWU4OTIzM2MtZWI2Yi0yZWYyLWQyMGMtZDQxYjkwMzZhNmY0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 47F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHZxEMNsgAhHKDrEtjceTwc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHZxEMNsgAhHKDrEtjceTwc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHZxEMNsgAhHKDrEtjceTwc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A5C0 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:32 GMT
AN-X-Request-Uuid
96b5f1cf-215f-4042-b688-b6aa66b0c951
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0AE8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2123dee96e083a7cbcd4c5dc4f68a4f769123c4a6597018b8a5f252279606bc

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76358316cc8b5a4f-MEL
content-encoding
br
content-type
text/html
date
Tue, 01 Nov 2022 15:02:32 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvcuMrRPqAN%2Brz0%2BYENYZhMfAkdomdjakfkQ3gF0yBwWKrxqPg5ZBipqqWeZPKNofqD1JaQ6bq1KIF5vhLE37smbJOeI1%2BmvYUxCZWDvOKcsyQ1xpnWTxgdAndGTntiFnJ4wGXw31w6Bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
763583150c245a7f-MEL
content-length
0
date
Tue, 01 Nov 2022 15:02:32 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0wKAxeYXFoJXKeWCgM5hBQd30Y5jS%2Fk6Wgj8JyhH4sFZ9wuJSoROy7gXreO4qG1j7AY%2B96X0Bp3LSmUuQpvg4Jt8UKLSewkHwAvyiGOOVrLbuYK0HyMnG2x%2BdfExhLnqnDmNNhUgkcoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/match/ Frame CCA1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Tue, 01 Nov 2022 15:02:32 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Nov 2022 15:02:31 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CCA1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame CCA1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=893519410280744005
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=893519410280744005
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:32 GMT
AN-X-Request-Uuid
d3042ee4-89f6-4052-be06-4014ba040378
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=893519410280744005
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CCA1 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=bqsiNB55DgzCgIurkafwoK7XadFAs7-X06bx3a1T1Yk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CCA1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhDO3KbNHB_LguewW-3HSvnl54iLCODuo5Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhDO3KbNHB_LguewW-3HSvnl54iLCODuo5Q
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhDO3KbNHB_LguewW-3HSvnl54iLCODuo5Q
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame CCA1 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:32 GMT
content-length
0
/
onetag-sys.com/match/ Frame CCA1
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCIjqhJsGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Tue, 01 Nov 2022 15:02:33 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame CCA1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yH8ccnkm2X_eTX0B218VTX7qqDSLp0tKzz1sxR9NoC8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yH8ccnkm2X_eTX0B218VTX7qqDSLp0tKzz1sxR9NoC8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YQSJC2PC9BNY9829PT74
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yH8ccnkm2X_eTX0B218VTX7qqDSLp0tKzz1sxR9NoC8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame CCA1 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:32 GMT
content-length
0
/
onetag-sys.com/match/ Frame CCA1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPOPUlMHUiXbz5fuu66qufA&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPOPUlMHUiXbz5fuu66qufA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPOPUlMHUiXbz5fuu66qufA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame CCA1 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame CCA1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame CCA1 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1667314948589
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 4002 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20236
Connection
keep-alive
Content-Length
9455
Expires
Tue, 01 Nov 2022 20:39:48 GMT
sync
gum.criteo.com/ Frame A1DC 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
282650
expires
60
usync.html
eus.rubiconproject.com/ Frame AAC1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Nov 2022 15:02:33 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 01 Nov 2022 15:02:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 78F2
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Drkt%26refUrl%3D%26vid%3D731495252731031654615301420...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=rkt&refUrl=&vid=73149525273103165461530142000V10&ovsid=1917759394584409181
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=rkt&refUrl=&vid=73149525273103165461530142000V10&ovsid=1917759394584409181
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Tue, 01 Nov 2022 15:02:33 GMT
expires
Tue, 01 Nov 2022 15:02:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Tue, 01 Nov 2022 15:02:33 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=rkt&refUrl=&vid=73149525273103165461530142000V10&ovsid=1917759394584409181
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B2E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87649
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 15:02:32 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 02 Nov 2022 15:23:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame A1DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dapx%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=apx&refUrl=&vid=73149525273103165461530142000V10&ovsid=893519410280744005
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=apx&refUrl=&vid=73149525273103165461530142000V10&ovsid=893519410280744005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 01 Nov 2022 15:02:33 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:32 GMT
AN-X-Request-Uuid
64d89f24-bf15-412c-af5c-8afb5e9a4b3e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=apx&refUrl=&vid=73149525273103165461530142000V10&ovsid=893519410280744005
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame A1DC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3103165461530142...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=opx&refUrl=&vid=73149525273103165461530142000V10&ovsid=4aca9969-891c-4ab6-a4a3-f0cce83bfa48
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=opx&refUrl=&vid=73149525273103165461530142000V10&ovsid=4aca9969-891c-4ab6-a4a3-f0cce83bfa48
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:33 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Tue, 01 Nov 2022 15:02:33 GMT

Redirect headers

date
Tue, 01 Nov 2022 15:02:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3103165461530142000V10&type=opx&refUrl=&vid=73149525273103165461530142000V10&ovsid=4aca9969-891c-4ab6-a4a3-f0cce83bfa48
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame A1DC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dmma%26refUrl%3D%26vid%3D731495252731031654615301...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=mma&refUrl=&vid=73149525273103165461530142000V10&ovsid=ab586361-3506-4000-a74d-405dad1f9ad7
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=mma&refUrl=&vid=73149525273103165461530142000V10&ovsid=ab586361-3506-4000-a74d-405dad1f9ad7
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 01 Nov 2022 15:02:33 GMT

Redirect headers

Date
Tue, 01 Nov 2022 15:02:32 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=mma&refUrl=&vid=73149525273103165461530142000V10&ovsid=ab586361-3506-4000-a74d-405dad1f9ad7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Nov 2022 15:02:31 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A1DC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dr1%26refUrl%3D%26vid%3D73149525273103165461...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dr1%26refUrl%3D%26vid%3D73149525273103...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2080097453
  • https://sync.1rx.io/usersync/tradedesk/74559002-b79d-4ce9-8c63-aa03cf914794
  • https://sync.targeting.unrulymedia.com/csync/RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-115fce68-e...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
date
Tue, 01 Nov 2022 15:02:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX115fce68ef0a45b0876bd2a4577ae207004
content-type
text/html
cksync.php
contextual.media.net/ Frame A1DC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Ddxu%26refUrl%3D%26vid%3D73149525273103165461530...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Ddxu%26refUrl%3D%26vid%3D73149525273103165...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=dxu&refUrl=&vid=73149525273103165461530142000V10&ovsid=EwYaeG8W1OPSMF5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=dxu&refUrl=&vid=73149525273103165461530142000V10&ovsid=EwYaeG8W1OPSMF5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 01 Nov 2022 15:02:33 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0be4466892d3f37f0@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=dxu&refUrl=&vid=73149525273103165461530142000V10&ovsid=EwYaeG8W1OPSMF5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame A1DC 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
319695
expires
Tue, 01 Nov 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame A1DC 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame A1DC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dzem%26refUrl%3D%26vid%3D73149525273103165461530142...
  • https://stags.bluekai.com/site/23178?id=7GBKCMoAXfOFrh4_QShi&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJXI5BEWQ2NN5AVQZSPIZZGQNC7KFJWQ...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=7GBKCMoAXfOFrh4_QShi&refUrl=&type=zem&vid=73149525273103165461530142000V10&vsid=3103165461530142000V10
0
0
cksync.php
contextual.media.net/ Frame A1DC
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3103165461530142000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3103165461530142000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=c64b5563-b536-4ea6-8a23-eaa4ef41f755&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=c64b5563-b536-4ea6-8a23-eaa4ef41f755&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 01 Nov 2022 15:02:34 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=c64b5563-b536-4ea6-8a23-eaa4ef41f755&cs=1
Date
Tue, 01 Nov 2022 15:02:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame A1DC 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Demx%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.195.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-195-161.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame A1DC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=74559002-b79d-4ce9-8c63-aa03cf914794
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=74559002-b79d-4ce9-8c63-aa03cf914794
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:32 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Tue, 01 Nov 2022 15:02:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=74559002-b79d-4ce9-8c63-aa03cf914794
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
video.php
www.facebook.com/v3.2/plugins/ Frame ECA7 		184 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9f881ac8a799afc2d106cc7f0c50885f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
450e19ab34a315b13c1e2846ab90d59944824091cdd6d59ea39a1bdf0dfa8f09
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 01 Nov 2022 15:02:33 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v8.0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
RlhGNb76BKKtZttGAh9+T4LzEupzdDVn1oGWfEibkt3nlMwfCxoc2gh9VjT0NDL0ASkMDeC0+BTJOUltZ/in2g==
x-fb-rlafr
0
x-xss-protection
0
xuid
eb2.3lift.com/ Frame 373C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=74559002-b79d-4ce9-8c63-aa03cf914794&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=74559002-b79d-4ce9-8c63-aa03cf914794&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 01 Nov 2022 15:02:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=74559002-b79d-4ce9-8c63-aa03cf914794&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 373C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4MDk1ODE2MjE2NDIyMDUyMTExNQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 373C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPwRXugFmDrrQJQvUAUxSZ4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPwRXugFmDrrQJQvUAUxSZ4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 01 Nov 2022 15:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPwRXugFmDrrQJQvUAUxSZ4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 373C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4MDk1ODE2MjE2NDIyMDUyMTExNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4MDk1ODE2MjE2NDIyMDUyMTExNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4MDk1ODE2MjE2NDIyMDUyMTExNQ%3D%3D
date
Tue, 01 Nov 2022 15:02:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 373C
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3680958162164220521115&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3680958162164220521115&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e57cfda-2cb5-4a45-9f55-5965466f9f05&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e57cfda-2cb5-4a45-9f55-5965466f9f05&_noobservation=1&_expected_cookie=d648db5...
