urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Submission: On September 24 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 9 countries across 96 domains to perform 562 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 583884.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
49 142.251.12.132 15169 (GOOGLE)
1 6 103.254.153.160 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
25 172.67.72.16 13335 (CLOUDFLAR...)
14 99 172.217.194.156 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
10 74.125.200.157 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
7 142.250.4.157 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
2 74.125.130.97 15169 (GOOGLE)
3 172.217.194.113 15169 (GOOGLE)
1 20 142.251.10.157 15169 (GOOGLE)
1 104.16.88.20 13335 (CLOUDFLAR...)
2 11 145.40.88.5 54825 (PACKET)
1 182.161.73.145 55569 (CRITEO-AS...)
15 52.210.128.24 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
4 52.192.218.173 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 54.203.144.13 16509 (AMAZON-02)
1 35.213.117.18 15169 (GOOGLE)
3 139.99.49.250 16276 (OVH)
4 9 104.254.151.68 29990 (ASN-APPNEX)
1 54.251.29.91 16509 (AMAZON-02)
3 15 104.18.18.126 13335 (CLOUDFLAR...)
1 23.193.109.46 16625 (AKAMAI-AS)
3 10 35.244.159.8 15169 (GOOGLE)
2 172.217.194.157 15169 (GOOGLE)
4 142.251.12.157 15169 (GOOGLE)
1 13.33.33.91 16509 (AMAZON-02)
1 3 103.229.10.192 16509 (AMAZON-02)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
1 13.33.33.127 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.86 16509 (AMAZON-02)
10 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.24.14 13335 (CLOUDFLAR...)
10 182.161.73.135 55569 (CRITEO-AS...)
3 182.161.73.142 55569 (CRITEO-AS...)
8 142.251.10.99 15169 (GOOGLE)
8 9 172.217.194.155 15169 (GOOGLE)
70 142.251.12.149 15169 (GOOGLE)
3 6 23.50.119.72 16625 (AKAMAI-AS)
3 9 34.98.64.218 15169 (GOOGLE)
1 1 18.176.15.61 16509 (AMAZON-02)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 3.0.121.150 16509 (AMAZON-02)
3 4 23.106.127.52 59253 (LEASEWEB-...)
1 1 52.45.175.185 14618 (AMAZON-AES)
2 2 202.131.200.84 17941 (BIT-ISLE ...)
8 12 87.250.250.90 13238 (YANDEX)
8 74.125.24.155 15169 (GOOGLE)
3 6 172.64.152.245 13335 (CLOUDFLAR...)
4 4 34.83.125.63 396982 (GOOGLE-CL...)
16 17 15.197.193.217 16509 (AMAZON-02)
12 12 70.42.32.127 13789 (INTERNAP-...)
2 54.254.146.150 16509 (AMAZON-02)
1 142.251.12.95 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
1 23.193.108.182 ()
1 23.193.108.238 ()
1 18.161.111.100 16509 (AMAZON-02)
10 23.193.108.22 ()
3 10 52.223.2.229 16509 (AMAZON-02)
8 23.75.85.227 16625 (AKAMAI-AS)
2 54.192.111.61 ()
2 2 50.116.239.135 6336 (TURN-US-ASN)
2 2 124.146.215.49 2514 (INFOSPHER...)
2 2 54.192.150.48 16509 (AMAZON-02)
1 104.19.158.19 13335 (CLOUDFLAR...)
1 172.67.154.71 13335 (CLOUDFLAR...)
3 4 35.213.12.39 ()
6 6 52.74.162.2 ()
8 12 69.173.158.64 ()
1 37.157.4.41 ()
2 4 34.227.131.62 ()
3 4 67.199.150.82 ()
1 5 103.231.98.194 ()
1 3 103.231.98.195 ()
4 4 209.191.163.210 ()
1 67.199.150.77 ()
1 54.225.201.180 ()
2 3 13.107.42.14 ()
1 2 104.18.98.194 ()
1 1 23.108.103.8 ()
3 6 54.169.109.4 ()
4 7 52.46.155.104 ()
1 204.79.197.200 ()
3 3 23.207.37.206 ()
1 2 52.95.115.255 ()
4 23.193.108.195 ()
1 3.113.43.253 ()
1 4 104.18.19.126 ()
3 3 23.41.65.80 ()
1 3 3.230.47.190 ()
2 2 209.191.163.208 ()
11 11 74.118.186.45 ()
2 2 198.8.71.129 ()
2 2 72.34.250.75 ()
4 4 13.229.175.239 ()
1 2 182.161.73.146 ()
2 2 35.156.204.15 ()
2 18.233.195.161 ()
1 1 80.77.87.161 ()
3 23.106.127.39 ()
2 2 18.136.34.121 ()
10 54.174.10.80 ()
1 42.99.140.177 ()
2 104.19.172.108 ()
4 4 103.229.205.243 ()
3 151.101.194.49 ()
2 2 104.254.151.36 ()
2 2 18.176.162.247 ()
1 1 34.111.151.213 ()
2 2 54.160.175.117 ()
1 104.18.12.76 ()
1 17 13.112.54.241 ()
3 4 38.133.127.31 ()
1 1 3.92.109.79 ()
1 132.226.41.106 ()
1 38.91.45.7 ()
2 2 3.0.222.252 ()
1 1 74.214.196.131 ()
2 2 185.184.8.90 ()
1 103.231.98.196 ()
1 1 69.173.151.100 ()
1 2 185.84.60.29 ()
2 67.199.150.86 ()
1 1 103.3.63.48 ()
562 102
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
49    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
1e05286dc60c925b98acf33de1816ec0.safeframe.googlesyndication.com
tpc.googlesyndication.com
e778d620ea5432f0c4488e8fa9e4bab9.safeframe.googlesyndication.com
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
6    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
sync.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
25    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
99    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
10    74.125.200.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net
securepubads.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
7    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
adservice.google.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
d-26736635652493433395.ampproject.net
2    74.125.130.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f97.1e100.net
www.googletagmanager.com
3    172.217.194.113 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f113.1e100.net
www.google-analytics.com
20    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
googleads.g.doubleclick.net
www.googletagservices.com
adservice.google.com.au
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
11    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
15    52.210.128.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    52.192.218.173 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    54.203.144.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-144-13.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
3    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
9    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    54.251.29.91 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-29-91.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
15    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
1    23.193.109.46 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-109-46.deploy.static.akamaitechnologies.com
a.teads.tv
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
2    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
partner.googleadservices.com
4    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
adservice.google.com.au
1    13.33.33.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-91.sin2.r.cloudfront.net
adx.holmesmind.com
3    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
1    13.33.33.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-127.sin2.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-86.sin2.r.cloudfront.net
pxl.qccerttest.com
10    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
3    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
8    142.251.10.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f99.1e100.net
www.google.com
9    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
cm.g.doubleclick.net
70    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
s0.2mdn.net
6    23.50.119.72 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-119-72.deploy.static.akamaitechnologies.com
sync.teads.tv
9    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
u.openx.net
1    18.176.15.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-15-61.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
1    202.232.238.37 (Minato-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    3.0.121.150 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-121-150.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
4    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
2    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
12    87.250.250.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
8    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
googleads4.g.doubleclick.net
6    172.64.152.245 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
17    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
12    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    54.254.146.150 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-146-150.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net
fonts.googleapis.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    23.193.108.182 (None, )

ASN- ()
acdn.adnxs.com
1    23.193.108.238 (None, )

ASN- ()
js-sec.indexww.com
1    18.161.111.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-100.mrs52.r.cloudfront.net
public.servenobid.com
10    23.193.108.22 (None, )

ASN- ()
contextual.media.net
cs.media.net
10    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
8    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    54.192.111.61 (None, )

ASN- ()
static.adsafeprotected.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    124.146.215.49 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    54.192.150.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-48.sin2.r.cloudfront.net
cr-p3.ladsp.com
1    104.19.158.19 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
1    172.67.154.71 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
4    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
6    52.74.162.2 (None, )

ASN- ()
ups.analytics.yahoo.com
12    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
token.rubiconproject.com
1    37.157.4.41 (None, )

ASN- ()
cm.adform.net
4    34.227.131.62 (None, )

ASN- ()
ssp.disqus.com
4    67.199.150.82 (None, )

ASN- ()
image8.pubmatic.com
5    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
3    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
4    209.191.163.210 (None, )

ASN- ()
ap.lijit.com
1    67.199.150.77 (None, )

ASN- ()
ow.pubmatic.com
1    54.225.201.180 (None, )

ASN- ()
pbs.aniview.com
3    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
2    104.18.98.194 (None, )

ASN- ()
p.adsymptotic.com
1    23.108.103.8 (None, )

ASN- ()
inv-nets.admixer.net
6    54.169.109.4 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
7    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
1    204.79.197.200 (None, )

ASN- ()
c.bing.com
3    23.207.37.206 (None, )

ASN- ()
stags.bluekai.com
2    52.95.115.255 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
4    23.193.108.195 (None, )

ASN- ()
ads.pubmatic.com
1    3.113.43.253 (None, )

ASN- ()
g2.gumgum.com
4    104.18.19.126 (None, )

ASN- ()
ssum-sec.casalemedia.com
3    23.41.65.80 (None, )

ASN- ()
secure-assets.rubiconproject.com
3    3.230.47.190 (None, )

ASN- ()
x.yieldlift.com
2    209.191.163.208 (None, )

ASN- ()
ce.lijit.com
11    74.118.186.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    198.8.71.129 (None, )

ASN- ()
p.rfihub.com
2    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
4    13.229.175.239 (None, )

ASN- ()
pm.w55c.net
2    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
2    35.156.204.15 (None, )

ASN- ()
rtb.mfadsrvr.com
2    18.233.195.161 (None, )

ASN- ()
cs.emxdgt.com
1    80.77.87.161 (None, )

ASN- ()
cs.admanmedia.com
3    23.106.127.39 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    18.136.34.121 (None, )

ASN- ()
sync.tidaltv.com
10    54.174.10.80 (None, )

ASN- ()
dt.adsafeprotected.com
1    42.99.140.177 (None, )

ASN- ()
ads.stickyadstv.com
2    104.19.172.108 (None, )

ASN- ()
csync.loopme.me
4    103.229.205.243 (None, )

ASN- ()
sync.mathtag.com
3    151.101.194.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    104.254.151.36 (None, )

ASN- ()
secure.adnxs.com
2    18.176.162.247 (None, )

ASN- ()
match.prod.bidr.io
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
2    54.160.175.117 (None, )

ASN- ()
sync.srv.stackadapt.com
1    104.18.12.76 (None, )

ASN- ()
cdn.indexww.com
17    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
4    38.133.127.31 (None, )

ASN- ()
sync.outbrain.com
1    3.92.109.79 (None, )

ASN- ()
sync.ipredictive.com
1    132.226.41.106 (None, )

ASN- ()
sync.technoratimedia.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    3.0.222.252 (None, )

ASN- ()
ad.360yield.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    103.231.98.196 (None, )

ASN- ()
image6.pubmatic.com
1    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
2    185.84.60.29 (None, )

ASN- ()
c1.adform.net
2    67.199.150.86 (None, )

ASN- ()
simage2.pubmatic.com
1    103.3.63.48 (None, )

ASN- ()
gocm.c.appier.net
Apex Domain
Subdomains		 Transfer
95 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
1e05286dc60c925b98acf33de1816ec0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
e778d620ea5432f0c4488e8fa9e4bab9.safeframe.googlesyndication.com
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
958 KB
83 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
650 KB
70 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
952 KB
29 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
pixel.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com
53 KB
26 bg3.co
www.bg3.co — Cisco Umbrella Rank: 583884
static.bg3.co
201 KB
23 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.as.criteo.net — Cisco Umbrella Rank: 17010
csm.as.criteo.net — Cisco Umbrella Rank: 17365
157 KB
20 pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
ow.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
38 KB
19 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13567
us-u.openx.net — Cisco Umbrella Rank: 396
u.openx.net — Cisco Umbrella Rank: 650
jp-u.openx.net
3 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum.casalemedia.com — Cisco Umbrella Rank: 1370
ssum-sec.casalemedia.com
16 KB
18 gumgum.com
g2.gumgum.com
usersync.gumgum.com
6 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
9 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1646
public.servenobid.com — Cisco Umbrella Rank: 3425
9 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
5 KB
14 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
static.adsafeprotected.com
dt.adsafeprotected.com
98 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15327
e3.adpushup.com — Cisco Umbrella Rank: 16605
aplogger.adpushup.com — Cisco Umbrella Rank: 16434
217 KB
12 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
12 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
8 KB
12 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2536
3 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com
secure.adnxs.com
36 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
assets.a-mo.net — Cisco Umbrella Rank: 3135
7 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
4 KB
11 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
contextual.media.net
cs.media.net
17 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
217 KB
9 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
6 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22529
ads.as.criteo.com — Cisco Umbrella Rank: 17083
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17485
gum.criteo.com — Cisco Umbrella Rank: 406
dis.criteo.com
58 KB
8 1rx.io
sync.1rx.io
5 KB
7 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 873
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
3 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
sync.teads.tv — Cisco Umbrella Rank: 1077
2 KB
6 lijit.com
ap.lijit.com
ce.lijit.com
4 KB
6 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
4 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 97372
1 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30433
sync.aralego.com — Cisco Umbrella Rank: 3193
4 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
218 KB
5 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 934
x.bidswitch.net
3 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 disqus.com
ssp.disqus.com
894 B
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9047
45 KB
3 everesttech.net
sync-tm.everesttech.net
320 B
3 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 yieldlift.com
x.yieldlift.com
742 B
3 bluekai.com
stags.bluekai.com
2 KB
3 linkedin.com
px.ads.linkedin.com
1 KB
3 adform.net
cm.adform.net
c1.adform.net
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
11 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
519 B
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com
622 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 loopme.me
csync.loopme.me
163 B
2 tidaltv.com
sync.tidaltv.com
676 B
2 emxdgt.com
cs.emxdgt.com
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 sonobi.com
sync.go.sonobi.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 adsymptotic.com
p.adsymptotic.com
501 B
2 ladsp.com
cr-p3.ladsp.com
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
866 B
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3148
970 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
1004 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
74 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 654
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 14734
11 KB
1 appier.net
gocm.c.appier.net
395 B
1 contextweb.com
bh.contextweb.com
664 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 brand-display.com
dmp.brand-display.com
366 B
1 stickyadstv.com
ads.stickyadstv.com
808 B
1 admanmedia.com
cs.admanmedia.com
686 B
1 bing.com
c.bing.com
668 B
1 admixer.net
inv-nets.admixer.net
586 B
1 aniview.com
pbs.aniview.com
472 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3273
511 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
1 KB
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 13173
519 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 658
468 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 64791
660 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 157666
303 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
5 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
548 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
681 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 364903
1 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209
518 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 ampproject.net
d-26736635652493433395.ampproject.net
0 pippio.com Failed
pippio.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 atdmt.com Failed
ad.atdmt.com Failed
562 96
Domain Requested by
70 s0.2mdn.net www.bg3.co
s0.2mdn.net
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
56 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
googleads.g.doubleclick.net
www.googletagservices.com
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
52 cm.g.doubleclick.net 22 redirects googleads.g.doubleclick.net
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
eb2.3lift.com
g2.gumgum.com
33 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
25 static.bg3.co www.bg3.co
17 usersync.gumgum.com 1 redirects g2.gumgum.com
eus.rubiconproject.com
17 match.adsrvr.org 16 redirects cdn.adpushup.com
15 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
contextual.media.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
13 googleads.g.doubleclick.net 1 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
www.bg3.co
12 b1sync.zemanta.com 12 redirects
12 an.yandex.ru 8 redirects www.bg3.co
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
12 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 us-u.openx.net 5 redirects googleads.g.doubleclick.net
u.openx.net
11 prebid.a-mo.net 2 redirects cdn.adpushup.com
prebid.a-mo.net
10 dt.adsafeprotected.com www.bg3.co
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
10 pix.as.criteo.net ads.as.criteo.com
10 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
10 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 ib.adnxs.com 4 redirects cdn.adpushup.com
googleads.g.doubleclick.net
prebid.a-mo.net
acdn.adnxs.com
8 sync.1rx.io 8 redirects
8 pixel.rubiconproject.com 5 redirects www.bg3.co
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
public.servenobid.com
contextual.media.net
g2.gumgum.com
8 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
8 googleads4.g.doubleclick.net www.bg3.co
8 www.google.com googleads.g.doubleclick.net
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 s.amazon-adsystem.com 4 redirects eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
7 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 ups.analytics.yahoo.com 6 redirects
6 sync.teads.tv 3 redirects googleads.g.doubleclick.net
6 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 e3.adpushup.com www.bg3.co
5 image2.pubmatic.com 1 redirects ads.pubmatic.com
5 www.googletagservices.com googleads.g.doubleclick.net
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 sync.mathtag.com 4 redirects
4 pm.w55c.net 4 redirects
4 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
4 ads.pubmatic.com public.servenobid.com
contextual.media.net
g2.gumgum.com
ads.pubmatic.com
4 token.rubiconproject.com 3 redirects www.bg3.co
4 ap.lijit.com 4 redirects
4 image8.pubmatic.com 3 redirects public.servenobid.com
4 ssp.disqus.com 2 redirects prebid.a-mo.net
public.servenobid.com
4 x.bidswitch.net 3 redirects prebid.a-mo.net
contextual.media.net
g2.gumgum.com
ads.pubmatic.com
4 um.simpli.fi 4 redirects
4 b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 prebid-server.rubiconproject.com cdn.adpushup.com
prebid.a-mo.net
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 sync-tm.everesttech.net ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 sync.targeting.unrulymedia.com 3 redirects
3 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
3 secure-assets.rubiconproject.com 3 redirects
3 stags.bluekai.com 3 redirects
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 s.tribalfusion.com b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
3 a.tribalfusion.com 3 redirects
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 csm.as.criteo.net ads.as.criteo.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 simage2.pubmatic.com ads.pubmatic.com
2 c1.adform.net 1 redirects ads.pubmatic.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 secure.adnxs.com 2 redirects
2 csync.loopme.me ssum-sec.casalemedia.com
2 sync.tidaltv.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 1 redirects contextual.media.net
2 cs.media.net contextual.media.net
2 sync.go.sonobi.com 2 redirects
2 p.rfihub.com 2 redirects
2 ce.lijit.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects www.bg3.co
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 ad.turn.com 2 redirects
2 static.adsafeprotected.com pixel.adsafeprotected.com
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
2 u.openx.net 1 redirects cdn.adpushup.com
2 pixel.adsafeprotected.com s0.2mdn.net
www.bg3.co
2 sync-dsp.ad-m.asia 2 redirects
2 pixel.quantserve.com 1 redirects www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 gocm.c.appier.net 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 cs.admanmedia.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 pbs.aniview.com prebid.a-mo.net
1 ow.pubmatic.com prebid.a-mo.net
1 ssum.casalemedia.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 cm.adform.net prebid.a-mo.net
1 id.a-mx.com prebid.a-mo.net
1 assets.a-mo.net prebid.a-mo.net
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 fonts.googleapis.com s0.2mdn.net
1 im.bluevoox.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 sync.fout.jp 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 pxl.qccerttest.com www.bg3.co
1 e778d620ea5432f0c4488e8fa9e4bab9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 ads.as.criteo.com googleads.g.doubleclick.net
1 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
1 1e05286dc60c925b98acf33de1816ec0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-26736635652493433395.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pippio.com Failed ads.pubmatic.com
0 id5-sync.com Failed ssbsync.smartadserver.com
0 ad.atdmt.com Failed googleads.g.doubleclick.net
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
562 154

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
ssp.disqus.com
Amazon		 2021-12-20 -
2023-01-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.aniview.com
Amazon		 2022-05-11 -
2023-06-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.yieldlift.com
Amazon		 2022-01-14 -
2023-02-11		 a year crt.sh

This page contains 77 frames:

Primary Page: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Frame ID: C86BC753503212B143EAAE96463BDE81
Requests: 103 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 16E0944ABF5E5DB8A3B479529A154206
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7A20A6C3718991D331DDAB2EEEC1EA67
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E5F7EBAC29DDDBB144601DCF0CADD1B0
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 2ED0274CEB99AC757A00489221825FE9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-32217727282414270839&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3345&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=23009665&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&ga_hid=9665&dt=1664057880998&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&bdt=2492&dtd=460&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: B9B3BBF7A17B92F9EF2373B3A8EDFAC5
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: D7B79E78B532C08F9EDBFD9BE127FDA3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Frame ID: AEE7E09D6F848BF7F7E638CE2A36B1DA
Requests: 8 HTTP requests in this frame

Frame: https://1e05286dc60c925b98acf33de1816ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C9FF9736FBE073E031CEB518623DB5A1
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 9C4EC369BEFCCBA529D2E04CC5F364EA
Requests: 24 HTTP requests in this frame

Frame: https://e778d620ea5432f0c4488e8fa9e4bab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 10E3E933D803CAE00F987656B8440175
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Frame ID: B60335061A423EE2C84FB3BDD3D5D762
Requests: 16 HTTP requests in this frame

Frame: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E14B336FC22C06E31C9D90F5BD885BA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWmp3vszh83tEnj3gA6RDU_yav9Pzi4d65qv4sgw8DoeUh4uD-A4lYc_KrTIB9s41q9FGv0HgjOC5cYkjQSqyXUqApq6A
Frame ID: 9936B3413C2915060C19DEFDAA97AD7D
Requests: 5 HTTP requests in this frame

Frame: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D30674C4B954F42435D1F5A055BA8BCA
Requests: 28 HTTP requests in this frame

Frame: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B7AB1C27581CB62A00E0A8B14B0748C
Requests: 14 HTTP requests in this frame