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e57cfda-2cb5-4a45-9f55-5965466f9f05&_noobservation=1&_expected_cookie=d648db5a1b25ce7e73dacf359871f84d
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Tue, 01 Nov 2022 15:02:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7635831e2e4317ca-MEL
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e57cfda-2cb5-4a45-9f55-5965466f9f05&_noobservation=1&_expected_cookie=d648db5a1b25ce7e73dacf359871f84d
date
Tue, 01 Nov 2022 15:02:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7635831d0d8917ca-MEL
content-length
0
xuid
eb2.3lift.com/ Frame 373C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3680958162164220521115&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0b96bd3a-4512-441d-81dd-abe60a7cd6e2&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=52b3421c-b360-4579-8d38-32d80058b81a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=52b3421c-b360-4579-8d38-32d80058b81a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=52b3421c-b360-4579-8d38-32d80058b81a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 01 Nov 2022 15:02:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 373C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3680958162164220521115?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-jkDNe.NE2oTFarDmNIhJKLDiZmHTnekaI2rIILC6hA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jkDNe.NE2oTFarDmNIhJKLDiZmHTnekaI2rIILC6hA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 01 Nov 2022 15:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jkDNe.NE2oTFarDmNIhJKLDiZmHTnekaI2rIILC6hA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 373C
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3680958162164220521115
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3680958162164220521115&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3680958162164220521115&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SWBNDZA234PTEMVBR7FC
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3680958162164220521115&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 373C 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3680958162164220521115&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 11877534CECF445AADBC4453329C099A Ref B: MEL01EDGE1518 Ref C: 2022-11-01T15:02:32Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 373C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=VnJV66llWbxWZiXZkxIq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KZXEUVRWGZWGY...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=VnJV66llWbxWZiXZkxIq
0
0
tap.php
pixel.rubiconproject.com/ Frame 4002
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=&expires=30
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4002
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SfRtmb0YR_Gpei1UsGWUNg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SfRtmb0YR_Gpei1UsGWUNg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SfRtmb0YR_Gpei1UsGWUNg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Server
52.94.223.167 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D4FJNYBP0QZWK4B94H95
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SfRtmb0YR_Gpei1UsGWUNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4002
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENwjwRWMgayUoobJLiki2-k&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENwjwRWMgayUoobJLiki2-k&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENwjwRWMgayUoobJLiki2-k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4002
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LxGXQgIATeK0CroVkrVMVw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=LxGXQgIATeK0CroVkrVMVw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=LxGXQgIATeK0CroVkrVMVw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9WMGFC6SJA23PJWQYDE7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=LxGXQgIATeK0CroVkrVMVw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 4002
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9YC9S34-1K-6US9
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9YC9S34-1K-6US9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:32 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9F2E71B6E4D64974BA014E47951C19CC Ref B: MEL01EDGE1509 Ref C: 2022-11-01T15:02:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsagOJsQzdWdHDzxMyFQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9YC9S34-1K-6US9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4002
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tiuhnxbMCNjQhj9ps1qg_sn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2846431533973872647
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2846431533973872647
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2846431533973872647
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4002
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZQzlTMzQtMUstNlVTOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZQzlTMzQtMUstNlVTOQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZQzlTMzQtMUstNlVTOQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4002
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmY3OTM1MWQ5ZTk0MGU0YjNlMTZmYzdhY2RlNTA4MGY5Y2I3YTQwZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmY3OTM1MWQ5ZTk0MGU0YjNlMTZmYzdhY2RlNTA4MGY5Y2I3YTQwZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmY3OTM1MWQ5ZTk0MGU0YjNlMTZmYzdhY2RlNTA4MGY5Y2I3YTQwZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
activeview
pagead2.googlesyndication.com/pcs/ Frame 8398 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviFP0hQfS9wn7QePNGZcsGCHZSP9NvUzlgG5UbjkfKv0bX_6a73MNiiPbz9aaSH4uMNfZp_HS7Q_1Dabjf7BRZha_q&sig=Cg0ArKJSzNlN-bRSJATHEAE&cid=CAASFeRoh7pIQZFQezsDJz5csNNhav21DQ&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221031&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667314949667&rpt=2100&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0AE8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VS0WHDM7FYMBXZCG5KMN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QV7M54TJJSDP1RT4H5KD
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0AE8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2E1CMfbrAsjdOSeGuHmMgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJtOPP63dB8MnEPxFaC1238&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJtOPP63dB8MnEPxFaC1238&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJtOPP63dB8MnEPxFaC1238&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0AE8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=74559002-b79d-4ce9-8c63-aa03cf914794&expiration=1669906953&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=74559002-b79d-4ce9-8c63-aa03cf914794&expiration=1669906953&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=74559002-b79d-4ce9-8c63-aa03cf914794&expiration=1669906953&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 0AE8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELcYeNHFcJt6eF1KfWPX-bQ&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELcYeNHFcJt6eF1KfWPX-bQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhIyq5qApiRzkXHk2Mm%2BMzDs9yCUqtddCS1VmrlY6m0B0%2Bs7pEut28BaExrBCfPFBdAlmGBrD%2FvfeIWxNCGf73welRZgVjIlaE%2Fq6RgxvxhBBaFv54W2RZ5PdIqnF%2B%2FHLo4cxYPOt%2FgduA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
763583195ed25a4f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELcYeNHFcJt6eF1KfWPX-bQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0AE8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.4.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 0AE8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y2E1CQAAAOgmnQAT
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2E1CQAAAOgmnQAT&_test=Y2E1CQAAAOgmnQAT
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2E1CQAAAOgmnQAT&_test=Y2E1CQAAAOgmnQAT
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11231-MEL
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1667314953.495947,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2E1CQAAAOgmnQAT&_test=Y2E1CQAAAOgmnQAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 0AE8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ab586361-3506-4000-a74d-405dad1f9ad7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ab586361-3506-4000-a74d-405dad1f9ad7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 01 Nov 2022 15:02:33 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ab586361-3506-4000-a74d-405dad1f9ad7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Nov 2022 15:02:32 GMT
demconf.jpg
dpm.demdex.net/ Frame 0AE8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y2E1CMfbrAsjdOSeGuHmMgAA%264797?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2E1CMfbrAsjdOSeGuHmMgAA%264797
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2E1CMfbrAsjdOSeGuHmMgAA%264797
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.76.121.184 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-121-184.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-014faf399.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4BwvprDORbc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse-2-v042-0211422c6.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
PpFHT40HQLs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2E1CMfbrAsjdOSeGuHmMgAA%264797
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0AE8 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y2E1CMfbrAsjdOSeGuHmMgAA%264797
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
59684
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
763583195a0f5aa0-MEL
content-length
43
expires
Wed, 02 Nov 2022 15:02:33 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CADB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87648
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 15:02:33 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 02 Nov 2022 15:23:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame E9B4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.50.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-50-121.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a63d06220c1eeda5d5faad087a3b8e039a3edab3c4c53d40033b8728fa8430d6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 01 Nov 2022 15:02:33 GMT
etag
W/"031fe1d459ae741decbd201b6f5a7099d"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 8356 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
532bf71a162f922ef1cb6d84c617a2283db388b0d4df72634e10152391eeeadc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1397
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 214A 		566 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
386a64273f8f4b4dd950764afe44bb02771440f7ec086c48061cf627d72be9e2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
566
content-type
text/html
date
Tue, 01 Nov 2022 15:02:32 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 678B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59cf6803210ead340e30c25dfb0fd94abad99c8b549a55848539b4e266004d05

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
763583185de25a4f-MEL
content-encoding
br
content-type
text/html
date
Tue, 01 Nov 2022 15:02:33 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiQkDji0L%2Bj9xGftFri%2BOUiKt3vNncdCkUmRoVQkdc3B1Ttv5KRh79NGFJ2TT9fP8EKENysq%2BZUbGEiUzU2zKrgz672dEw%2Fnn7%2BBRG3M%2BL2ecMZF4ZUJGYNrb41HOS%2FcfNut2TmVdWGR2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2A5E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Nov 2022 15:02:33 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 01 Nov 2022 15:02:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C667 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87648
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 15:02:33 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 02 Nov 2022 15:23:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
x.yieldlift.com/ Frame 79CE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9YC9S34-1K-6US9&gdpr=0&us_privacy=1YN-
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9YC9S34-1K-6US9&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
138.197.50.103 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9YC9S34-1K-6US9&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
sync
ads.servenobid.com/ Frame 79CE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=893519410280744005
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=893519410280744005
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
AN-X-Request-Uuid
3b95ad4e-58fd-4a97-a2ac-38906fee6201
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=893519410280744005
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 79CE
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FlDmDRZH9d5m1Oj8SqenoaRC
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FlDmDRZH9d5m1Oj8SqenoaRC
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FlDmDRZH9d5m1Oj8SqenoaRC
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 79CE
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FlDmCLZHAMiHLH_fRc-hoCKi
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FlDmCLZHAMiHLH_fRc-hoCKi
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Tue, 01 Nov 2022 15:02:33 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FlDmCLZHAMiHLH_fRc-hoCKi
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 79CE
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=3ccb3ecd-e909-49fe-bccb-4d86c594be0a
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=3ccb3ecd-e909-49fe-bccb-4d86c594be0a
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=314&uid=3ccb3ecd-e909-49fe-bccb-4d86c594be0a
date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
119
vary
Origin
content-type
text/html; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 79CE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1667314953059
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=318002345
  • https://sync.1rx.io/usersync/tradedesk/74559002-b79d-4ce9-8c63-aa03cf914794
  • https://sync.targeting.unrulymedia.com/csync/RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-115fce68-e...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
date
Tue, 01 Nov 2022 15:02:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX115fce68ef0a45b0876bd2a4577ae207004
content-type
text/html
sync
ads.servenobid.com/ Frame 79CE
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1978557991396827271
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1978557991396827271
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1978557991396827271
Date
Tue, 01 Nov 2022 15:02:33 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 79CE 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 79CE
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F20468%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dappnexus%26cbx%...
  • https://prebid.a-mo.net/cchain/1/20468?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=b527d4e4-dd4d-47ff-9700-6d1a0d53fa29&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F20468%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F20468%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date
Tue, 01 Nov 2022 15:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 79CE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuid
eb2.3lift.com/ Frame 79CE
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FlDmCLZHAMiHLH_fRc-hoCKi&r=Cid1YS03NDljMTExMS1lYjY1LTM0NTYtYTYyZS1iZmM5YjVmOGE4NTkqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNz...
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS03NDljMTExMS1lYjY1LTM0NTYtYTYyZS1iZmM5YjVmOGE4NTkqU2h0dHBzOi8vYWRz...
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F27896%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dtriplelift%2...
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F27896%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAzTkRsak1URXhNUzFsWWpZMUxUTTBOVFl0WVRZeVpTMWlabU01WWpWbU9HRTROVGtxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE56UTVZekV4TVRFdFpXSTJOUzB6TkRVMkxXRTJNbVV0WW1aak9XSTFaamhoT0RVNU1nSU1CamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F27896%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Db527d4e4-dd4d-47ff-9700-6d1a0d53fa29%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAzTkRsak1URXhNUzFsWWpZMUxUTTBOVFl0WVRZeVpTMWlabU01WWpWbU9HRTROVGtxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE56UTVZekV4TVRFdFpXSTJOUzB6TkRVMkxXRTJNbVV0WW1aak9XSTFaamhoT0RVNU1nSU1CamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
8
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 79CE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
PugMaster
image6.pubmatic.com/AdServer/ Frame 9B2E 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4826997&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9578a0ebe579c2de23d9baabb2348bac15b8ad090fc7408b0aecfe9f1a24d99a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 15:02:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame 214A 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8736573172528277032&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 214A
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=c449e8d0-7bc5-46bc-9263-fc93ec38fd18&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=c449e8d0-7bc5-46bc-9263-fc93ec38fd18&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=c449e8d0-7bc5-46bc-9263-fc93ec38fd18&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
/
csync.loopme.me/ Frame 214A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 -, , ASN (),
Reverse DNS
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
server
_
redir
rtb-csync.smartadserver.com/ Frame 214A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACCcU7GwmoAAB8VAdylpA&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACCcU7GwmoAAB8VAdylpA&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACCcU7GwmoAAB8VAdylpA&gdpr=0
Date
Tue, 01 Nov 2022 15:02:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 214A
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1532598510
  • https://sync.1rx.io/usersync/tradedesk/74559002-b79d-4ce9-8c63-aa03cf914794
  • https://sync.targeting.unrulymedia.com/csync/RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-115fce68-e...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
date
Tue, 01 Nov 2022 15:02:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX115fce68ef0a45b0876bd2a4577ae207004
content-type
text/html
async_usersync
ib.adnxs.com/ Frame A5C0 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
AN-X-Request-Uuid
b8645a52-75a4-43d4-99ad-d76f393ee4d8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 678B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=893519410280744005
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=893519410280744005
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
AN-X-Request-Uuid
a8b9c6b6-819a-4514-b9ff-bc9a1387ada9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=893519410280744005
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 678B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2354909183476543857
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2354909183476543857
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2354909183476543857
pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 678B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
52.77.4.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 678B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAIlU07GwmoAACE5haopDQ&expiration=1668524554
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAIlU07GwmoAACE5haopDQ&expiration=1668524554
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAIlU07GwmoAACE5haopDQ&expiration=1668524554
Date
Tue, 01 Nov 2022 15:02:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 678B
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682953353&external_user_id=be675e45-3fda-48a3-919c-1b77fb976389
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682953353&external_user_id=be675e45-3fda-48a3-919c-1b77fb976389
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Tue, 01 Nov 2022 15:02:33 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682953353&external_user_id=be675e45-3fda-48a3-919c-1b77fb976389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 678B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=LCHlZEW5IvVZ0ujvApD8&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TCDJBWFU...