Frame: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9EDCAE843FD5ADF08B38AC791530E69C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLeahC_-YoBGK_on9MBMAE&v=APEucNWQDCIuwvqIogymbKU7K04__xPdXTQUs4RZU6JjwpgissgvukqjdmxsH7RvVTQd_rYbdfw1HmZ1kCc7omv_IWNjpTu5Lw
Frame ID: 45EDF2257EEE4EA98B479BEAB4F800FF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLioLhDv9MTxAhi_s6_RATAB&v=APEucNUzbgyQZIehKl_d1G4Xzl6wcQoeM0ksGIOWXRU4jbevIJUZZbCNZC5yYBHqPTiC0T8Q05GVOsy_aFkLEL0eRT-0aOzD4w
Frame ID: 6C6C900E8D7723316096D87F88646761
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNW95RbbAkIp9x25Wjyyzjba1wn27ILbGcqNwdB93xEY2olju8a8YtcGmkKp1cV5hdRIKYYVbWWetS-SxDVx4PIMm6Zqig
Frame ID: 92CE550CA009C4CA9B956CA910576527
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8FF1ED0A327C5462E96D2AF9A441C12B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7096450A21346993B30E86E28AF0D841
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Frame ID: A9CCA38D5E1F6D02592C458AF4B5411E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52B5747ACB822BC934A262C7E916CC20
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1FD33A4F6119D874FC06A4C5D48FDBB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8990D5464BDD9858A24656873A585D7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13F9936F4260A8EB0D2DBCFA55EAF40E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B7C2935E8EDFF51E3F096FF1BF8D415
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E405AB36E5DDAE82889DAF3A00A3B4D1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6DA43B2A1F13A9D89B32EA6024ECD854
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE177DCC86D221313C3E2BE4234A6CE0
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04A7F0C343D01EED642F2514A7590D0A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7982E987524600D710931B4CF5C12F0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1D4B48C9C9D7CCC9C4577C36A9891AA4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 37FAF931942044AF80B1D242A6E28800
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Frame ID: 2F57FB314A1FD7EA11C30D3BD73570D7
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Frame ID: 6DA46C7F75607DEE4E4CBCF1792DF2B2
Requests: 42 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
Frame ID: ADCE390588E2D25B335393D4711336E2
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 29B4680A6386437122969A22C139BAFA
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D4AF030EB8475DB18C161CF601374D86
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 6049929E14156D6459F682DD3C474874
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 2426B01D93CB66EB6CEDACAF730EFD17
Requests: 13 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7697275FE212B25D3344996494F1FCBC
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 47A189C19CF7F58E550729AF6BE79977
Requests: 17 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664057882443
Frame ID: 42D6B5D955B9BA92DC071977976553C8
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 0B46CADD27EFDDF32C0F4DF26ADA85E7
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9351321A5EA8987CB37FEAD94226B7E8
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 984F8A3B3169607244EA393CBE13D4E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DFB76F3A51768341917BC814CC53F342
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BBF1D85A3053A1E71B4AA07EF5242C44
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E84D6118FF7250F3CE7A2B1A5CE9063F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 639B7EF5C72410981CC6505357E0E622
Requests: 12 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: B66D7496727037CD0FA161C146346539
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: E86E7913202E0F23B382B8377C54B52D
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 0E89950D02AB016C1DD88C0936DC5469
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: B8C4DE38662B5157040775A6B401F8FA
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 7A7155BCEB8F07F7F303F41B26448598
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 64BFDCA810D596BC4036ED5C18DE5474
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=rkt&refUrl=&vid=40578881153070594876823872000V10&ovsid=1974054389828404608
Frame ID: D8F6BF91B78C795409CA621EED46B466
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dpba%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3DPM_UID
Frame ID: 11697B40B4D05C66B163CF4DBE150A5B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 74CC28333EB8B40AFA634B98632497F9
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5E3B2801EF42A1C004D0E793D230446E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=7647632f-8221-4e00-94e8-2f88844c39ab&gdpr=0&gdpr_consent=
Frame ID: 84C74882A4CF3EB4A3067EDDA2F6400A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 52B8049863F8850462F860D480F996C9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9kMDZjYzMxOC1mZWVjLTRkZTUtYmNhYi1iOTExYzM1ZDJhOWE=&gdpr=0&gdpr_consent=
Frame ID: D78BC7BC6D5C6CC33AEAB7E5266723A2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 68331BF56045FB78FBC39ED1CCEE1AA5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=eb916940-6383-4e8a-baaa-aa12955c5102
Frame ID: 3C98A460098471B592F11645E5AD8266
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 84F2B15CCC3040E427FDFBD897013491
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Yy.CIMCo8YkAAEZta-AAAAAA
Frame ID: B408FE2B0C2DDBA52657899A5612DACF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
Frame ID: 150883EB300B753592B774E5C820281D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=zUpZWvbj86L7zsKIAhhe&pi=gumgum&tc=1
Frame ID: 0C7D609A9E0C746A9E80E0DF369D1E2B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 8378AA40021CD53AF086A2940E6AE66A
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9313C267-A883-41BF-9ACB-A9029A8786C9
Frame ID: 1C45AE828758958147E227CED5AA982F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:46fd632f-8221-4500-a339-f954cb2ea90e&gdpr=0&gdpr_consent=
Frame ID: 990BA01D4F37F424A82CAD0FD6762468
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 38834AEB9A43DC9F452C481FB2EBC725
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cCTQpeAjBWmhGlTDIoIvYw
Frame ID: 645AF8CCBE15492DDB56FD65B9761ADC
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=9313C267-A883-41BF-9ACB-A9029A8786C9
Frame ID: 9AE20CFC866E4C4967893CADAE5C56A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

浙江杭州蕭山國際機場三期項目正式投運 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

562
Requests

77 %
HTTPS

0 %
IPv6

96
Domains

154
Subdomains

102
IPs

9
Countries

4133 kB
Transfer

11014 kB
Size

59
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 99
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881282&bpp=13&bdt=1597&idt=602&shv=r20220921&mjsv=m202209190101&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=2&ga_vid=1089105481.1664057882&ga_sid=1664057882&ga_hid=826703497&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1424212858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069831%2C44774342&oid=2&pvsid=4150507189820689&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2agy58gvxcox&fsb=1&dtd=618 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED022-6gVjHF56Iv-rgc33Q&google_cver=1
Request Chain 170
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy.CHKuYL2cjhEGEVD1B6AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED022-6gVjHF56Iv-rgc33Q&google_cver=1&google_hm=2
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAQNzNJRtKY8IyMA79RnYjE&google_cver=1
Request Chain 172
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODU0NDMxNzI0MjgwNTIxNw%3D%3D
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
Request Chain 205
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
Request Chain 207
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
Request Chain 209
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
Request Chain 211
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
Request Chain 213
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
Request Chain 215
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
Request Chain 219
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESELvS7PMMGh79JY9Rw8AUVcg&google_cver=1&google_push=AZmPxg8aGtyPH3pj9wsLMXuciNNnWSY8Vrucr_gWAMwxC3IvCw96nTOyVwnK7r5KdpaNUkpCvjtpxGag_7KTgz9S_PcLcrZhMA7V HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8aGtyPH3pj9wsLMXuciNNnWSY8Vrucr_gWAMwxC3IvCw96nTOyVwnK7r5KdpaNUkpCvjtpxGag_7KTgz9S_PcLcrZhMA7V
Request Chain 220
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEAvOqVhp7j4iAq6cVSrAJfM&google_cver=1&google_push=AZmPxg-cyCCSAX0DucAKnBQ0LdCCVAA3WacNQdUt565Rj7htHPoAUWqEtvLSPJVL0xXHBep_Ybqkde8J2rW3nghZ10XNwEdqBHY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-cyCCSAX0DucAKnBQ0LdCCVAA3WacNQdUt565Rj7htHPoAUWqEtvLSPJVL0xXHBep_Ybqkde8J2rW3nghZ10XNwEdqBHY&google_hm=ckdadWF2ZU5HR2FtQ0tlbENkeDRhMmk3NTcw&from_google=sp1
Request Chain 221
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEF8uAccJk9laxMyXb2iNvMs&google_cver=1&google_push=AZmPxg_PD-KCsa5RNUNL8BevePt2KtGUTfkLzzKLlr1YUx5XaG5u0vM1xnWKtL1UXvSxftQCyoQZL0pHatMnLB-UJ6hykdaeUXVo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_PD-KCsa5RNUNL8BevePt2KtGUTfkLzzKLlr1YUx5XaG5u0vM1xnWKtL1UXvSxftQCyoQZL0pHatMnLB-UJ6hykdaeUXVo&google_hm=Z2Y1MmY1MDBmYjhmY2Y5ZDFlMDI=
Request Chain 222
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECs3KQHle9qZQ9da6o-8Tck&google_cver=1&google_push=AZmPxg-k9OZQPbmqbXRoZb4wswhKuLidrEXkEgRJkXDPNTjDbbY6LGH-OkEcwJg4Os9tJfQTJsu_p7UjuDB6DDO_Kd0WKOnn1QX1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg-k9OZQPbmqbXRoZb4wswhKuLidrEXkEgRJkXDPNTjDbbY6LGH-OkEcwJg4Os9tJfQTJsu_p7UjuDB6DDO_Kd0WKOnn1QX1&google_hm=MzU4MDI1MTM4MzU5NzQ1NTkxMQ%3D%3D
Request Chain 223
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESENyiw66T3ouO8ksU6-jDoBM&google_cver=1&google_push=AZmPxg9foxQ5wOGLOqwPtqhIUarB45yM5Ml2rxWTBWg0KpADR8agBg26f8WPaPXfUNUWwuIxox1_FtwZ4lMvSpyUViOamA2ZhlaxwA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg9foxQ5wOGLOqwPtqhIUarB45yM5Ml2rxWTBWg0KpADR8agBg26f8WPaPXfUNUWwuIxox1_FtwZ4lMvSpyUViOamA2ZhlaxwA&google_hm=QlMuODdhOS00YmM2LTQzZGUtYjU2Nw==
Request Chain 224
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJ_LzvrYyecV6Vd-jkPCHxA&google_cver=1&google_push=AZmPxg9hRd7_MrgO74y0tu7FGxN9SC-vB9PoEDFwLQS0eV1Wf8-DBSCuvtyOvWEc7kaZUecM7LOGFX_eGu8S2meQHMSTo4BsZzAUJg HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJ_LzvrYyecV6Vd-jkPCHxA&google_cver=1&google_push=AZmPxg9hRd7_MrgO74y0tu7FGxN9SC-vB9PoEDFwLQS0eV1Wf8-DBSCuvtyOvWEc7kaZUecM7LOGFX_eGu8S2meQHMSTo4BsZzAUJg&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg9hRd7_MrgO74y0tu7FGxN9SC-vB9PoEDFwLQS0eV1Wf8-DBSCuvtyOvWEc7kaZUecM7LOGFX_eGu8S2meQHMSTo4BsZzAUJg&google_hm=MVg0ZXEyMkVUc3U=&suid-set=1
Request Chain 225
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?ext-param=AZmPxg_VS4MbEuIYPFLDsfpNEJ2Ju43tXlKZ34Ph9hNw6nQ_WGg9SA8L2jRxlZWY7ygqeYCCrZL_i7hm1evH2tM5XQDgFwMSt06WwQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?redir-setuniq=1&ext-param=AZmPxg_VS4MbEuIYPFLDsfpNEJ2Ju43tXlKZ34Ph9hNw6nQ_WGg9SA8L2jRxlZWY7ygqeYCCrZL_i7hm1evH2tM5XQDgFwMSt06WwQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEypW96PXKPkbzmXOe6Smcc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 260
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nofymPB7EtEJGJVcB4sK3FSWTjqrLaT67Zp635_jTCQpShIeNcSe0zz60&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nofymPB7EtEJGJVcB4sK3FSWTjqrLaT67Zp635_jTCQpShIeNcSe0zz60%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nofymPB7EtEJGJVcB4sK3FSWTjqrLaT67Zp635_jTCQpShIeNcSe0zz60&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nofymPB7EtEJGJVcB4sK3FSWTjqrLaT67Zp635_jTCQpShIeNcSe0zz60%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 261
  • https://um.simpli.fi/gp_match?google_gid=CAESEH_ghP3jrxbNzW3a774rd5E&google_cver=1&google_push=AZmPxg_wHZ9h7_AWdMcrP_jxYyvT3pPHvp0iu1mAFEYJePaapK0yzzjjdi3-fTf1kGxN3DkFR_2glfqDillwRhTyHdrqbSjK2WF_49a02R8xQy3dMFzWqHRJGe396ZyqoduhLZpkZ1ZJpUF4x1tA59og-40 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=43525A80803C4D43A1CB91C32F12F310&google_push=AZmPxg_wHZ9h7_AWdMcrP_jxYyvT3pPHvp0iu1mAFEYJePaapK0yzzjjdi3-fTf1kGxN3DkFR_2glfqDillwRhTyHdrqbSjK2WF_49a02R8xQy3dMFzWqHRJGe396ZyqoduhLZpkZ1ZJpUF4x1tA59og-40
Request Chain 262
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg_xqihTNE6VNl3FEVW3mp_khpOkJ4YqpFnrj6-o4pC0AGABiqEUuiSWlSnCvDNRVs6GG8jdsNLQGBDjg0vYI2ML_qbKfzVj4qwVXbeB5Gv7CI0QSfAqH18SpBkYWyQx2Qwel6Oqj1DeFwaxyyouBMw HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg_xqihTNE6VNl3FEVW3mp_khpOkJ4YqpFnrj6-o4pC0AGABiqEUuiSWlSnCvDNRVs6GG8jdsNLQGBDjg0vYI2ML_qbKfzVj4qwVXbeB5Gv7CI0QSfAqH18SpBkYWyQx2Qwel6Oqj1DeFwaxyyouBMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
Request Chain 263
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_cver=1&google_push=AZmPxg-5qARgd2O3FFMxNJmM5SGyRoaq8ALsvatGXMMLFC861-ahkT-gBWN_rMUSI6em-5VixVz3CzMXX9guttmf2qbIhbsXuaeiFNB69dyaL6fzxYnEuWoXVy6744KEPTC8mks5ez1oRgx0XgsJXMxknR4 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_push=AZmPxg-5qARgd2O3FFMxNJmM5SGyRoaq8ALsvatGXMMLFC861-ahkT-gBWN_rMUSI6em-5VixVz3CzMXX9guttmf2qbIhbsXuaeiFNB69dyaL6fzxYnEuWoXVy6744KEPTC8mks5ez1oRgx0XgsJXMxknR4&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-5qARgd2O3FFMxNJmM5SGyRoaq8ALsvatGXMMLFC861-ahkT-gBWN_rMUSI6em-5VixVz3CzMXX9guttmf2qbIhbsXuaeiFNB69dyaL6fzxYnEuWoXVy6744KEPTC8mks5ez1oRgx0XgsJXMxknR4&google_hm=YlZnYjMwRDRYc3Z5UjdRUkJXOEo=
Request Chain 264
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?ext-param=AZmPxg8W8TiqRy8JcajHSVdxz3GawIEvWHpa4wFhE-htiR8pstlCAYNpzQLikm2ebgP1alIkNCHUNYeonZYyHyDImTX_yAotCr894efl_pcyNHJRLDtFnd-UjiuDt35KzuYnZr4Jc-UM0ms2KEZs4HgvDAw&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?redir-setuniq=1&ext-param=AZmPxg8W8TiqRy8JcajHSVdxz3GawIEvWHpa4wFhE-htiR8pstlCAYNpzQLikm2ebgP1alIkNCHUNYeonZYyHyDImTX_yAotCr894efl_pcyNHJRLDtFnd-UjiuDt35KzuYnZr4Jc-UM0ms2KEZs4HgvDAw&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEypW96PXKPkbzmXOe6Smcc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 268
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW2KeInigMKI2UiI8KrqPY0pdQsqq1znoE3g9tx_vPEY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW2KeInigMKI2UiI8KrqPY0pdQsqq1znoE3g9tx_vPEY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW2KeInigMKI2UiI8KrqPY0pdQsqq1znoE3g9tx_vPEY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW2KeInigMKI2UiI8KrqPY0pdQsqq1znoE3g9tx_vPEY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 269
  • https://um.simpli.fi/gp_match?google_gid=CAESEH_ghP3jrxbNzW3a774rd5E&google_cver=1&google_push=AZmPxg9AwstN21--h1Qjvmh-rmW3TY1rwX9EmvEnkvCirYwtM8RjtsGTkZuuIPLJxyC_uPT96-simfrum2hzhmQrSnBAJrj5KZWlH5LrvYeg-vGfNxro56UHi00aY0pFtrb7Mxo-SfIjmMI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CE8D5B091D614E7BB25A31D7D38CD4DA&google_push=AZmPxg9AwstN21--h1Qjvmh-rmW3TY1rwX9EmvEnkvCirYwtM8RjtsGTkZuuIPLJxyC_uPT96-simfrum2hzhmQrSnBAJrj5KZWlH5LrvYeg-vGfNxro56UHi00aY0pFtrb7Mxo-SfIjmMI
Request Chain 270
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg91rJVuRy9yayWRdTfPg6djb5pBzs8HN0whNggjGgTiQB59LyLaA4EBQsMpnisPSdm32KpwTZD1E0TWqpE_o6Sn4ZHP0Lj_sZI69F3dhqjO3w5-aAIFuKhBfYnm1pOXAgCEL1rAz7go HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg91rJVuRy9yayWRdTfPg6djb5pBzs8HN0whNggjGgTiQB59LyLaA4EBQsMpnisPSdm32KpwTZD1E0TWqpE_o6Sn4ZHP0Lj_sZI69F3dhqjO3w5-aAIFuKhBfYnm1pOXAgCEL1rAz7go HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
Request Chain 271
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_cver=1&google_push=AZmPxg9UTYy3XAO6V3E9iIVbgD58FMEsHu0M9n3voukIU65jdOYSk8_Zw-k-uQ8OC-yXqd3xX2FbMVyXLlwmlW0SHjCFH5LSYPuT8TuojAV7ikhE5QsA6vOnfDWRfEatFgXxa810hDjC_go0 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_push=AZmPxg9UTYy3XAO6V3E9iIVbgD58FMEsHu0M9n3voukIU65jdOYSk8_Zw-k-uQ8OC-yXqd3xX2FbMVyXLlwmlW0SHjCFH5LSYPuT8TuojAV7ikhE5QsA6vOnfDWRfEatFgXxa810hDjC_go0&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9UTYy3XAO6V3E9iIVbgD58FMEsHu0M9n3voukIU65jdOYSk8_Zw-k-uQ8OC-yXqd3xX2FbMVyXLlwmlW0SHjCFH5LSYPuT8TuojAV7ikhE5QsA6vOnfDWRfEatFgXxa810hDjC_go0&google_hm=SlJnVkRFbGdsT2syQl9fZVVySDQ=
Request Chain 272
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?ext-param=AZmPxg9ZTYlj4xjowYadttcYYYG8_EmVVRxGM-3hskJfPzZ5T39xy_RAwAPHHL0D812Oo5j-P_n4Rev7WJ6WreqcbCNKT3_Os9sAEo7DUCzxhP-QWV_Mnd-TcotK0wA7F0SM5wEjz5OuVDWHJw&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?redir-setuniq=1&ext-param=AZmPxg9ZTYlj4xjowYadttcYYYG8_EmVVRxGM-3hskJfPzZ5T39xy_RAwAPHHL0D812Oo5j-P_n4Rev7WJ6WreqcbCNKT3_Os9sAEo7DUCzxhP-QWV_Mnd-TcotK0wA7F0SM5wEjz5OuVDWHJw&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEypW96PXKPkbzmXOe6Smcc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 274
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76tibT7eIu2nb8mH2QVh5yWuXbfLswwzmWe5nZNMdBORm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76tibT7eIu2nb8mH2QVh5yWuXbfLswwzmWe5nZNMdBORm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76tibT7eIu2nb8mH2QVh5yWuXbfLswwzmWe5nZNMdBORm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76tibT7eIu2nb8mH2QVh5yWuXbfLswwzmWe5nZNMdBORm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 275
  • https://um.simpli.fi/gp_match?google_gid=CAESEH_ghP3jrxbNzW3a774rd5E&google_cver=1&google_push=AZmPxg-JRJzUu9scUZXzMcjC220RZSOQcGXQBdJd0pIEmBxyzJnCWsTA48ZTOu5uhhoCgrwy5AyNKCf2dVPKBb4exfb3tR0sjfhQ2Jrgmar6v7PbxcBN-bmDEALYBlfjQhIiw32pn1thAX4O HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B2A13C560324A29B1BCFE61491F7FDE&google_push=AZmPxg-JRJzUu9scUZXzMcjC220RZSOQcGXQBdJd0pIEmBxyzJnCWsTA48ZTOu5uhhoCgrwy5AyNKCf2dVPKBb4exfb3tR0sjfhQ2Jrgmar6v7PbxcBN-bmDEALYBlfjQhIiw32pn1thAX4O
Request Chain 276
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg_Taky4y0MUAleIU_F-FS7jL3BjKd7PYU01oC8QRpUjmHLzd6FYOmbDlu659KOIkvZjT221WxEB7S9m8Rc-HyHq8S12CySzyF1E1VuER4q8JLL1Z8yoBsbjpdwBlYdymwtfy6I0lWie HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg_Taky4y0MUAleIU_F-FS7jL3BjKd7PYU01oC8QRpUjmHLzd6FYOmbDlu659KOIkvZjT221WxEB7S9m8Rc-HyHq8S12CySzyF1E1VuER4q8JLL1Z8yoBsbjpdwBlYdymwtfy6I0lWie HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
Request Chain 277
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_cver=1&google_push=AZmPxg9xQjgiN6eAv6L38ci7FYnDeo9CZIzgwaSxPHMMAZuyYBxX1iBb6FKqMTmE4Fklt9e9AR8AhZS6_fPn3IU-a8vlM4-jE9T2_vLXQj2GdTl-_2hmnFf9yiP3x-inWhlEQs-ZlWMhFfvM HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_push=AZmPxg9xQjgiN6eAv6L38ci7FYnDeo9CZIzgwaSxPHMMAZuyYBxX1iBb6FKqMTmE4Fklt9e9AR8AhZS6_fPn3IU-a8vlM4-jE9T2_vLXQj2GdTl-_2hmnFf9yiP3x-inWhlEQs-ZlWMhFfvM&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9xQjgiN6eAv6L38ci7FYnDeo9CZIzgwaSxPHMMAZuyYBxX1iBb6FKqMTmE4Fklt9e9AR8AhZS6_fPn3IU-a8vlM4-jE9T2_vLXQj2GdTl-_2hmnFf9yiP3x-inWhlEQs-ZlWMhFfvM&google_hm=ekFGX2Q1MXF1a0hqeXdIUE1Md1Q=
Request Chain 278
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?ext-param=AZmPxg9OUBWGqdNmh1FEmgCPKc845Ar07k2COIcIEtNriyrG4R-C8Wti6vHItBu4sLwkLQQTdefAvqDFvdH1UXREbwfjv4ko0Ecu7tWdkO_3J1_1wdbj8S6AoCzYszMkAPnzvWT2vtxgEq-j_Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?redir-setuniq=1&ext-param=AZmPxg9OUBWGqdNmh1FEmgCPKc845Ar07k2COIcIEtNriyrG4R-C8Wti6vHItBu4sLwkLQQTdefAvqDFvdH1UXREbwfjv4ko0Ecu7tWdkO_3J1_1wdbj8S6AoCzYszMkAPnzvWT2vtxgEq-j_Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEypW96PXKPkbzmXOe6Smcc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 343
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 380
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8143086186408040920&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 381
  • https://match.adsrvr.org/track/cmf/openx?oxid=fe27951f-4aa8-7962-d60b-cf9932a851d0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=eb916940-6383-4e8a-baaa-aa12955c5102&ttd_puid=fe27951f-4aa8-7962-d60b-cf9932a851d0&gdpr=0&gdpr_consent=
Request Chain 382
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yy.CH8Co8YkAAEZtav0AAAAA
Request Chain 383
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWwdLttMAZTcks8ADsaW9lfog88AAAGDcZRM4Q
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
Request Chain 400
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=1e59f85e-26b7-4209-a993-edd116073ba5 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=1e59f85e-26b7-4209-a993-edd116073ba5&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A&gdpr=0&gdpr_consent=
Request Chain 401
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L8GH3JQI-1P-8BEJ&gdpr=0
Request Chain 404
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=smartadserver&uid=3580251383597455911
Request Chain 405
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D1e59f85e-26b7-4209-a993-edd116073ba5%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D1e59f85e-26b7-4209-a993-edd116073ba5%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTMxM0MyNjctQTg4My00MUJGLTlBQ0ItQTkwMjlBODc4NkM5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dpubmatic%26uid%3D9313C267-A883-41BF-9ACB-A9029A8786C9 HTTP 302
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=pubmatic&uid=9313C267-A883-41BF-9ACB-A9029A8786C9
Request Chain 406
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=index_rtb&uid=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
Request Chain 407
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=sovrn&uid=FXzaELZHPzVwhDpxQ7qBHsVJ
Request Chain 408
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=appnexus&uid=5338544317242805217
Request Chain 414
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=eb916940-6383-4e8a-baaa-aa12955c5102&dongle=0cfd
Request Chain 415
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQyNTA5NDA3MDIwNTg2MjI3NzMzNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKWjcaPZgVvwDyTHW_41axU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 417
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQyNTA5NDA3MDIwNTg2MjI3NzMzNg%3D%3D
Request Chain 418
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3425094070205862277336&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3425094070205862277336&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=da546726-74bb-4352-80c8-79a96d51cba8&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=da546726-74bb-4352-80c8-79a96d51cba8&_noobservation=1&_expected_cookie=a3d29d50dc09fa362610b4a273dbd857
Request Chain 419