0
0
dcm
s.amazon-adsystem.com/ Frame 678B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M312QCACF37CQKCPBK51
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R764XRSJTEDXD9V1D9T0
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 678B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=893519410280744005
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=893519410280744005
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
AN-X-Request-Uuid
7dccb3ab-ef92-4b5c-b080-804749149751
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=893519410280744005
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 678B 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8356
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhDO3LPvvTHd1mkMd4eBnjfITtzd6Gs7KGA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhDO3LPvvTHd1mkMd4eBnjfITtzd6Gs7KGA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhDO3LPvvTHd1mkMd4eBnjfITtzd6Gs7KGA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 8356 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 8356
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Tue, 01 Nov 2022 15:02:33 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Nov 2022 15:02:32 GMT
/
onetag-sys.com/match/ Frame 8356
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=L9YC9S34-1K-6US9&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=L9YC9S34-1K-6US9&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=L9YC9S34-1K-6US9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
/
onetag-sys.com/match/ Frame 8356
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=893519410280744005
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=893519410280744005
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:33 GMT
AN-X-Request-Uuid
5205f7d7-44bf-4e66-b753-d39efdfef6c2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=893519410280744005
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8356 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=yH8ccnkm2X_eTX0B218VTX7qqDSLp0tKzz1sxR9NoC8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 8356
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=8736573172528277032
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=8736573172528277032
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=8736573172528277032
date
Tue, 01 Nov 2022 15:02:33 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 8356
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PnhB3fl1zExV73vcwYY-7faHJxKmzCctNfW4aFdDPFM
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PnhB3fl1zExV73vcwYY-7faHJxKmzCctNfW4aFdDPFM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KKYAMAZD371WQ4BS3Y6A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PnhB3fl1zExV73vcwYY-7faHJxKmzCctNfW4aFdDPFM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 8356
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
date
Tue, 01 Nov 2022 15:01:58 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 8356
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPOPUlMHUiXbz5fuu66qufA&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPOPUlMHUiXbz5fuu66qufA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPOPUlMHUiXbz5fuu66qufA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 8356
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 8356
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=74559002-b79d-4ce9-8c63-aa03cf914794&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
v2
odr.mookie1.com/t/ Frame 8356
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52b3421c-b360-4579-8d38-32d80058b81a&ssp=onetag&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=33b7833e-ab65-4859-9558-a6de0c92be30&ssp=onetag&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10530401092153677328&ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232403304322010809724&ssp=onetag&gdpr=0&gdpr_consent=
0
0
sync
ads.servenobid.com/ Frame 8356 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=yH8ccnkm2X_eTX0B218VTX7qqDSLp0tKzz1sxR9NoC8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
match
c1.adform.net/serving/cookie/ Frame A326 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 01 Nov 2022 15:02:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
/
onetag-sys.com/match/ Frame FD1E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:01:59 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 6D2A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2E1CQAAAH1aDgA7&gdpr=0&gdpr_consent=&_test=Y2E1CQAAAH1aDgA7
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame C7DD
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xni6pxpx2e9
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 3528
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1CzUidEq0ozPetve1C7P3NN5htzPL9GM1SbQn3XV
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame F007
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=893519410280744005&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame A885 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:32 GMT
expires
Tue, 01 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
376657
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
/
onetag-sys.com/match/ Frame 3451
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DcQ-LXDqSlNRfhIrPhlI22fR_gU
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 57AC
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Oiz-HKQjBlm5ok9HBjVhYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 8B86 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 01 Nov 2022 15:02:34 GMT
Pragma
no-cache
Server
nginx
expires
-1
/
onetag-sys.com/match/ Frame 9D41
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=36d706b62e024c5fb5d4e55642afb776
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pxd
dps.jp.cinarra.com/ Frame 73E9 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.176.172 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Tue, 01 Nov 2022 15:02:34 GMT
/
onetag-sys.com/match/ Frame E416
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EwYaeG8W1OPSMF5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame A9E5
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36fb74b0-59f6-11ed-afe4-9113dbb19cb6
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 01 Nov 2022 15:02:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
141
match.deepintent.com/usersync/ Frame 20AC 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 01 Nov 2022 15:02:34 GMT
server
a
cookiesync
core.iprom.net/ Frame FEE8 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 01 Nov 2022 15:02:34 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-2094e62ac3d2@version_1.530v2
X-core-time
0ms
X-server-arch
v2
/
csync.loopme.me/ Frame 475C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 -, , ASN (),
Reverse DNS
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame 9F6A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7635831d6f4b5ac0-MEL
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7635831bbda25ac0-MEL
content-type
text/html
date
Tue, 01 Nov 2022 15:02:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1197
/
onetag-sys.com/match/ Frame 99BC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DA8A55D9C5974F5C90D5B4B2092CE4CA&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
contextual.media.net/ Frame B363 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3103165461530142000V10&type=pba&refUrl=&vid=73149525273103165461530142000V10&ovsid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Tue, 01 Nov 2022 15:02:33 GMT
expires
Tue, 01 Nov 2022 15:02:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=os2oqs2HSpiR5wicNtzbLQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=87648
accept-ranges
bytes
content-length
5549
expires
Wed, 02 Nov 2022 15:23:21 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 9B2E
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
  • https://pippio.com/api/sync?pid=5324&it=1&iv=282404903cfd77934bf69adb04ec64e4ef5b0d92b40b05a1770ceb7472ef4f1d791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyODI0MDQ5MDNjZmQ3NzkzNGJmNjlhZGIwNGVjNjRlNGVmNWIwZDkyYjQwYjA1YTE3NzBjZWI3NDcyZWY0ZjFkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyODI0MDQ5MDNjZmQ3NzkzNGJmNjlhZGIwNGVjNjRlNGVmNWIwZDkyYjQwYjA1YTE3NzBjZWI3NDcyZWY0ZjFkNzkxNDI2YjU0MTdkY2UyMRAAGgwIieqEmwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ff953534-b822-400b-8b46-1af57e77d7cc
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=ff953534-b822-400b-8b46-1af57e77d7cc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=ff953534-b822-400b-8b46-1af57e77d7cc
date
Tue, 01 Nov 2022 15:02:34 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 9B2E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ab586361-3506-4000-a74d-405dad1f9ad7
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ab586361-3506-4000-a74d-405dad1f9ad7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 01 Nov 2022 15:02:33 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ab586361-3506-4000-a74d-405dad1f9ad7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 01 Nov 2022 15:02:32 GMT
/
onetag-sys.com/match/ Frame 9B2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTJDREE4QUEtQ0Q4Ny00QTk4LTkxRTctMDg5QzM2RENEQjJE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 9B2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG9bToU8AdcnkcXrzXYtkRA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
pubmatic
um.simpli.fi/ Frame 9B2E 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 31 Oct 2022 15:02:33 GMT
A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9B2E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.4.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 9B2E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=74559002-b79d-4ce9-8c63-aa03cf914794
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=74559002-b79d-4ce9-8c63-aa03cf914794
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=74559002-b79d-4ce9-8c63-aa03cf914794
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
SPug
image4.pubmatic.com/AdServer/ Frame 9B2E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_6OYEpJE2uWwk11MyAQkRi97CIZQONs-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_6OYEpJE2uWwk11MyAQkRi97CIZQONs-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_6OYEpJE2uWwk11MyAQkRi97CIZQONs-~A&gdpr=0&gdpr_consent=
date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 9B2E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6701514113505691929
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
v2
odr.mookie1.com/t/ Frame 9B2E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52b3421c-b360-4579-8d38-32d80058b81a&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10530401092153677328&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=82a3cce0-473b-47c8-8981-aa850cd7c1bb&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10530401092153677328&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232233304322010808762&ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame 9B2E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2354909183476543857&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 9B2E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=893519410280744005
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=893519410280744005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
AN-X-Request-Uuid
0bd12760-d02b-4782-bb86-a07bed8164bc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=893519410280744005
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 9B2E
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=cf8011f8cd20a8&is_secure=true&networkId=17100&version=1&nuid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMTBVoVOdyrwMcwsaYAAAAAAA&expiration=1667401354&nuid=A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Tue, 01 Nov 2022 15:02:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
d1ba4609
rtb.gumgum.com/getuid/ Frame 9B2E 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3103165461530142000V10%26type%3Dpba%26refUrl%3D%26vid%3D73149525273103165461530142000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.50.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-50-121.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:33 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
static.criteo.net/design/dt/39665/220428/ Frame 99B7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/39665/220428/2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
69f12d85abfad64d722551b2a4d1abfb01e78a19a8c642a81010ba10850ed0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 14:51:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626aaa05-7332"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
29490
expires
Fri, 27 Oct 2023 15:02:33 GMT
KEpGMgGuW8S.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ Frame ECA7 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/KEpGMgGuW8S.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d904a67baf64ba006dfa178fad069e3ded4c81900fc5f647ab4c4e2d68248471
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ur8J/r6zvVQkML53EV+SNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7408
x-fb-rlafr
0
x-fb-debug
DgSBcjQgkR0W/kbSy59PmL7XjLBa4HL4pZd02L7eUgrLAMwnM9sd4IUABgnvYVRdyNmUQtvB0wDuSHwfhwoXVw==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Oct 2023 16:45:10 GMT
BkrC5Gdn2HA.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame ECA7 		549 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/BkrC5Gdn2HA.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
1758c4933cd14a3f56081f5240d67a147716235c5f3fd45a996567b92a9ed5f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iTxLNdQgrzECKfLF6dlbKw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
135823
x-fb-rlafr
0
x-fb-debug