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3425094070205862277336&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3425094070205862277336&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D1ed2408a-d337-48ca-9629-4e75246a865d%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1cc597ff1a754b29859ffaf9bda87f03&ssp=triplelift&bsw_param=1ed2408a-d337-48ca-9629-4e75246a865d&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 420
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3425094070205862277336?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ky.hn.JE2oRKaI8LPccQ462hrnZCvq7Kp8BVU3vsHQ--~A&dongle=0883
Request Chain 421
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3425094070205862277336 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3425094070205862277336&dcc=t
Request Chain 423
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=zAF_d51qukHjywHPMLwT&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PJAUMX3EGUYXC5LLJBVHS52IKBGUY52U&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PJAUMX3EGUYXC5LLJBVHS52IKBGUY52U HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=zAF_d51qukHjywHPMLwT
Request Chain 433
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6ty0-OTGRNu4cLCTsES5zA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=6ty0-OTGRNu4cLCTsES5zA
Request Chain 434
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iRInuQui0CJK8k2J0QG91Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3676712035981263786
Request Chain 435
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8GH3JQI-1P-8BEJ
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBeauxshP1FlQV1IzwXe8j0&google_cver=1
Request Chain 437
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb916940-6383-4e8a-baaa-aa12955c5102&gdpr=0&gdpr_consent=&expires=30
Request Chain 439
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhHSDNKUUktMVAtOEJFSg==
Request Chain 440
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 446
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 447
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8GH3JQI-1P-8BEJ&gdpr=0&us_privacy=1YN-
Request Chain 448
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5338544317242805217
Request Chain 449
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FXzaCRZHECsDJOjCTOqQnMka
Request Chain 450
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FXzaELZHTgZ9pCxOTaetLQBd
Request Chain 451
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=5d554f15-1dd0-4fa9-a9a9-e6a17fe0c12d
Request Chain 452
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1664057888592 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4648303109 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/eb916940-6383-4e8a-baaa-aa12955c5102 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-11fefaa0-4627-490a-a3c6-1c976b871567-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-11fefaa0-4627-490a-a3c6-1c976b871567-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
Request Chain 453
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1974054389828404610
Request Chain 454
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=af867dcb-92a5-4909-9073-a9934b9d971c
Request Chain 455
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F2725%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D1e59f85e-26b7-4209-a993-edd116073ba5%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 456
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A
Request Chain 457
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1lZGI2NzI4MC0yNjU0LTMyMzctYmVkYi1iNjNmMzdmNTEwMmMqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZWRiNjcyODAtMjY1NC0zMjM3LWJlZGItYjYzZjM3ZjUxMDJjMgISBjgB HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=94f46a18-f30e-4e71-96e7-985d82a16989&r=Cid1YS1lZGI2NzI4MC0yNjU0LTMyMzctYmVkYi1iNjNmMzdmNTEwMmMqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZWRiNjcyODAtMjY1NC0zMjM3LWJlZGItYjYzZjM3ZjUxMDJjMgISBjgB HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1lZGI2NzI4MC0yNjU0LTMyMzctYmVkYi1iNjNmMzdmNTEwMmMqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZWRiNjcyODAtMjY1NC0zMjM3LWJlZGItYjYzZjM3ZjUxMDJjMgISBjgC%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3651%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFsWkdJMk56STRNQzB5TmpVMExUTXlNemN0WW1Wa1lpMWlOak5tTXpkbU5URXdNbU1xVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFpXUmlOamN5T0RBdE1qWTFOQzB6TWpNM0xXSmxaR0l0WWpZelpqTTNaalV4TURKak1nSVNCamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 458
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A
Request Chain 460
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 461
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Drkt%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=rkt&refUrl=&vid=40578881153070594876823872000V10&ovsid=1974054389828404608
Request Chain 463
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dapx%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3070594876823872000V10&type=apx&refUrl=&vid=40578881153070594876823872000V10&ovsid=5338544317242805217
Request Chain 464
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dopx%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=opx&refUrl=&vid=40578881153070594876823872000V10&ovsid=360bfc80-e1a8-4382-b544-b1f78047c30c
Request Chain 465
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dr1%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dr1%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D%5BRX_UUID%5D&cb=1664057888593 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5641728533 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/eb916940-6383-4e8a-baaa-aa12955c5102 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-11fefaa0-4627-490a-a3c6-1c976b871567-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-11fefaa0-4627-490a-a3c6-1c976b871567-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
Request Chain 466
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA3MDU5NDg3NjgyMzg3MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEPNQriZbHlTweqTycRUpUPA&google_cver=1
Request Chain 467
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Ddxu%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Ddxu%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3070594876823872000V10&type=dxu&refUrl=&vid=40578881153070594876823872000V10&ovsid=PjTCLJNF1OCdtm5
Request Chain 469
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525475281123400026&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525475281123400026&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=97331c6c-1f74-452e-9cac-f074b3638d4e&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525475281123400026&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=231943304284012347780&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525475281123400026&ssp=medianet&gdpr=0&gdpr_consent=
Request Chain 470
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dzem%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=zAF_d51qukHjywHPMLwT&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPL2IFDF6ZBVGFYXK22INJ4XOSCQJVGHOVBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DANJXHA4DQMJRGUZTANZQGU4TIOBXGY4DEMZYG4ZDAMBQKYYTAJTWONUWIPJTGA3TANJZGQ4DONRYGIZTQNZSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPL2IFDF6ZBVGFYXK22INJ4XOSCQJVGHOVBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DANJXHA4DQMJRGUZTANZQGU4TIOBXGY4DEMZYG4ZDAMBQKYYTAJTWONUWIPJTGA3TANJZGQ4DONRYGIZTQNZSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=zAF_d51qukHjywHPMLwT&refUrl=&type=zem&vid=40578881153070594876823872000V10&vsid=3070594876823872000V10
Request Chain 471
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3070594876823872000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3070594876823872000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=b19b4510-7472-4a62-9ad1-3f257b6cbfb2&cs=1
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eb916940-6383-4e8a-baaa-aa12955c5102
Request Chain 477
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=4d423f7b-7a7b-4413-8c59-7e445273360e
Request Chain 478
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMO91hTwJYQg1Vq23oPxLoBFnkQhEIzOp0keCzQ7Q&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=3580251383597455911&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/7/3.gif?puid=5338544317242805217&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO91hTwJYQg1Vq23oPxLoBFnkQhEIzOp0keCzQ7Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/3/6/4.gif?puid=46fd632f-8221-4500-a339-f954cb2ea90e&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=eb916940-6383-4e8a-baaa-aa12955c5102&ttl=%%TTL%%
Request Chain 479
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f4f3a4f2-a791-4f87-b139-35007e64bbf1&gdpr=0&gdpr_consent=
Request Chain 480
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=38e99ae3-468e-4a79-9709-096be10f8812&gdpr=0&gdpr_consent=
Request Chain 493
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB&dcc=t
Request Chain 494
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDOqlVWunlRYa7IeNELkCa8&google_cver=1
Request Chain 495
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=eb916940-6383-4e8a-baaa-aa12955c5102&expiration=1666649889&gdpr=0&gdpr_consent=
Request Chain 499
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=46fd632f-8221-4500-a339-f954cb2ea90e
Request Chain 502
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5338544317242805217
Request Chain 503
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB
Request Chain 504
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdetk7GXwQAACD8jDf7ZA&expiration=1665267490
Request Chain 505
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8143086186408040920
Request Chain 507
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=6fc3d89b-a7e7-ca15-ba211283
Request Chain 508
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=2tek8ocK1OCdtn5
Request Chain 509
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=fCEBStbHSOpOjicQfw2tQK310S4
Request Chain 511
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5338544317242805217
Request Chain 512
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_d06cc318-feec-4de5-bcab-b911c35d2a9a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523786431629980367&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523786431629980367&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=97331c6c-1f74-452e-9cac-f074b3638d4e&ssp=gumgum2&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525475281123400026&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232743304284012347215&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525475281123400026&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 513
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%285FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%285FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_d06cc318-feec-4de5-bcab-b911c35d2a9a&obuid=ENC(5FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26obUid%3D5FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=5FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF&uid=4e36bc18-3546-449e-b564-9d348a1396fb
Request Chain 514
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=091a316f-62bd-4134-b170-df74faf85096
Request Chain 515
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-91c7e8d1-d625-4240-4b50-7c3d4e43af8e$ip$173.245.209.46
Request Chain 516
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-LbsUM2dE2pem5C8qvj6UfY8A06TyzTizCh4a~A
Request Chain 517
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=bb63729b-bc27-45a6-b8f2-9ae02f3dd780
Request Chain 520
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_d06cc318-feec-4de5-bcab-b911c35d2a9a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=zAF_d51qukHjywHPMLwT&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26SBIZPWINJROF2WWSDKPF3UQUCNJR3VIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26SBIZPWINJROF2WWSDKPF3UQUCNJR3VIJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zAF_d51qukHjywHPMLwT&us_privacy=1---
Request Chain 521
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f274a197-dc40-40e6-ad08-673dbefe52d6
Request Chain 522
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4604432038 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/eb916940-6383-4e8a-baaa-aa12955c5102 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-11fefaa0-4627-490a-a3c6-1c976b871567-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-11fefaa0-4627-490a-a3c6-1c976b871567-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
Request Chain 523
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=NgQJoDSABUC4&ev=1&pid=558355
Request Chain 524
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3580251383597455911
Request Chain 526
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=7647632f-8221-4e00-94e8-2f88844c39ab&gdpr=0&gdpr_consent=
Request Chain 530
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=eb916940-6383-4e8a-baaa-aa12955c5102
Request Chain 532
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Yy.CIMCo8YkAAEZta-AAAAAA
Request Chain 533
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
Request Chain 534
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=zUpZWvbj86L7zsKIAhhe&pi=gumgum&tc=1
Request Chain 535
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 542
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8GH3JQI-1P-8BEJ HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L8GH3JQI-1P-8BEJ
Request Chain 547
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8GH3JQI-1P-8BEJ HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8GH3JQI-1P-8BEJ
Request Chain 548
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L8GH3JQI-1P-8BEJ HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L8GH3JQI-1P-8BEJ
Request Chain 550
  • https://c1.adform.net/serving/cookie/match?party=14&cid=9313C267-A883-41BF-9ACB-A9029A8786C9 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9313C267-A883-41BF-9ACB-A9029A8786C9
Request Chain 551
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:46fd632f-8221-4500-a339-f954cb2ea90e&gdpr=0&gdpr_consent=
Request Chain 553
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cCTQpeAjBWmhGlTDIoIvYw
Request Chain 555
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kxPCZ6iDQb-ay6kCmoeGyQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 556
  • https://idsync.rlcdn.com/420486.gif?partner_uid=9313C267-A883-41BF-9ACB-A9029A8786C9 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDkzMTNDMjY3LUE4ODMtNDFCRi05QUNCLUE5MDI5QTg3ODZDORAAGg0IooS-mQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=de76e69daa8158d882ebe779573f4a35e010762ed0fe45094eda2fda84442875791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkZTc2ZTY5ZGFhODE1OGQ4ODJlYmU3Nzk1NzNmNGEzNWUwMTA3NjJlZDBmZTQ1MDk0ZWRhMmZkYTg0NDQyODc1NzkxNDI2YjU0MTdkY2UyMRAAGgwIo4S-mQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkZTc2ZTY5ZGFhODE1OGQ4ODJlYmU3Nzk1NzNmNGEzNWUwMTA3NjJlZDBmZTQ1MDk0ZWRhMmZkYTg0NDQyODc1NzkxNDI2YjU0MTdkY2UyMRAAGgwIo4S-mQYSBAgCEABCAEoA&google_gid=CAESEKCxJH45hyb_TG5qbWjJPaY&google_cver=1
Request Chain 557
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=46fd632f-8221-4500-a339-f954cb2ea90e
Request Chain 558
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBYPCf8sKHp4YzIhMG5GCvg&google_cver=1
Request Chain 559
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE8D5B091D614E7BB25A31D7D38CD4DA
Request Chain 561
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=eb916940-6383-4e8a-baaa-aa12955c5102
Request Chain 562
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=9b296ec1-65fa-4412-85e2-498cab6c5e5c&expires=1&user_group=5&ssp=pubmatic&bsw_param=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b
Request Chain 563
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9313C267-A883-41BF-9ACB-A9029A8786C9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oU0lHAVE2uWq_KO0sJTg6Ac7wPvfq3Q-~A&gdpr=0&gdpr_consent=
Request Chain 564
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_uvYzPDq28jl64_O_OnHzq68jMnl6Y_I_L7xAEac