oEkqIc9kAHa+bwWI/qo2qrYJPhL3GAbgnL+IeXTrkVqf9Kyo4qvn1Loa01eC8UEanxq0mYqo5p1VD6nWDY1GDg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Nov 2023 04:23:12 GMT
60RbyMN2YMn.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame ECA7 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/60RbyMN2YMn.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
1ee2ce20316d2e57f46b4866a408bc07f0b3e3911796bfbc7f7862f4b8017a63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
l6Y+uYMzBVJ3tZz/F+7OTQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3185
x-fb-rlafr
0
x-fb-debug
haM3DOCAMahjWbEihdpDHyyNa31Zx0EnJa4ga02bjlswHQg/dYQb3NQPMogh+OMyzHGUoDOB7jbwQmqxEcGyng==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 27 Oct 2023 17:21:33 GMT
_DDxAn3nmvH.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame ECA7 		322 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
ec68e0194edd00f3db1ef0da78c4d8b7ebfbbe5f1933f6565df229f01244b0e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sm1urTM4bOCxPEiSHeCYpg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88842
x-fb-rlafr
0
x-fb-debug
cbt8Bh9Jnqyu6ABkDGWSOhSLF5a1CQ3vE4f+VJmned16rSjaV61HYUbuCAXoTPz+oWWJCdf9cYIBjhZsvSplhQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:27:57 GMT
XrH1cI5fwqe.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/yp/l/en_US/ Frame ECA7 		138 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yp/l/en_US/XrH1cI5fwqe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
ed247a59f0c56f2f0ceb1bb0aafeb1450d370f28b7a99c421163d9da7a958d3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3ZqopKiF3DWzrVU0g/MXvw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
38457
x-fb-rlafr
0
x-fb-debug
c4ep013amDc/smTy+P5pVCFSYH2NxZ+NyXxVqCD3jNfSWtnjfbrfXjpz16DFcPiVhdbaiZ7sK6eActNfGLT4Sw==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 25 Oct 2023 18:02:00 GMT
u2UUj5Q91m8.js
static.xx.fbcdn.net/rsrc.php/v3isyK4/yo/l/en_US/ Frame ECA7 		533 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3isyK4/yo/l/en_US/u2UUj5Q91m8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d8f3a31dd126649fe7799a1d21a5887f879b5fff8efa6a792980cf2e2b251807
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iqVPxpKRj3t8um7EGGlaeQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
124916
x-fb-rlafr
0
x-fb-debug
T62h6RcIJmfHa9C6367HxXyx96RqV0I35rjbFEQbVfUlN9AAooO+jl6HBx2QzyH3yfLFCR7ap0FRhwOkw0r6zQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 28 Oct 2023 19:41:07 GMT
86zjR2VuPYU.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yX/l/en_US/ Frame ECA7 		414 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yX/l/en_US/86zjR2VuPYU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
ea4e590b7e69dbfb0eed5e9204316ebf745fa42740851e6e33c14c2640bc7417
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
A4Cbn8zzjeqgPeQBUtZshw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
99237
x-fb-rlafr
0
x-fb-debug
p9uwS8ExznYl8+wtAROWpDZkb8jJeNpbbD2eRuniSUG3NQsynhhiKGX33KQamy2U6erYvF14yA6ekVFWjnAVYQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 Oct 2023 20:23:54 GMT
KM4vffuo-0L.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame ECA7 		2 KB
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/KM4vffuo-0L.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SuHjmWcicjHzSu82QnUDDg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
788
x-fb-rlafr
0
x-fb-debug
8OZqmukwg7LQNLyOFKTtlKKgeUezNNodqFJ7whczchlQi6BkWt4CanVWijEIeGdn0ZvV8kTX7dN+ZqyL6vNvKw==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=2
expires
Thu, 26 Oct 2023 22:44:36 GMT
K8zu4AOFDBx.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame ECA7 		216 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/K8zu4AOFDBx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
f83fbdd5fd889fbf12d970e12e242e3bbcaf41b04cc6a38451327ca585dcfaf4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
o8twn/M1ZGz614SfRQA09w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54579
x-fb-rlafr
0
x-fb-debug
S6TGYh9jSs4EFdVJDk1x/xPkS9HIkWo6ahJ9N94UqZEPd6PKE8f5KwO93jzE03uKg/c8dOqc9l9ZnjU8P9DVMA==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 01 Nov 2023 00:26:43 GMT
EjBOWEzt8at.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame ECA7 		97 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/EjBOWEzt8at.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
07f2a2428f6f9f2366c11a0e24ae66525ad9a5f8b9353593b1f21f5c7ffa1b44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
o0vkM/n3x5MJzpMCDmbm3Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26144
x-fb-rlafr
0
x-fb-debug
WrfEIzZfT0bdAMkSLClPDZYCe3VdKdLqLc/xHZxdkh9n8tiEqmagbHEy/HgpJpN/NHQKwdk1pJYgwSnLDUoQdA==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:19:06 GMT
309816060_4091206777670327_7398205517251317440_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t15.5256-10/ Frame ECA7 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-syd2-1.xx.fbcdn.net/v/t15.5256-10/309816060_4091206777670327_7398205517251317440_n.jpg?stp=dst-jpg_p280x280&_nc_cat=1&ccb=1-7&_nc_sid=08861d&_nc_ohc=cGgzqU5LLdwAX91rbEY&_nc_oc=AQlyDtMIALhmNQww49UvFNpyKw51rnH36oOKdnBMu8H09XSonc4BtVUrQOXB0H9ZpvE&_nc_ht=scontent-syd2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfBQdPWx0vLm2qpzbKft--PXwxIVUAFB1XwEck-OYHrwFw&oe=6366235B
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bc67a7c454473e19a287c488ea6bcb8533e16d0fa50eded3a6366b1f2cd4d18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
4184733895
date
Tue, 01 Nov 2022 15:02:35 GMT
x-fb-trip-id
2030378118
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Tue, 01 Nov 2022 13:40:15 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=4170477912
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3341797919
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
24199
6UnTpdMzDQS.png
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame ECA7 		0
0
308002531_1326794661455864_3086624925123402337_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/ Frame ECA7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/308002531_1326794661455864_3086624925123402337_n.jpg?stp=cp0_dst-jpg_p74x74&_nc_cat=104&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=62GdiNOt9cAAX9x9VyX&_nc_oc=AQnoh8rtTG7cKqlG9p75tBn_vVf9sWSrP_GbzbAS3Jin-x-Wzzf5n-O2TNHXu5W2Z-g&_nc_ht=scontent-syd2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfCa6Wt9UO7R54s_mgJJGpCUHLHT7CG7SxWVuJa9FRInOw&oe=6366BFFF
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bf177cc9f969e68ce3471d9fec5fafea111f97ef041f4d924a022894767e5da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1456304559
date
Tue, 01 Nov 2022 15:02:35 GMT
x-fb-trip-id
2030378118
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 22 Oct 2022 22:00:27 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1067133867
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1001104753
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
2663
usync.js
eus.rubiconproject.com/ Frame 2A5E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20235
Connection
keep-alive
Content-Length
9455
Expires
Tue, 01 Nov 2022 20:39:48 GMT
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=893519410280744005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=893519410280744005
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
AN-X-Request-Uuid
6ea65c89-f27e-46a8-849c-06346c9d923b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=893519410280744005
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_03f0ca1c-1d63-4af5-91b2-d2cef3f854db&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=iObVGY3g0xyTsNpOiOTOTI-zh0yT5dAciexElKiZ
  • https://usersync.gumgum.com/usersync?b=bsw&i=52b3421c-b360-4579-8d38-32d80058b81a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=52b3421c-b360-4579-8d38-32d80058b81a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=52b3421c-b360-4579-8d38-32d80058b81a
Date
Tue, 01 Nov 2022 15:02:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0dc43e2d-70ea-4a53-517e-122b3e1948db$ip$103.209.254.5
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-0dc43e2d-70ea-4a53-517e-122b3e1948db$ip$103.209.254.5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-0dc43e2d-70ea-4a53-517e-122b3e1948db$ip$103.209.254.5
Date
Tue, 01 Nov 2022 15:02:33 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_03f0ca1c-1d63-4af5-91b2-d2cef3f854db&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=NH8D18iMLnikIEXYgkWb&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TSIHBCDCODJJVGG42LLJFCVQWLHNNLWE...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=NH8D18iMLnikIEXYgkWb&us_privacy=1---
0
0
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004&rndcb=7989670818
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=52b3421c-b360-4579-8d38-32d80058b81a&google_hm=NTJiMzQyMWMtYjM2MC00NTc5LThkMzgtMzJkODAwNThi...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJOPqvjZRAnEqKRya6ZWVco&google_cver=1&ssp=adconductor&bsw_param=52b3421c-b360-4579-8d38-32d80058b81a
  • https://sync.1rx.io/usersync/bidswitch/52b3421c-b360-4579-8d38-32d80058b81a?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
0
0
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=G21ZG6my4Jql&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=G21ZG6my4Jql&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=G21ZG6my4Jql&ev=1&pid=558355
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-54778c9bbd-w6pkj
expires
-1
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28PqcCElQaQnIHJlVOJUcEnIFzJZHX97GVQtYJ6a9X7Juia2-2YWVhMMkNzhCZDft_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
0
0
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=75db5486-0a09-4800-a097-9e4f928469d2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=75db5486-0a09-4800-a097-9e4f928469d2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 01 Nov 2022 15:02:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=75db5486-0a09-4800-a097-9e4f928469d2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-0AdcpkVE2pdtRa.PEMRvnPyk8X7KWiwcJezw~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-0AdcpkVE2pdtRa.PEMRvnPyk8X7KWiwcJezw~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 01 Nov 2022 15:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-0AdcpkVE2pdtRa.PEMRvnPyk8X7KWiwcJezw~A
content-length
0
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=296e3200-92d9-4d39-a473-9dd14d621e73
0
0
services
sync.technoratimedia.com/ Frame E9B4 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.26.45 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:34 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
684584127
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame E9B4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=87a6f697-c01b-46ee-942b-759cfb21aa09
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=87a6f697-c01b-46ee-942b-759cfb21aa09
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 01 Nov 2022 15:02:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=87a6f697-c01b-46ee-942b-759cfb21aa09
access-control-allow-origin
*
date
Tue, 01 Nov 2022 15:02:34 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame E9B4
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8736573172528277032
0
0
sync
ads.servenobid.com/ Frame E9B4 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_03f0ca1c-1d63-4af5-91b2-d2cef3f854db
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:33 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 20C6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87648
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 01 Nov 2022 15:02:33 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 02 Nov 2022 15:23:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 82FB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=74559002-b79d-4ce9-8c63-aa03cf914794
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=74559002-b79d-4ce9-8c63-aa03cf914794
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 01 Nov 2022 15:02:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Tue, 01 Nov 2022 15:02:33 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=74559002-b79d-4ce9-8c63-aa03cf914794
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 3E72
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 01 Nov 2022 15:02:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 01 Nov 2022 15:02:33 GMT
Expires
Tue, 01 Nov 2022 15:02:32 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master nrt-pixel-x7 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=ab586361-3506-4000-a74d-405dad1f9ad7&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame A49B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y2E1CQAAAH1aDgA7&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y2E1CQAAAH1aDgA7&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 01 Nov 2022 15:02:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 01 Nov 2022 15:02:33 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y2E1CQAAAH1aDgA7&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11231-MEL
x-timer
S1667314954.754563,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4165 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wM2YwY2ExYy0xZDYzLTRhZjUtOTFiMi1kMmNlZjNmODU0ZGI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 01 Nov 2022 15:02:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame CA0A 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.195.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-195-161.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 01 Nov 2022 15:02:33 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame CCB1
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y2E1CcCo8X8AAJW.UkQAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y2E1CcCo8X8AAJW.UkQAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 01 Nov 2022 15:02:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 01 Nov 2022 15:02:34 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y2E1CcCo8X8AAJW.UkQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
151
X-SO-Cluster-ID
57
X-SO-HostName
m-ad377.dc4p.scaleout.jp
X-SO-IP
103.209.254.5
X-SO-Key
Y2E1CcCo8X8AAJW.UkQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":57,"gdpr":false,"ipv4":"103.209.254.5","key":"Y2E1CcCo8X8AAJW.UkQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad377"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad377
gumgum
cs.admanmedia.com/sync/ Frame 6845 		0
0
usersync
usersync.gumgum.com/ Frame AB15
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y2E1CCaLQ3UUI9ms.cYTAwAA%265329
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y2E1CCaLQ3UUI9ms.cYTAwAA%265329
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 01 Nov 2022 15:02:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7635831cfa395a4f-MEL
content-length
0
date
Tue, 01 Nov 2022 15:02:33 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y2E1CCaLQ3UUI9ms.cYTAwAA%265329
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh6NCko3tM%2FpxVUNd1yVp4n4RwCHjgjnQSsEDXTb4%2F2w5%2FG7o6IIwKcGggeQp%2FJyHvwKeTks00qBPYoF%2BIDFZtErTkYUgIXfT9l1YR5UOSa%2B%2FENFz0%2FKhKthKVKOSGSyoeZioMbEs4k8%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C119
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=zFx2rhZvR8tvpiW8kQBk&pi=gumgum&tc=1
0
0
usync.html
eus.rubiconproject.com/ Frame FEBA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 01 Nov 2022 15:02:34 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 01 Nov 2022 15:02:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame AAC1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20235
Connection
keep-alive
Content-Length
9455
Expires
Tue, 01 Nov 2022 20:39:48 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2A5E 		0
0
cksync.php
contextual.media.net/ Frame AAC1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L9YC9S34-1K-6US9
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9YC9S34-1K-6US9
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9YC9S34-1K-6US9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 01 Nov 2022 15:02:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 01 Nov 2022 15:02:34 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9YC9S34-1K-6US9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
usync.js
eus.rubiconproject.com/ Frame FEBA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 15:02:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20234
Connection
keep-alive
Content-Length
9455
Expires
Tue, 01 Nov 2022 20:39:48 GMT
usersync
usersync.gumgum.com/ Frame FEBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9YC9S34-1K-6US9
  • https://usersync.gumgum.com/usersync?b=mag&i=L9YC9S34-1K-6US9
0
0
osAc2BgH3LM.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame ECA7 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/osAc2BgH3LM.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/BkrC5Gdn2HA.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/BkrC5Gdn2HA.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
x-content-type-options
nosniff
content-md5
DnVYlzyCsKB1noM5W7r9UA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18900
x-fb-rlafr
0
x-fb-debug
+Ll1ruu6I0TSVfYu79vxbJLQpio5niPaIm/iWjDCHGKJRV46SazcKKkko2et2/EyjqR9YmU1N7CIppXat16dBQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 23 Oct 2023 15:22:45 GMT
308002531_1326794661455864_3086624925123402337_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/ Frame ECA7 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/308002531_1326794661455864_3086624925123402337_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=104&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=62GdiNOt9cAAX9x9VyX&_nc_oc=AQnoh8rtTG7cKqlG9p75tBn_vVf9sWSrP_GbzbAS3Jin-x-Wzzf5n-O2TNHXu5W2Z-g&_nc_ht=scontent-syd2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfCvxCia3jytoGwIGBOjB_ELbpCbmhLTctspVCHhJau2uw&oe=6366BFFF
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa940682dd668c%26domain%3Dadx.holmesmind.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fadx.holmesmind.com%252Ff3c6cfd78f3ae%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FHuiBeiBei712%2Fvideos%2F445617184309415&locale=en_US&sdk=joey&show_text=false&width=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdae277a968d70677b7d4199114f28793fa1f9d945f4d218cd8edb3c0a83c0f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1456304559
date
Tue, 01 Nov 2022 15:02:35 GMT
x-fb-trip-id
2030378118
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Sat, 22 Oct 2022 22:00:27 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3391201390
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1001104753
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1333
tduw6Ua3gSs.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame ECA7 		141 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/tduw6Ua3gSs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
O2wJJTVYjDl4KWrvQSRzUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66715
x-fb-rlafr
0
x-fb-debug
JWXE9aJMMDKAe4/DBTbbX+OZBRA4fqMawnaWn/u7142v9G83dVxGNb4MLkaU/lK+J+JdXFGtXC86LwB1B/LVZA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Nov 2023 01:38:10 GMT
ZFrCIZJ3xbq.js
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame ECA7 		210 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/ZFrCIZJ3xbq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
fa18968d212c8c78205a62b54975d485719167f505b887564cf063a19ea8ab74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
x-content-type-options
nosniff
content-md5
3mtkMt0XQsXm73obd3NTXw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
210
x-fb-rlafr
0
x-fb-debug
onkgaboQLV/vkiBvacItySQLSNeELGzCsCwmDMNuorHH/Kbm/AMOMBVD39MHVOsCUvbwtsPoh5J2V78LC8RN5g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 01 Nov 2023 01:27:57 GMT
S3P-LwlzjYM.js
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame ECA7 		251 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/S3P-LwlzjYM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
3b07b15ec2ba44f84b7be9f01f8b8266ddd9c2e8889594b5890429e58698afcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
x-content-type-options
nosniff
content-md5
7xsQE+ZAjmHymUoVd9GMHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
251
x-fb-rlafr
0
x-fb-debug
2BARo3G9mZ+rqtEDszUH9QsSGYHcQ+jY2k/ppK06J+T72wr2xZaEXfeAKLe1RGlTQl99OGs9RklbfznJNsG7qQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 01 Nov 2023 01:49:39 GMT
Yi-ryIPdy-v.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame ECA7 		80 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/Yi-ryIPdy-v.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
m7O9PCwy16s/PS8yMsVdbQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
50067
x-fb-rlafr
0
x-fb-debug
0KDygT5C2GjnRtxl+dcYJ3H0zzYKqUmELNfizlbCUj1HYXWXiNYvV4THngrysZwUga27ao94edXz4UpV3L2Svw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 30 Oct 2023 18:32:53 GMT
L2bZ4-YTsjd.js
static.xx.fbcdn.net/rsrc.php/v3ivzh4/yS/l/en_US/ Frame ECA7 		100 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ivzh4/yS/l/en_US/L2bZ4-YTsjd.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uWtk7Whnh5Juy7Uxg3Zbyg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
151819
x-fb-rlafr
0
x-fb-debug
P5q83j/Tkakoec5p90FjUeX9sdV72wRw9a0IJsUg1Kun5hJqyTh8knl1a9mXebZofiGmhIlvqXmZeNYZAuDQVw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Nov 2023 00:34:17 GMT
4XplIn0t0pt.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame ECA7 		294 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/4XplIn0t0pt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
692b4556a4c1b648d6cd21256a11e8568b00658de74bc7acfd45b9ecb110ac91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5vkLSMSP+XlohJ/s1LRFAQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
195
x-fb-rlafr
0
x-fb-debug
hlpKJtjCwD1mXrUJSyuiiCmQI4BVnIxElERWRaTzFlpg1mFv2f3rERf8JM6VsiETMwG9Z7+lyzITd8Wc9Qy/nA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 31 Oct 2023 23:06:51 GMT
FLvtonlSna1.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame ECA7 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/FLvtonlSna1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4majzMI5X7y53cPlzz/opA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15209
x-fb-rlafr
0
x-fb-debug
9szmdkO7rofLpByDnwNRkQA/6sT34Ej0/4JwSIN3ACvuuCjxIVhWmf5gD7W10mrSmxZZ9UtvEwAXe9fQDRV8eQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 26 Oct 2023 06:30:05 GMT
5sLLnEN1BYH.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame ECA7 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/5sLLnEN1BYH.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/_DDxAn3nmvH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
f0f259942373ea7bc7193da3680dad8aa81022663dd605eb808dc09f4a1776cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 15:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEmkXmKJqI4GnyfAqb7npQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7735
x-fb-rlafr
0
x-fb-debug
LXWeMubLRxCetU60WHvIcAvSKwn6wVcd7DIPA0FKq7IYEpYTherzk/TuXnZCLaE7QIIpM3WbfwZfBxDLNaT3RQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Fri, 27 Oct 2023 19:29:38 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaq0&_p=5144&cid=1089023156.1667314949&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667314950&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&dt=%E6%88%BF%E5%B8%82%E6%95%B2%E8%AD%A6%E9%90%98%EF%BC%81%E3%80%8010%E6%9C%88%E5%8D%97%E4%BA%8C%E9%83%BD%E4%BA%A4%E6%98%93%E9%87%8F%E3%80%8C%E7%B8%AE%E5%88%B05%E5%B9%B4%E6%96%B0%E4%BD%8E%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Nov 2022 15:02:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9B2E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS03NDljMTExMS1lYjY1LTM0NTYtYTYyZS1iZmM5YjVmOGE4NTkqpQJodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMi8yMjA1OT9nZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PTEtLS0mQT1iNTI3ZDRlNC1kZDRkLTQ3ZmYtOTcwMC02ZDFhMGQ1M2ZhMjkmYmlkZGVyPXpldGEmY2J4PWFIUjBjSE02THk5cFlpNWhaRzU0Y3k1amIyMHZjSEpsWW1sa0wzTmxkSFZwWkQ5aWFXUmtaWEk5WVcxNEpuVnBaRDFpTlRJM1pEUmxOQzFrWkRSa0xUUTNabVl0T1Rjd01DMDJaREZoTUdRMU0yWmhNamslM0QmdWlkPXVhLTc0OWMxMTExLWViNjUtMzQ1Ni1hNjJlLWJmYzliNWY4YTg1OTICEgw4AQ==
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232923304322010812441&ssp=adaptmx&gdpr=0&gdpr_consent=
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&ovsid=7GBKCMoAXfOFrh4_QShi&refUrl=&type=zem&vid=73149525273103165461530142000V10&vsid=3103165461530142000V10
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=VnJV66llWbxWZiXZkxIq
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TCDJBWFURKXGVEXMVS2GB2WU5SBOBCDQ
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232403304322010809724&ssp=onetag&gdpr=0&gdpr_consent=
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232233304322010808762&ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/6UnTpdMzDQS.png
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=NH8D18iMLnikIEXYgkWb&us_privacy=1---
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28PqcCElQaQnIHJlVOJUcEnIFzJZHX97GVQtYJ6a9X7Juia2-2YWVhMMkNzhCZDft_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28PqcCElQaQnIHJlVOJUcEnIFzJZHX97GVQtYJ6a9X7Juia2-2YWVhMMkNzhCZDft_%29
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=vnt&i=296e3200-92d9-4d39-a473-9dd14d621e73
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sad&i=8736573172528277032
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rth&i=zFx2rhZvR8tvpiW8kQBk&pi=gumgum&tc=1
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L9YC9S34-1K-6US9
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mag&i=L9YC9S34-1K-6US9
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate object| adRecover object| google_reactive_ads_global_state number| ampAdSlotIdCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents function| quantserve function| __qc object| ezt object| _qoptions boolean| descriptionPage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

165 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQztPcncMwCgoIgQIQztPcncMwCgoI4gEQztPcncMwCgoI5gEQztPcncMwCgoIhwIQztPcncMwCgkICRDO09ydwzAKCQg6EM7T3J3DMAoJCAsQztPcncMwCgoIjAIQztPcncMwCgkIXxDO09ydwzA=
.aralego.com/ Name: sspid
Value: 3da8f625-a9c4-3539-8f91-b48c939b24e5
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.bg3.co/ Name: __gpi
Value: UID=00000b73059c87d4:T=1667314945:RT=1667314945:S=ALNI_MYpOd69SyrIqKMIZXKCN753kTWzbg
www.bg3.co/ Name: __AP_SESSION__
Value: 65840f09-7cb2-4bb5-9320-9e8557153623
.doubleclick.net/ Name: IDE
Value: AHWqTUlb3gt2RgprIiWcKg_jooFZHIHm8_hgQUvYj5Lw6CjeLSgqoBWiLpzyExbQidc
.adpushup.com/ Name: ap_uid
Value: 32b234c0-59f6-11ed-b37e-00224858c1e9
.adpushup.com/ Name: ap_usid
Value: 32b234c1-59f6-11ed-b37e-00224858c1e9
.openx.net/ Name: i
Value: 514acfaf-8b9b-4fa1-9d3a-464a3ef35b69|1667314946
.yahoo.com/ Name: A3
Value: d=AQABBAI1YWMCEA5B2TrpaCCclGkOo-RkM3wFEgEBAQGGYmNrYwAAAAAA_eMAAA&S=AQAAApjFDKLZbqxAr3VmQSPNDJ8
.media.net/ Name: visitor-id
Value: 3103165461530142000V10
.media.net/ Name: data-g
Value: CAESEKOErb2_piz2Uv7abaKUB3s~~3
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D
.mediago.io/ Name: __mguid_
Value: cc485df27d749de673ce7882313132ae
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A300891157417675691
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 9276d684-081a-4a7d-bcdf-205490cef536
.smartadserver.com/ Name: pid
Value: 8736573172528277032
.teads.tv/ Name: tt_viewer
Value: cb5e1230-c00b-4b9d-bce5-14291c081916
.omnitagjs.com/ Name: ayl_visitor
Value: bb99316cc2afa83535fde00208222d17
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwhOqEmwY4AUABSAEQhOqEmwYYAA..