562 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
www.bg3.co/a/ 		47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8b03d04d1497d9a0ad6cfd6ef1e6b267a635a7165d184a85fc3703bf0ca54592

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Sep 2022 22:17:58 GMT
ETag
"bd12-lu99nhXVzle7DEPYsZmHo7gHst4"
Expires
Sat, 24 Sep 2022 23:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72580
x-xss-protection
0
server
sffe
date
Sat, 24 Sep 2022 22:17:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"262efd4b6b76c562"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 24 Sep 2022 22:17:58 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9655
x-xss-protection
0
server
sffe
date
Sat, 24 Sep 2022 22:17:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"8ff35979583bd4ad"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 24 Sep 2022 22:17:58 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
date
Sat, 24 Sep 2022 22:17:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d4da8c7cd0fe74c1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 24 Sep 2022 22:17:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
date
Sat, 24 Sep 2022 22:17:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ca421db8126f307e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 24 Sep 2022 22:17:58 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:17:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3168
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE5sNw6OR22HYMxY9daXmeZNjUH%2F%2FL3hNxS%2BfAebj%2BuPWEsV%2FESVKPF0m7MamWZqfWc7DGBolzXZ6U0YlytvlyR7ubH77x92TL8I8uQQrvoD6%2F8ZDYP81V69j2DPn3xDLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74fee4b35b65a883-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 24 Sep 2022 22:18:00 GMT
content-encoding
br
last-modified
Sat, 24 Sep 2022 07:00:31 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=9, origin; dur=882
x-cf-geodata
AU
content-type
application/javascript
content-length
9571
expires
Sat, 24 Sep 2022 23:18:00 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
b8495f96bf23b93cee2ad9dd1ebe81e84cac8fc9e8d247546ae2b5d64e6d0b40

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 24 Sep 2022 22:17:59 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:51 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-type
application/javascript
content-length
105414
expires
Sat, 24 Sep 2022 23:17:59 GMT
3110162e408686939654d9b32976a4db.jpg
static.bg3.co/imgs/202109/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/3110162e408686939654d9b32976a4db.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43deaf3f3eddab4ba599b5a9450b2bc10b190bc16001587aecca79571035044c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Sep 2021 01:33:53 GMT
server
cloudflare
etag
"3110162E408686939654D9B32976A4DB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mlkU1ETVU43NrqmseCH%2B4OOXUnPwS9EWmmMWr0OcPp47Td0g6yiSaXDBY8zgW4Wi5JQEXDz5XnPEkuDcAaSeg1XEtTCl6HK3Q8I5lC9gdW62DFMC9CuPShc8dsaDkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b57f89a89e-SYD
content-length
2863
expires
Sat, 01 Oct 2022 22:18:00 GMT
6501c8ddbc97aaeff74f0c3d78a0a4c4.jpg
static.bg3.co/imgs/202201/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/6501c8ddbc97aaeff74f0c3d78a0a4c4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
910f11d21f7ef307134e01b6c624e7b6393a368ab4a7df76d873f5914c89468f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Jan 2022 06:27:01 GMT
server
cloudflare
etag
"6501C8DDBC97AAEFF74F0C3D78A0A4C4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKU7IBFxBnyS9Y68XgHSpIQtbt7U3VcrkiFiLuKTJSXW17C3DfMz9R0ZvQhCTQ9174zEcA%2Bol4Nz6JR%2FDjMuLnl1MIq%2BrM8wHy4Pw%2BXf7LuYtkBJd%2BwJafMy3nqxVSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b57f8aa89e-SYD
content-length
3719
expires
Sat, 01 Oct 2022 22:18:00 GMT
c3d62ffc3f5e724685cedb76a389c6fc.jpg
static.bg3.co/imgs/202203/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/c3d62ffc3f5e724685cedb76a389c6fc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23dbe892d589a8ddbaf1547e2a62752e7bb7bb266a117baccbc0969d9e0f5c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Mar 2022 01:04:01 GMT
server
cloudflare
etag
"C3D62FFC3F5E724685CEDB76A389C6FC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8SnD6nYhjxSh0g9SSzl6a02EBhQtN8xOMoR921iAoNyRsx4508E%2FBd7RWC4EeXSMJtX1O59in7nExwZO9pJ%2FU3RernyNPwB6Ty96TMnxRPnVGOXTAKMP2Y3rHbWAOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b57f8ba89e-SYD
content-length
6539
expires
Sat, 01 Oct 2022 22:18:00 GMT
4e23bfcc0eba05b4e91e28dbd5675707.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/4e23bfcc0eba05b4e91e28dbd5675707.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4e3f87157b395670401df670b8db6c8062d14fe108d188c3fab355068c0a24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 19:28:54 GMT
server
cloudflare
etag
"4E23BFCC0EBA05B4E91E28DBD5675707"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGHevLgfHk5MoZXZtui03cZ4ERSc%2FmnOPY9C23BG3BMKQDQbivedRIy3FinN4Kp06PCTaBYSNC4qx2OHJJcguDOPQzcprFTPeVI9RB5JPrvVm4nPW8ZwLQfQ2MYK7UU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b56f82a89e-SYD
content-length
5326
expires
Sat, 01 Oct 2022 22:18:00 GMT
de2654b8e55462d11cb779ab4c2c74e0.jpg
static.bg3.co/imgs/202012/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202012/de2654b8e55462d11cb779ab4c2c74e0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ade79fcdd055c0e2a365df04bc137ed2a9226ab9e5249c9fe78ccd021a847f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Dec 2020 00:27:10 GMT
server
cloudflare
etag
"DE2654B8E55462D11CB779AB4C2C74E0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5if1vfhEEx4Ey4w4zIHb1GtDzDIrJlaWrgg2g5u%2BHpPvlDL%2FJn2gNwyeI1%2BzeMeOfsNEFyDpPLkx8JBOjFhkqCjE9nVlkxDoxdKCX2v%2FVAFNA6RQS%2F9NFRqRm5LiKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b57f84a89e-SYD
content-length
4727
expires
Sat, 01 Oct 2022 22:18:00 GMT
4631b135671fcca753e34c6cd1562af5.jpg
static.bg3.co/imgs/202106/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4631b135671fcca753e34c6cd1562af5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3029d96eaa4ad152f8ee64108f63968668343dfadd2e25367fbb202bc811d111

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Jun 2021 02:24:51 GMT
server
cloudflare
etag
"4631B135671FCCA753E34C6CD1562AF5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc90mOGVPlo2aW%2FIpBGuiIOTw40SzkDvlHKk0Tx3z8wdqbHlJa7QCPshg%2B3CXZZDUIO1HuNksfwO%2FMPn76ZbTfUCXqjNEDrlXku0g3dxqizZnvNNR8jdlIC8hqqE3cM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b57f85a89e-SYD
content-length
7383
expires
Sat, 01 Oct 2022 22:18:00 GMT
273f5fdf121529d8b4d5ae52611b6098.jpg
static.bg3.co/imgs/202205/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202205/273f5fdf121529d8b4d5ae52611b6098.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fc9a4c19d0e969c25bb4e693c016cd31d1f0d94280210e3ec88ef0acac75ef1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Sun, 22 May 2022 00:45:43 GMT
server
cloudflare
etag
"273F5FDF121529D8B4D5AE52611B6098"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k02v7uzPTQ4hYhMLY7BBkKHea9oQEy7LBVJOLf%2BYxJFl3ATBTiiEBkj0q46Me9wg12Pi0gzsGiryyW6JQy%2BACCc2A8%2FMr%2B7neRUDiEDqxcwjNZC4v198iTz%2B41loAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b57f86a89e-SYD
content-length
5215
expires
Sat, 01 Oct 2022 22:18:00 GMT
dbf49e27fbbb814a06fd8c7f4217dcfb.jpg
static.bg3.co/imgs/202012/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202012/dbf49e27fbbb814a06fd8c7f4217dcfb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7d2c516413c81f2ca5e7b1457ebc762ac5fb8889dd29f2cb0edcce88f309d6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Wed, 16 Dec 2020 15:24:15 GMT
server
cloudflare
etag
"DBF49E27FBBB814A06FD8C7F4217DCFB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBB23fvv6G4j0cwuns%2FZkHT421Mqn1OpaU3jynw2JRF4i%2Br13f2RnhS0IeFm4gS88Cm4mUkNtVw9rc7xUdHxmY64wmnqS6Q3RahnfFBhYXRSghVf3GSeRdYq7ycKcHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b57f88a89e-SYD
content-length
4663
expires
Sat, 01 Oct 2022 22:18:00 GMT
d077f9b97d40370305484b15ab82d4b5.jpg
static.bg3.co/imgs/202201/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/d077f9b97d40370305484b15ab82d4b5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3308cf5269867aeae391274f60dcac2a1f0cb25eb0f18a13c14d17805396585

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Jan 2022 00:58:17 GMT
server
cloudflare
etag
"D077F9B97D40370305484B15AB82D4B5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud%2FEWwF0YjK6uF26VK8hVcgtesHJChYF8mJUQ%2FU%2Fwzs%2BuC4dIWfFiSouP%2FzuPMipeiP0Y7oupb6yomCazVaTiegJhfAVstTXrRA%2Bm4ckHyv9l2IVQXyFoKSVjRhdXOE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b956a89e-SYD
content-length
4174
expires
Sat, 01 Oct 2022 22:18:00 GMT
84aa9a6fae5a0f6ff55d665364d1151b.jpg
static.bg3.co/imgs/202205/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202205/84aa9a6fae5a0f6ff55d665364d1151b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb96936c3c77ec3e1efc5c04222a68d3a69089ed23674af1815c5140492f185

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Mon, 23 May 2022 08:51:55 GMT
server
cloudflare
etag
"84AA9A6FAE5A0F6FF55D665364D1151B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RNiROVyHL0AAAdaD7MEXJRt4ZWde%2BPHjR5D51Hf7aoVRbKxQm2ASfJ6xSRuhOGY7oUI4d4DJEKqLmPT3PWJq5EPq78EfSq6DHO74OBSdEUGURRnu92eETp2QBH3XOg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b957a89e-SYD
content-length
9909
expires
Sat, 01 Oct 2022 22:18:00 GMT
fe5c60531543dc6a42ceb382f9d382e4.jpg
static.bg3.co/imgs/202203/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/fe5c60531543dc6a42ceb382f9d382e4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57895230447d0ccc825af5bbaa8f35646ae1765921119d2ef6ded706b9da352

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 00:51:52 GMT
server
cloudflare
etag
"FE5C60531543DC6A42CEB382F9D382E4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hInl6hnZ7jyh90LM5kpN4wzOUbBxoU7IyIQLnHUNNrWQieO2Y6BWp1XDQ%2FWm0fq6uiPRDYNxIGVeYON%2FD6zHVPod%2B7b%2BQYYq81EUmUA%2Bp03Tqi6VGNbsusp9uBp0m88%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b959a89e-SYD
content-length
5831
expires
Sat, 01 Oct 2022 22:18:00 GMT
600b8095ea65613b0682a798b61af95c.jpg
static.bg3.co/imgs/202209/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202209/600b8095ea65613b0682a798b61af95c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9800aa3fe3d7cbade404baf412b095dbc248c97cafd6193204b87f3ff85d7962

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Sep 2022 00:57:00 GMT
server
cloudflare
etag
"600B8095EA65613B0682A798B61AF95C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9r6O5m0ZrV9Jg6EhxhAiKhEbISkKT6TqFexgQj%2FF08yIJcWFRTzz2%2BJUQFUsQE%2Fj%2BJiBLTNwrwz%2B%2BmDynwosV61V%2FZ9z6O%2BT%2BJFyZXBLKEBwPfuHt8tVvHuOMPvVw%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b95aa89e-SYD
content-length
7492
expires
Sat, 01 Oct 2022 22:18:00 GMT
0b853b156556d4878ca1fb0485261ba0.jpg
static.bg3.co/imgs/202111/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/0b853b156556d4878ca1fb0485261ba0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e27aa09cea6ce52e34fcc18eefadc59ee7e3db0a7347edc6eb2ac487ce3ddd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Nov 2021 13:31:39 GMT
server
cloudflare
etag
"0B853B156556D4878CA1FB0485261BA0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4ktidRYp3kDJ6p5nxu%2B538A68CH1It8kGFVmYzeGnatz0RQlVrdBH%2Bb3GRIxeY%2FWcW3bM%2BagkOFZKBcrhKQNVZQSSkbf%2Fva0%2BK0wj5wKgyvAMVw6sKVh1nBtWbGqT0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b95ba89e-SYD
content-length
5210
expires
Sat, 01 Oct 2022 22:18:00 GMT
9cbbd2becdc1ffa18845c7112db8f684.jpg
static.bg3.co/imgs/202012/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202012/9cbbd2becdc1ffa18845c7112db8f684.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0514d1490ac592bdcfb894292cc77109da77330d8e207c1c62ac1ba0df5eab8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Dec 2020 06:38:13 GMT
server
cloudflare
etag
"9CBBD2BECDC1FFA18845C7112DB8F684"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbgQ9Vb4Y4lhfn8UpQgk%2BmziDIV1nttLe1JIa6IRfwwJTG2Tc8ogvWRTik%2FzvOTXbvripaCrx2MSNKqfL0okrnHbx5bZlHi5VfiK%2FwIgw8qxQ1s49G70qRsJxO8TurA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b95ca89e-SYD
content-length
5845
expires
Sat, 01 Oct 2022 22:18:00 GMT
cdd909924576ec7c9393a243bf947be7.jpg
static.bg3.co/imgs/202111/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/cdd909924576ec7c9393a243bf947be7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3184e99df2027844778dcb7825ac3902a5f1525453e4da6651f3dcf26f850487

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Nov 2021 09:01:54 GMT
server
cloudflare
etag
"CDD909924576EC7C9393A243BF947BE7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfBcZfqsRTDEOC1TwmV9SntvFwZJS2Lh0LaZQQofl16JoLZaK%2BPRzKSKzY12mQbJPHWuy7485Z0e5N7bS1YtGt7NdYuA%2F9nu9z%2FQYbq4oBHQXMbCZo4htgA7%2FsFIMt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b95da89e-SYD
content-length
21701
expires
Sat, 01 Oct 2022 22:18:00 GMT
30cadff50a5489bb596d390c3c3ffa03.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/30cadff50a5489bb596d390c3c3ffa03.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d84ce32aab094ded8a130b45f71d5a04514ba7e3b7c8b00e533c7edf1c1f62b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 02:27:50 GMT
server
cloudflare
etag
"30CADFF50A5489BB596D390C3C3FFA03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JRRMCdJmliAhsi6%2F%2FLBO8%2FW%2BwMNE73uHpSjxDphug436RFX3qIbieg9BWFPevFagKIEmWdskAVirpMI6TXog%2B2CqInT9sIMt0jFMUZAM6QRlNYAE5Rn6Q3aTv0%2Fb8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b95fa89e-SYD
content-length
5656
expires
Sat, 01 Oct 2022 22:18:00 GMT
f8619e7f339189772325d69b1634fc25.jpg
static.bg3.co/imgs/202203/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/f8619e7f339189772325d69b1634fc25.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25c9e3c616eedc0faf3413391008fe3bbfe27747b530ffbe7c5921aa869521b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Mar 2022 07:04:52 GMT
server
cloudflare
etag
"F8619E7F339189772325D69B1634FC25"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQk4TEIkiYDIWPObj5cQnKbHXphOC8BGYnZz8fBNcMOgPIhfeddDOV7x5Zoi%2Bsox4m%2BDZdUtSDKx0Pg%2Fhe8tgDMalEXKTMXYNXUVLU0DnKvPp%2F79ytlx%2FVV5jW5Rvh4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b960a89e-SYD
content-length
4288
expires
Sat, 01 Oct 2022 22:18:00 GMT
ce6eecf44c80afabeaccfbbd7b7e2a82.jpg
static.bg3.co/imgs/202012/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202012/ce6eecf44c80afabeaccfbbd7b7e2a82.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
490b21d4efeb2011c5fae34addfaed282b0dd353266c5c30945fd4acd4924783

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Dec 2020 00:54:49 GMT
server
cloudflare
etag
"CE6EECF44C80AFABEACCFBBD7B7E2A82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4arzujGkx0%2BU%2BzVtNYiOwrIK8W1w4YD49uDl8m3rWiLy%2FtoqFqBcs11u%2BlAy%2BeuDfyvkK5ahpdbzzadlUHvRM6lE13QSRkz9unRGqSgooPmJr7930Hp0ZCxHNoCWyUE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b961a89e-SYD
content-length
17003
expires
Sat, 01 Oct 2022 22:18:00 GMT
176500ae3cf7ca093f5efec6e43215ba.jpg
static.bg3.co/imgs/202106/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/176500ae3cf7ca093f5efec6e43215ba.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1d7e3eebf0c7c6374bd296d2da50b01498c7cc6744806cb4b6d0d679d33099