.adnxs.com/ Name: uuid2
Value: 893519410280744005
.prebid.a-mo.net/ Name: __amc
Value: 1_1667314948_1667314948
.a-mo.net/ Name: amuid2
Value: b527d4e4-dd4d-47ff-9700-6d1a0d53fa29
.prebid.a-mo.net/ Name: sd_amuid2
Value: b527d4e4-dd4d-47ff-9700-6d1a0d53fa29
.rubiconproject.com/ Name: khaos
Value: L9YC9S34-1K-6US9
.quantserve.com/ Name: mc
Value: 63613504-e9f61-d1fdd-03479
.bg3.co/ Name: __qca
Value: P0-1100311919-1667314948341
.bg3.co/ Name: __gads
Value: ID=9b2ce0b2cd9987a1:T=1667314945:S=ALNI_MYeGqj6IXfv30ZE4KzBqx2FGMmp0g
.hinet.net/ Name: uuid
Value: 546f153a-b126-4c5d-8fd4-2cab22c067cd
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1667314950.1.0.1667314950.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1089023156.1667314949
.adsrvr.org/ Name: TDID
Value: 74559002-b79d-4ce9-8c63-aa03cf914794
.blismedia.com/ Name: b
Value: 636135068AF2CBDAFDBF491ABLIS
.doubleclick.net/ Name: DSID
Value: NO_DATA
.simpli.fi/ Name: suid
Value: DA8A55D9C5974F5C90D5B4B2092CE4CA
.holmesmind.com/ Name: P
Value: 916326-Nud8LqANoEFIbihj2c6T7t75z9ohrzeF
.holmesmind.com/ Name: Vision
Value: 20221101-23:59,20221102-02,20221102-02,20221101-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.mathtag.com/ Name: uuid
Value: ab586361-3506-4000-a74d-405dad1f9ad7
.mathtag.com/ Name: mt_mop
Value: 4:1667314950
.adform.net/ Name: C
Value: 1
.c.appier.net/ Name: _auid
Value: Oiz-HKQjBlm5ok9HBjVhYw
.adform.net/ Name: uid
Value: 6701514113505691929
.turn.com/ Name: uid
Value: 2354909183476543857
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0dc43e2d-70ea-4a53-517e-122b3e1948db.HMWtyh8PL%2BvXr3LWT9mfHXBYxF04DR%2B69lV4uUsRqNo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ADcQ-LXDqSlNRfhIrPhlI22fR_gU.U%2F%2FJCWDU%2BJGNiMGJX4gduCor%2F8jXLThR8KUMQ%2FCut5A
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2274559002-b79d-4ce9-8c63-aa03cf914794%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-01T15%3A02%3A31%22%7D
.openx.net/ Name: pd
Value: v2|1667314952|jElYiuvOiahI
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|74559002-b79d-4ce9-8c63-aa03cf914794|1667314952340047
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.3lift.com/ Name: tluid
Value: 3680958162164220521115
.bidswitch.net/ Name: tuuid
Value: 52b3421c-b360-4579-8d38-32d80058b81a
.bidswitch.net/ Name: c
Value: 1667314952
.casalemedia.com/ Name: CMPS
Value: 5329
.ladsp.com/ Name: cr
Value: 1
.media.net/ Name: data-ttd
Value: 74559002-b79d-4ce9-8c63-aa03cf914794~~1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY3MzE0OTUyfQ
.bg3.co/ Name: cto_bundle
Value: eNLfVV8yVTJsMFhDTGdzaWQxSEtDRWZIbHh1JTJCJTJCJTJCckJzJTJGNTlnMEJCMSUyRm0lMkI2eUlVYmdNZHQxN3owNDI0VyUyRjFtNFk3MkhwOGFlSW1KaiUyQkRlSzVQSiUyRk5KUDBmazQyYVljTzBaTFhtcEN6TkFFV2wzUSUzRA
.bg3.co/ Name: cto_bidid
Value: Hgd2419LQlM4cVBiUjg4N0FndFVnZ2ZNVHpiR2dhNkxQcHdtbVc1QlVJdlVUUUk0emJHakxORldzOE9QdGZaUDJKVUJIZVU0SXVhb1FPZldYU1lOYmU3MWwzUSUzRCUzRA
.ladsp.com/ Name: smn_uid
Value: O57K3t_Bnlb92UqWKY18aQ7_4w7WfRI
.ladsp.com/ Name: lum
Value: CMnV3J3DMBIFCAMQ0AU
.media.net/ Name: data-mm
Value: ab586361-3506-4000-a74d-405dad1f9ad7~~8
.media.net/ Name: data-o
Value: 4aca9969-891c-4ab6-a4a3-f0cce83bfa48~~8
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidswitch.net/ Name: tuuid_lu
Value: 1667314953
.media.net/ Name: data-a
Value: 893519410280744005~~8
.bing.com/ Name: MUID
Value: 1E3247A8519668B51EBA55E750F6693B
.c.bing.com/ Name: MR
Value: 0
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.linkedin.com/ Name: li_sugr
Value: 6e57cfda-2cb5-4a45-9f55-5965466f9f05
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&cd7fe472-5e15-4463-8c6e-79cae23e1041"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2408:u=1:x=1:i=1667314953:t=1667401353:v=2:sig=AQEYgq0lxYU_9jcaNoPeS8G7NeFUJrGS"
.w55c.net/ Name: wfivefivec
Value: EwYaeG8W1OPSMF5
.onetag-sys.com/ Name: OTP
Value: PnhB3fl1zExV73vcwYY-7faHJxKmzCctNfW4aFdDPFM
.pubmatic.com/ Name: DPSync3
Value: 1668470400%3A201_197%7C1667865600%3A164%7C1667347200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1668556800%3A35%7C1667865600%3A223_15_2%7C1672444800%3A69%7C1668124800%3A63%7C1668470400%3A71_204_238_234_247_107_209_165_220_21_22_233_7_54_56_179_189_13_176_3_5_231_8_96
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.rlcdn.com/ Name: rlas3
Value: THtloD+naug718Z0ZdgH+cogzlPFHkVZR2wdc6ajT6w=
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.w55c.net/ Name: matchmedianet
Value: 5
.pubmatic.com/ Name: pi
Value: 159706:3
.servenobid.com/ Name: pid_317
Value: 8736573172528277032
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~281r:196y~281r:196n~281r:18z8~281r"
.servenobid.com/ Name: pid_339
Value: y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
.servenobid.com/ Name: pid_337
Value: y-1Hj1ypVE2uEu62Dk1qY8YWdqKHKE4ndktSRFfAI-~A
.mookie1.com/ Name: id
Value: 10530401092153677328
.mookie1.com/ Name: mdata
Value: 1|10530401092153677328|1667314953425
.mookie1.com/ Name: ov
Value: b0d74bbea1f6feae326df8066824aae7
.servenobid.com/ Name: pid_312
Value: 893519410280744005
.media.net/ Name: data-pba
Value: A2CDA8AA-CD87-4A98-91E7-089C36DCDB2D~~8
.w55c.net/ Name: matchpubmatic
Value: 5
.rlcdn.com/ Name: pxrc
Value: CInqhJsGEgUI6EcQAA==
ads.playground.xyz/ Name: connect.sid
Value: s%3AL48HVROktFdTVnHT17BDoRxfcry3pAYW.rrwlb0L72ktAJiEkJaUifLmVT22O1lNkrbC8NZDxXwc
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y2E1CQAAAH1aDgA7
.media.net/ Name: data-xu
Value: EwYaeG8W1OPSMF5~~8
.gumgum.com/ Name: vst
Value: a_03f0ca1c-1d63-4af5-91b2-d2cef3f854db
.demdex.net/ Name: demdex
Value: 83227662921334324494110430714125939815
.ctnsnet.com/ Name: cid_36d706b62e024c5fb5d4e55642afb776
Value: 1
.company-target.com/ Name: tuuid
Value: be675e45-3fda-48a3-919c-1b77fb976389
.company-target.com/ Name: tuuid_lu
Value: 1667314953
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI3Njtl4SJnjsQBRIWCgdydWJpY29uEgsIgq27roSJnjsQBRIVCgZjYXNhbGUSCwjUx6-whImeOxAFGAEgASgCMgsI7q3N5JqJnjsQBTgBWgZndW1ndW1gAg..
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLhH4sOv+xPUyKB0+A8/5Oa7JFh0+r+C+WH0aGA9c0BmCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Em9dRdKCTFZDCax3pyYFnS0=
.ambientdsp.com/ Name: _aGeoIp
Value: HK-Hong_Kong
.ambientdsp.com/ Name: _aUID
Value: xni6pxpx2e9
.media.net/ Name: data-rk
Value: 1917759394584409181~~8
.mookie1.com/ Name: syncdata_IOW
Value: 1
.adgrx.com/ Name: ADGRX_UID
Value: 36fb74b0-59f6-11ed-afe4-9113dbb19cb6
.sportradarserving.com/ Name: zuuid
Value: 0b96bd3a-4512-441d-81dd-abe60a7cd6e2
.sportradarserving.com/ Name: c
Value: 1667314953
.sportradarserving.com/ Name: zuuid_lu
Value: 1667314953
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZubGhiaWpsbmQAAIg6SSkQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0tzA1Nbe0NDS2NLMwMjcyNxTiM9TNjLIIDDZJd4ovz8kGAHMSaV4lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0tzA1Nbe0NDS2NLMwMjcyNxTiM9TNjLIIDDZJd4ovz8kGAHMSaV4lAAAA
.dpm.demdex.net/ Name: dpm
Value: 83227662921334324494110430714125939815
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%2C%22zdxidn%22%3A%221506%22%7D
.adsymptotic.com/ Name: U
Value: d648db5a1b25ce7e73dacf359871f84d
x.yieldlift.com/ Name: ylxuid
Value: 32340c63-b4ad-4a85-8154-f955fec124ac
.mfadsrvr.com/ Name: tuuid
Value: c64b5563-b536-4ea6-8a23-eaa4ef41f755
.mfadsrvr.com/ Name: c
Value: 1667314953
.mfadsrvr.com/ Name: tuuid_lu
Value: 1667314953
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:EwYaeG8W1OPSMF5
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-xni6pxpx2e9
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6701514113505691929&KRTB&23263-6701514113505691929
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-DcQ-LXDqSlNRfhIrPhlI22fR_gU&KRTB&23334-DcQ-LXDqSlNRfhIrPhlI22fR_gU&KRTB&23417-DcQ-LXDqSlNRfhIrPhlI22fR_gU
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:ab586361-3506-4000-a74d-405dad1f9ad7&KRTB&16736-uid:ab586361-3506-4000-a74d-405dad1f9ad7&KRTB&23019-uid:ab586361-3506-4000-a74d-405dad1f9ad7&KRTB&23208-uid:ab586361-3506-4000-a74d-405dad1f9ad7
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-36d706b62e024c5fb5d4e55642afb776&KRTB&23328-36d706b62e024c5fb5d4e55642afb776
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y2E1CQAAAH1aDgA7&KRTB&22978-Y2E1CQAAAH1aDgA7&KRTB&23194-Y2E1CQAAAH1aDgA7&KRTB&23209-Y2E1CQAAAH1aDgA7
.casalemedia.com/ Name: CMID
Value: Y2E1CCaLQ3UUI9ms.cYTAwAA
.casalemedia.com/ Name: CMPRO
Value: 5329
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-893519410280744005&KRTB&23339-893519410280744005
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-Oiz-HKQjBlm5ok9HBjVhYw&KRTB&23130-Oiz-HKQjBlm5ok9HBjVhYw
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEG9bToU8AdcnkcXrzXYtkRA&KRTB&22987-CAESEG9bToU8AdcnkcXrzXYtkRA&KRTB&23025-CAESEG9bToU8AdcnkcXrzXYtkRA&KRTB&23386-CAESEG9bToU8AdcnkcXrzXYtkRA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-1CzUidEq0ozPetve1C7P3NN5htzPL9GM1SbQn3XV&KRTB&19420-1CzUidEq0ozPetve1C7P3NN5htzPL9GM1SbQn3XV&KRTB&22979-1CzUidEq0ozPetve1C7P3NN5htzPL9GM1SbQn3XV&KRTB&23403-1CzUidEq0ozPetve1C7P3NN5htzPL9GM1SbQn3XV
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.zemanta.com/ Name: zuid
Value: NH8D18iMLnikIEXYgkWb
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-115fce68-ef0a-45b0-876b-d2a4577ae207-004%22%7D
.lijit.com/ Name: ljt_reader
Value: FlDmCLZHAMiHLH_fRc-hoCKi
.tribalfusion.com/ Name: ANON_ID
Value: atnseFriItgP3PTReGySZdh7RYoTmhQNGOFiEAaTaH7ZacdVUNrU4DjoLIl7WEmEib84IhjD29SCTZaUHsq59bY
.casalemedia.com/ Name: CMTS
Value: 4681
.servenobid.com/ Name: pid_333
Value: Y2E1CMfbrAsjdOSeGuHmMgAAEr0AAAAB
.pippio.com/ Name: did
Value: CQWRrjWaWtG6FDFG
.pippio.com/ Name: didts
Value: 1667314953
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.servenobid.com/ Name: pid_309
Value: a_03f0ca1c-1d63-4af5-91b2-d2cef3f854db
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1667314953971
.tapad.com/ Name: TapAd_DID
Value: 33b7833e-ab65-4859-9558-a6de0c92be30
.servenobid.com/ Name: pid_318
Value: yH8ccnkm2X_eTX0B218VTX7qqDSLp0tKzz1sxR9NoC8
.quantserve.com/ Name: d
Value: EPwBEgG8J_ijD9r7EA
.pubmatic.com/ Name: SPugT
Value: 1667314953
.bidr.io/ Name: checkForPermission
Value: ok
.amazon-adsystem.com/ Name: ad-id
Value: A85hVkOAqkRNqc_gDdkIols|t
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-74559002-b79d-4ce9-8c63-aa03cf914794&KRTB&22918-74559002-b79d-4ce9-8c63-aa03cf914794&KRTB&23031-74559002-b79d-4ce9-8c63-aa03cf914794
.pubmatic.com/ Name: PugT
Value: 1667314954
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2354909183476543857&KRTB&23150-2354909183476543857
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3

4 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1667314945&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffang-shi-qiao-jing-zhong-10yue-nan-er-du-jiao-yi-liang-suo-dao-5nian-xin-di.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667314944839&bpp=11&bdt=2301&idt=624&shv=r20221027&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4890139455283&frm=23&ife=1&pv=1&ga_vid=1103092985.1667314945&ga_sid=1667314945&ga_hid=452723250&ga_fc=0&ga_cid=amp-kADK3JZ9n1Dju1E2mU1YjQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1176914691&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531706%2C44775017&oid=2&pvsid=3631704844640308&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7iwm7is9m56b&fsb=1&dtd=632
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvZmFuZy1zaGktcWlhby1qaW5nLXpob25nLTEweXVlLW5hbi1lci1kdS1qaWFvLXlpLWxpYW5nLXN1by1kYW8tNW5pYW4teGluLWRpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

546f153a-b126-4c5d-8fd4-2cab22c067cd.t.ssp.hinet.net
5b070f71561b5d3397630aece1716407.safeframe.googlesyndication.com
6730529b080eec956a27675ab371c12d.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acb86f3351c6e56b0a3aa88110a96774.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bi.adpushup.com
bidder.criteo.com
c.bing.com
c.holmesmind.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.holmesmind.com
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-3777821193461222479.ampproject.net
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.scupio.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
scontent-syd2-1.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.xx.fbcdn.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
t.ssp.hinet.net
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
b1sync.zemanta.com
contextual.media.net
cs.admanmedia.com
eb2.3lift.com
fcm.holmesmind.com
odr.mookie1.com
pixel-us-east.rubiconproject.com
simage4.pubmatic.com
static.xx.fbcdn.net
sync.go.sonobi.com
usersync.gumgum.com
103.132.192.30
103.229.10.247
103.229.205.243
103.231.98.195
103.231.98.196
103.254.153.160
104.16.85.20
104.17.25.14
104.18.101.194
104.18.12.76
104.18.13.76
104.18.18.126
104.18.19.126
104.18.25.173
104.211.156.162
104.254.150.241
104.254.151.36
104.26.3.91
104.26.4.103
107.178.254.65
108.139.243.106
124.146.215.47
13.107.42.14
13.115.196.111
13.227.254.129
13.250.207.233
13.251.186.113
13.33.33.127
13.76.45.37
138.197.50.103
139.5.84.243
142.250.4.156
142.250.4.157
142.251.10.97
142.251.12.104
142.251.12.132
142.251.12.155
142.251.12.157
145.40.89.200
150.136.26.45
151.101.193.108
151.101.2.49
157.240.235.1
157.240.235.35
157.240.8.23
169.197.150.7
172.104.45.159
172.217.194.132
174.137.133.49
18.138.18.111
18.155.68.27
18.179.176.172
18.179.87.8
18.233.195.161
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.31.5.52
185.84.60.20
195.5.165.20
198.8.71.131
20.212.157.225
202.131.200.84
203.75.214.136
204.79.197.200
209.191.163.208
209.191.163.209
209.58.188.181
210.59.219.181
23.106.127.38
23.106.127.52
23.15.148.136
23.195.152.23
23.195.153.54
23.36.252.26
23.72.44.196
3.1.115.86
3.126.213.118
3.33.220.150
3.94.215.33
34.102.253.54
34.107.148.139
34.117.219.39
34.126.167.117
34.96.105.8
34.96.119.68
34.96.71.22
34.98.64.218
34.98.67.3
35.186.193.173
35.190.60.146
35.201.76.93
35.208.249.213
35.213.117.18
35.213.12.39
35.213.93.179
35.214.236.176
35.227.252.103
35.244.159.8
42.99.140.144
42.99.140.161
50.116.239.135
51.79.234.101
52.193.50.121
52.194.75.205
52.205.223.187
52.220.190.140
52.223.2.229
52.46.130.91
52.74.13.196
52.76.121.184
52.77.150.163
52.77.4.205
52.94.223.167
54.189.51.32
54.228.225.243
54.238.120.71
65.9.42.99
67.199.150.82
67.199.150.86
69.16.175.42
69.173.144.165
69.173.158.64
69.173.158.65
74.118.186.44
74.125.200.157
74.125.200.94
74.125.24.100
74.125.24.154
74.125.24.157
74.125.24.94
74.125.24.95
74.125.68.132
74.125.68.155
74.214.196.131
84.17.37.44
89.207.22.105
001765f8397279a40a2318933cf1316454a65fde0b8f24fa9f87c361b20a1fb2
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e04815103200455d51731849d512f6e706104abb4373f2b6e42e5272d61db7
02473c6ad0f8b546bf0bfc9ec30c998ede0c7e7db6a23487fc853e26eebd7b50
027890c8998a63c290b041c61d1ff6282d3a356bff29a6ddee40ac7eea1e1194
02dcde77543120bc35b625b94c080f9be268af328c81fef34454a181caa8322d
0407b8375e184a2d7d09dd8fc468ff58a7c73f30316fe87cd82757fa9cec8f8c
049287c739341feaaea55779dedef2fb1a8d27ecf96a813baa1adfd8a9fb3261
06143ddb66eb487130e9ab1fcd9d637cd49e83cb51450930d18bf158b828c1c4
07f2a2428f6f9f2366c11a0e24ae66525ad9a5f8b9353593b1f21f5c7ffa1b44
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09d2e43f6fcd464259619898771d94cb963ecc071899c50d151bb3946ed73769
0b438028bfa67d4d8e510277da5d2ef09e44259275b785306daa0194ec33eaa8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ec9f4635af1d7c046982d16250fb9c528515c240952de09991ac3e83679a13a
0ee32eb0e64bc0061fde3956a8f2cb2523a415a200bd86084774ebff178a8a92
1015b52f3adc6a317d7cb0d123b45eb32ef3cc33289e122d7b31fd04dcaa1398
102ccb7abfb3860eb214a001d85862a4da4ed5e694bc25cfa5a5c6da145dccff
109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc
13a0808aa1d705ca7a3881cb67d8d6e28f99da10083c43fb03ca2981df5897c7
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
15bc6abd5b07eab70b38a7c9db4f3a4993c31ad1694ce598d766925576bb180a
15e8278ebb5160f2564d927fde4c87af9281e0d4f90b71b4bde38f262503fc96
1758c4933cd14a3f56081f5240d67a147716235c5f3fd45a996567b92a9ed5f0
178f1ea47fde31d42f1f1533bdeb60348dab04db6b959f54ad6e5c1cb8968d84
17dbfdbaad7445f1c5ac46e2a97eb2e9b30151f7bde6ece690c887f041e58efb
18b4e5e95f755ada7152b380f93284a12bec400dd9ebc97b01c640be5f467f99
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
1ee2ce20316d2e57f46b4866a408bc07f0b3e3911796bfbc7f7862f4b8017a63
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
25717e5d1ed0c53ccd0dd4275e6a29aa8b66fc7d0b95b3e4399edd2bbaab7e0d
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26e9a99b68b712345e8202997de0d8d8e145b43fd2da7c798f22cc32fbc3f8c6
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
337a0ff86fb108f43a9ee58f11221a1c78945db75a20c2ca6f4ed479f0d26e63
33dce195ca850ff25398b0bfffdeec96356f9777c0f77d6535029e9705a0ddb1
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37f50d698d42ce99170a2117356631ff733cf3a48df3b67942e3aabda4eb05b7
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c
386a64273f8f4b4dd950764afe44bb02771440f7ec086c48061cf627d72be9e2
3b07b15ec2ba44f84b7be9f01f8b8266ddd9c2e8889594b5890429e58698afcf
3b76a1114e93dc60819a1b1076c7f9873f3431ddf5bf221c2197cc88ad82439b
3d262e39b90e72e3d8202728a95f96c564c5179ad756ee3ccecba98169b4501d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da97220ba3388c499ce1ae4258a2aeb0b0c20ab49fb267286d6641e85bd1270
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1d01347f505c92680bc260bf02bd49d364d1616016f6f948ad903f85f72f12
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4184848116254c260a6056065742ef2bb2fa75e1e9b155b67300662179981624
450e19ab34a315b13c1e2846ab90d59944824091cdd6d59ea39a1bdf0dfa8f09
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c54a7167d8f46db25633861195e63418e352c2901317be7c962edb16325f67c
4c6e1b9fb31d28c7417ebd64d3bae4c235b10b383a577589a481242dff2b63f8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f717ef7b790e028b442121ad67d8aacceda3e7b282ead53d5453379d559e424
4fef5e5985aefe814cb1e61862c1a809cdd2cdbd5cfb1435ef48366ea0bcbb27
51320a20116f7c0177e7c3994e087c1c9f0a84eaa3562ef0cd6d2b5a566bd578
532bf71a162f922ef1cb6d84c617a2283db388b0d4df72634e10152391eeeadc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5609d228cf036500872989ffea6ec42a0d7f1b0da992a15d2c20ee2d3423b35a
5787daf629809716954934c3d0e57c442cb12f86a7320abfc08555baf8392e39
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
582e09ee21e516303420d8125a11e8ce79682ae98188cb458dd2f962afeb259f
5891461efba0da69dded3e0f7837b17e43d97149818cd0c6d0c7d4db956f0997
59cf6803210ead340e30c25dfb0fd94abad99c8b549a55848539b4e266004d05
5b50a58b3403e5e0732c8fc9d6f47d99282b06491a41546d6b0c3dc81fb7e096
5bc67a7c454473e19a287c488ea6bcb8533e16d0fa50eded3a6366b1f2cd4d18
5ca35f2a1c73831ea689af594fc2c0e8bff4948f6b48bff08091507b10d134c7
5d87c4d8b3ef0754c0cd891849d57881cbc84c79cd76bcd3ac31469fdd3156e5
5e386357d83c2185bce194fd5aff173c3a7c085a1b689db879f1dd2a3c56bcbb
60466fc9cd4e6b2b2f7a9a4303dde2abfde049ef7588d124b138d486534f8d8d
609dfc2d4a85b136833c9010a2f0f30b380ba851f9ac370f1d834a7d8346253f
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c084f0a085fde56f21fbe98dd271ec6cec8c2fd8cf58c49c39a29f476d2d99
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6490adad95087b887f0ae5d70814007b6a57b0321c5c6fc1a026d258e10f53ba
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
692b4556a4c1b648d6cd21256a11e8568b00658de74bc7acfd45b9ecb110ac91
6970410762235c3a131ac5c18bf534680d43203ad4960c31b5564f599bdad8f3
69f12d85abfad64d722551b2a4d1abfb01e78a19a8c642a81010ba10850ed0e2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa29b65ce8ed708e234ee7d45fcc28071249cb18000fa2f4d97244fd0234911
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7361fe82be19af8763d3c93cff7236f3654d75b20245a35c05fc0ee204a024e0
746c80519e445bfe59a0a43cc53c846d00dfadc4eb6d096ac7604bec231e3be7
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c
788e0799f5ccfd237d4d2f3e3bd5d716e04b4c33ccdb7faa7eb1fc286fbd916d
79cd1b975bfdcefba587178e02be8022c3061b66b10b75ed1c56264df094f614
7acace8f44f5b3f4cbb8e2786b9ae06dd85669e49b4ee3f35a0ec98cef165f02
7b715c5505596b0861f320caa8ee6ff434fd5f4c53f38e6e769baab3a92848da
7bf177cc9f969e68ce3471d9fec5fafea111f97ef041f4d924a022894767e5da
80378b539376ef85a01c3563b1fab00dd57122085a184cc2c470d9ad511a78a5
80e2f7e2f74ce8084f774a117abf23e88898695afa9d459e8482374064f69bb5
813bd8129f0d85af077a42b11cf5e159cf575e5cb4b4fb9755c07f68518c13e3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8494a92e1ff855ed072f3ccd7cb07a61ff843d3b3bc2166b61a0e844f3f557e5
84aedc04921cf9d558550917fb78af7a7bd4735140a50093fba8719cc2b2f444
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
88974e9fa2ae8eef6a3cda59172bf279353a7110a9f9bc0ebdb1db5948514aa2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f8b67534c99223c378db4cec253a3bfbf71f8fd02e590fcd5ce4b1f2e43bef7
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9578a0ebe579c2de23d9baabb2348bac15b8ad090fc7408b0aecfe9f1a24d99a
95928ff91c21039d1f10bba6d4f111a722c1de0a6a003e5aac96c5be2412146c
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7
9e4116028965f182dbb7f77195fb6f470985e23d09c44002ceca88e83b2fea56
9ecdb6cc0ed3ba5910288b678955425d52180166235681701fa48fc90811a294
9f1f25d2de7025b4df6316e6c428b67db02a9c652928044b5fe4f6b02c7b070b
9f3a19606efcdee2e3636f42ac1debb5536563025ef09dfc1a3ae88a13384567
9fec289372e6d2ae1d0c0cea24a79ddbe14155c69d736ff01f0ac90419f6426f
a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256
a047da4062a51691dc2db494a89bb2f85abdd36cd2d278a6d62196df159b5685
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a15016fc3078a739aefe3d4601c2185ffc7a0b8e73374491a467e5701490e48a
a299eb6284063fbab26133dbd699cecc7bbc799c9f55c0ba7381f17d476daf46
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4309265903052524638da5af6d5447080aa47a72e9591a63f02c407f2b6c0be
a43654ae4b4bce6e20dff843b3d7651ddd49d731b121fec07bfa49995d7505c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63d06220c1eeda5d5faad087a3b8e039a3edab3c4c53d40033b8728fa8430d6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a8f7e348a985fd57c038bbcbcca666e421097835d1becb6df2c7165c646b5227
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a9b53e109c7232f3045fe2df204525df9a166743f8fc0b9285bca0c227168413
aa62b4ce273ba426dc4b5ec99329d60780ed38723e6033015117725ba50a15ce
ad2d94bc9242f8bc340a18b57e4515ba7726222cccff509b140254060744915e
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
b0004ec92da4cb3cb51ba6a54d4e748d2b2c374cbfa7d8b90bef704422047be5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b61e073a889650ca898fe2b7889c69f2119e6e9c95df69d01048ee2d7a1b7049
b6c298027e737f4a6c7f3ddf9aa9601058aa90f70159aee34bdcb0089339ddfe
b7bed7caed49d273178c91b630b00ca1be0a9258a699e85515217f75b03c7843
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdae277a968d70677b7d4199114f28793fa1f9d945f4d218cd8edb3c0a83c0f5
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe
bf60c3b7b0b5d1880bc7fba14e4f0c19b35ff8c6d897dbd7e1d0972c243f220e
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c295f0d07e86bf0d9590dbd8fc9bd5be96d013bb57b6d6fb84c85512f66a6ec8
c385cbfb4bd2ada2847a460006fcbc60941323a2426a6f71740775930bcba1c0
c3f3cc6712358bbb87082b9889725ae203f5901c681a0829718f439ce1546510
c48985297d47887789190b3745cc67d4633d31be13f9e77b8fd7a4077cf63069
c4c094de646468d98ffe85d965ddb7da81989f3c5aeef86f59f5fb5dc7068090
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cc38ba922c2e65ff11857509c99039217c99fd0082734fda32f4d8909730a114
cd247b5b6412f4a83d6be7f1addf05635b26635e6a6ffb3db69b95fe940c4917
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c5e544972a880b188f42eb7335d043a39f3a35783c5341e34e4b09f447357
d30a4bf397e76b1ba9971d234e0f759a6ab48fdf42d284d7ec0647cd68f6e351
d37b6441dc4049f8fe981972f64903aa46280708aa7f2c4465b447df78459f5f
d413591550d4dcedd8b1167426a8d2432bd7f3213f1757ab8df1a348e958c7b2
d50873ff85ee0621229f4340fb5a7cbd95d687dc51e0377fdf6dc95aec504abc
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d8f3a31dd126649fe7799a1d21a5887f879b5fff8efa6a792980cf2e2b251807
d904a67baf64ba006dfa178fad069e3ded4c81900fc5f647ab4c4e2d68248471
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dba93323689cff5411c64ff0756958c6ccb41d970f9b017a4bc76a38954d0e4b
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2123dee96e083a7cbcd4c5dc4f68a4f769123c4a6597018b8a5f252279606bc
e2ce48828cc513e392a4dbc14b34377b236a57fa1e4eea2862067724bad131a7
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e300b758cb554964985e8ed30626a0a9ab60eaeac6677708a64f05e1d2a1a571
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e552ba8cbb2c9caaec7d5e7215f838bc55f45da09a3d578c80f4e3dc1d4f15c6
e58bb65e5ce1a00715d3571d44cf9040e3f2cc2bc2f6eae3e2caa25607fb0d50
e7345184b30aafeaf79febf1329591a401046bb725d059d1b1982b63ff2cecb8
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
ea4e590b7e69dbfb0eed5e9204316ebf745fa42740851e6e33c14c2640bc7417
ebfd1124c05fd4534a11aa9a529f614b16cd347916e0ec8deeac052f3c074ff2
ec02e823e01d1232cee2790c6af67c336c7d7381a961157538d42bc49bc35502
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec68e0194edd00f3db1ef0da78c4d8b7ebfbbe5f1933f6565df229f01244b0e2
eca37871db74e9bfe2f151b95a17fe2d97f240c7db8300c9e2ad200772d383cf
ed247a59f0c56f2f0ceb1bb0aafeb1450d370f28b7a99c421163d9da7a958d3d
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef0746632eb63f7110ab4bf659f4cc5c5cab6c6af06acfed1e5bb6b47c19d806
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef63eacda662ee598260ddfff1e3027e8f7cd7c4a9bea5a9062c19aabaa175fc
f0f259942373ea7bc7193da3680dad8aa81022663dd605eb808dc09f4a1776cc
f2164a3211cc8cb0f494c8925129fdc89f1acdc7fd35419de169c3415801c499
f2e096b56d7b3224b0a0d33945157b62001d24f17368a5dd9a7deecf37cee612
f2eed9f77b557dbfe264c1e845277bb99537d2049eb0cebcedfc93deb7c483bf
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f472b5e617260cbd85fa264d50e47338f934dd89fa36a61dfd7ffd00c2116805
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7a247282f05c5986872e3e42ffc4772fe959a398e362e6f47df2972effb48a9
f83fbdd5fd889fbf12d970e12e242e3bbcaf41b04cc6a38451327ca585dcfaf4
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
fa18968d212c8c78205a62b54975d485719167f505b887564cf063a19ea8ab74
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76