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 16:50:06 GMT
server
cloudflare
etag
"176500AE3CF7CA093F5EFEC6E43215BA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xwdYdariNeQj4rc9xMb6VsXYaG%2FRtwoIVYwcA%2BIvwr7bPAqKoMThgYhfQGJTxttzkPeBN0e%2ByaREHccD5pkfHO0Q%2FktBsrGUvm7YuiGealg3R7zWCPPYh9zdssfzus%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b962a89e-SYD
content-length
10932
expires
Sat, 01 Oct 2022 22:18:00 GMT
2692bc424b982019f4fb0fb3e92cfb95.jpg
static.bg3.co/imgs/202110/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/2692bc424b982019f4fb0fb3e92cfb95.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c256eecdf8b1b883dacc8f248e34f6fa81e24d795b98ac9aa17490fa5df3cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Oct 2021 09:06:31 GMT
server
cloudflare
etag
"2692BC424B982019F4FB0FB3E92CFB95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mM5%2BJJrDNNwBB3BasKtVCAM5GkZXIDzZnWZbASZHCnnHptnNT3xSElfzR6mVLci%2BpWeuVKUIeWgVNpaotIqIN6rOtvf6eln1wIvrwF3izszuPHey%2B%2Fg9bQxKqiQwAb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b963a89e-SYD
content-length
5943
expires
Sat, 01 Oct 2022 22:18:00 GMT
d08c9345d2720bbcd3eb578090084559.jpg
static.bg3.co/imgs/202112/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/d08c9345d2720bbcd3eb578090084559.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5881d819dab046f24c39319df13560a5f3698c32f49fa05bba7eb3dd1856e6c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 07:58:22 GMT
server
cloudflare
etag
"D08C9345D2720BBCD3EB578090084559"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aW%2F2saW9OFWxohqoHiMz1u0tQa71U7pLiVx5ELNTR57kb9iWrl2nH4XMjyj15KVk%2BV734ToQcx8ax4EtDQukTLXrY%2FAAfSVS%2FhFlTNlu8VNy0raQbEUq2DSrLfOiyoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b964a89e-SYD
content-length
19742
expires
Sat, 01 Oct 2022 22:18:00 GMT
d26ab91c236e20e6f17d01ceda57c11a.jpg
static.bg3.co/imgs/202204/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/d26ab91c236e20e6f17d01ceda57c11a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44a5ad66d957f70b82757f096d690f4879c464629ed02590dffe58cdf8460bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Apr 2022 13:33:21 GMT
server
cloudflare
etag
"D26AB91C236E20E6F17D01CEDA57C11A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flRxlQOJg4x1572kzEtPhkc1R2rFyLVV0RBq0kQ456W6ZCv4sm%2BsL9gTZdslasyOBJH3tM4rgEaulH7Xi0HhoIGmoZHR670NhLeVRVTDkWLSnpwaiRJLDnVID37GHWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b965a89e-SYD
content-length
5039
expires
Sat, 01 Oct 2022 22:18:00 GMT
e495564eff01bab5698b63c8c4a44736.jpg
static.bg3.co/imgs/202111/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/e495564eff01bab5698b63c8c4a44736.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72463f87634517b05024dd9154ab1484bdb0e1043571dc9621e537cef771346a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Mon, 15 Nov 2021 07:22:11 GMT
server
cloudflare
etag
"E495564EFF01BAB5698B63C8C4A44736"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fc%2FNnUEKhINbJml90ZOaoev5ZzZg0byHv1L3YqkUtjrRnSVdgwhmduNIibWR6EppzzLaOrGV7BVYxhXvZtFTtayvexhr5tW9nEVdYKGEtLwaGWuukToUM7K59DHHK9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b966a89e-SYD
content-length
3714
expires
Sat, 01 Oct 2022 22:18:00 GMT
4567ed887608aaba8eaba487dde699b4.jpg
static.bg3.co/imgs/202106/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4567ed887608aaba8eaba487dde699b4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8d9f6f7eb67ed9a28db7ec6741b814074cadfd2e8f89970ff2be1d39ec8818

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 00:59:04 GMT
server
cloudflare
etag
"4567ED887608AABA8EABA487DDE699B4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LV5d2lgmel9lLy41UI0Uk8%2B%2FS%2Fcmbt86nhqGAm%2BGn3pn4BTrXkOujTtxldHZl4S%2BFFt5lqcp6yIvMCU4f0wUJL8FkKSYR316v%2BasQ9dz4EemTCI0uqiaDoW3kAfyRk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b967a89e-SYD
content-length
2897
expires
Sat, 01 Oct 2022 22:18:00 GMT
2028859b10307c2bb008a5cbe31ee344.jpg
static.bg3.co/imgs/202203/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/2028859b10307c2bb008a5cbe31ee344.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7c29b19add6fa30dc1eb39de49cf25f8fcce5a9cbfad595e2dadc06fd9cc25

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Mar 2022 01:42:22 GMT
server
cloudflare
etag
"2028859B10307C2BB008A5CBE31EE344"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsvwQp5dkqcmo6YQ0WtLYQ6LVZoEnhAREOWAV2%2BONRDJVW7%2BWi1QwdfLgRX3a6glP%2BQZgflyjiwh1roj67qZ91S3hyZtKzpu%2FB6lYG8QwnnuG0jBCKCUlOhkwglQ%2FdA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74fee4b7b968a89e-SYD
content-length
7775
expires
Sat, 01 Oct 2022 22:18:00 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
362757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2994
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:32:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef33de73eae082fa"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:32:03 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23079
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 23:58:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a56a470e0e255659"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 23:58:13 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
cff80c4f1b69a054563ac49abcdb7e292d5cda2e3ea20ce5736e48001ba3b2ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
522
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
362762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b1ec7df2eb3636e4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:31:58 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1664057880.dop124.sj3.t,1664057880.cds211.sj3.hn,1664057880.cds046.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:17:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3251
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKP5tGiKnYd1GEkruxk9LHvTj6z%2B3uytJBQPKBTf1%2FaY4Qz7c6GZ82Rj80Sn0spStcHlH1enxuVNoKt6Ja3WB5UeM6F0n8LDQjSrRzmptIrWj%2BhgpW2ZjIAA4l020%2BiYcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
74fee4b45c0ba883-SYD
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
cb2a0e216e04a4ae684fbfc080a0134fa914aefcb0522b9fa424ef69fb5b07cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:00 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
cb2a0e216e04a4ae684fbfc080a0134fa914aefcb0522b9fa424ef69fb5b07cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:00 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2517140342125088&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:00 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.4241009385999204&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:00 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1664057880.dop124.sj3.t,1664057880.cds211.sj3.hn,1664057880.cds210.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
414559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10238
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 03:08:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d9aacf1c86bf072e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 03:08:41 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
362464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57918
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:36:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7c6c55ae06162656"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:36:56 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 16E0 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
35c011fd8348a0278ba3b047d3f96ccdda86a00297f5718aea87ad806d9c885f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40619
x-xss-protection
0
server
cafe
etag
10524203869748737549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 22:18:01 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7A20 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
da4837635fe26d32d3e8f0a645c78ce8c09e490b9a7152b321f3eefc924e5cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40734
x-xss-protection
0
server
cafe
etag
6829016374665529994
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 22:18:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame E5F7 		714 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
2290
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74fee4b95f3ca941-SYD
content-encoding
br
content-type
text/html
date
Sat, 24 Sep 2022 22:18:00 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z67E2YUTUVtj6iFCpsLpDgK40MsrcOMdgl34qvCcClWGH27bp47bbCXN%2B7DF6rFIrzUYcIk0OkVICDjAeeLx2EyCzK%2BQWizPTbJTTdzJDRExrVO9djVed7a3iHkeUwt0bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:00 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 2ED0 		714 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
2290
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74fee4b97f62a941-SYD
content-encoding
br
content-type
text/html
date
Sat, 24 Sep 2022 22:18:00 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFzQ2zxgQlBItRym1pP5jHNCOiVJ94SFHmDTX9OGov%2BDzPL%2BO0MkUQUvGXK2b9t426EeEkKyQxBJL9m1OakDndpkVfyqom%2FV6YAxPJVr3UvthEYfDd4ceRZuXQxgibwV4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E5F7 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
sffe /
Resource Hash
18502022d95968d70e278e02a2bb3f63deefdd1eff3d6fcc2fc255e5a48ceb15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27831
x-xss-protection
0
server
sffe
etag
"1344 / 597 of 1000 / last-modified: 1663970834"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Sep 2022 22:18:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2ED0 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
sffe /
Resource Hash
11ef5a7f3c08bdfa755a8819f31d4502c838f0ca5381014ca5c2735051bb2b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27835
x-xss-protection
0
server
sffe
etag
"1344 / 883 of 1000 / last-modified: 1663970834"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Sep 2022 22:18:01 GMT
gtag.json
cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
362736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:32:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc10be84565b445b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:32:24 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-type
application/javascript
content-length
94168
expires
Sun, 24 Sep 2023 22:18:01 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
application/javascript
content-length
317
expires
Sun, 24 Sep 2023 22:18:01 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-type
application/javascript
content-length
17440
expires
Sat, 24 Sep 2022 23:18:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
sffe /
Resource Hash
7b9ef9db5284651ca64901bb7369cce5ffd2c65d404cc2abf82f7bb90a473dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27829
x-xss-protection
0
server
sffe
etag
"1344 / 116 of 1000 / last-modified: 1663970755"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Sep 2022 22:18:01 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:01 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-26736635652493433395.ampproject.net/2209072154000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-26736635652493433395.ampproject.net/2209072154000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQwNTc4ODA4OTAsInBhY2tldElkIjoiMDAwMEE3MDEtMGEwNTM5OTctNWZkYS00NTkxLWExZWEtMjVlMmI2OTc0NTE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZS1qaWFuZy1oYW5nLXpob3UteGlhby1zaGFuLWd1by1qaS1qaS1jaGFuZy1zYW4tcWkteGlhbmctbXUtemhlbmctc2hpLXRvdS15dW4uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:01 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQwNTc4ODA4OTAsInBhY2tldElkIjoiMDAwMEE3MDEtMGEwNTM5OTctNWZkYS00NTkxLWExZWEtMjVlMmI2OTc0NTE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZS1qaWFuZy1oYW5nLXpob3UteGlhby1zaGFuLWd1by1qaS1qaS1jaGFuZy1zYW4tcWkteGlhbmctbXUtemhlbmctc2hpLXRvdS15dW4uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:01 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQwNTc4ODA4OTAsInBhY2tldElkIjoiMDAwMEE3MDEtMGEwNTM5OTctNWZkYS00NTkxLWExZWEtMjVlMmI2OTc0NTE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZS1qaWFuZy1oYW5nLXpob3UteGlhby1zaGFuLWd1by1qaS1qaS1jaGFuZy1zYW4tcWkteGlhbmctbXUtemhlbmctc2hpLXRvdS15dW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:01 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQwNTc4ODA4OTQsInBhY2tldElkIjoiMDAwMEE3MDEtMGEwNTM5OTctNWZkYS00NTkxLWExZWEtMjVlMmI2OTc0NTE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZS1qaWFuZy1oYW5nLXpob3UteGlhby1zaGFuLWd1by1qaS1qaS1jaGFuZy1zYW4tcWkteGlhbmctbXUtemhlbmctc2hpLXRvdS15dW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:01 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQwNTc4ODA4OTYsInBhY2tldElkIjoiMDAwMEE3MDEtMGEwNTM5OTctNWZkYS00NTkxLWExZWEtMjVlMmI2OTc0NTE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3poZS1qaWFuZy1oYW5nLXpob3UteGlhby1zaGFuLWd1by1qaS1qaS1jaGFuZy1zYW4tcWkteGlhbmctbXUtemhlbmctc2hpLXRvdS15dW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:01 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1664057880925
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 24 Sep 2022 22:18:01 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Sat, 24 Sep 2022 23:18:01 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/ Frame 7A20 		347 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069831
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
08379c3364d6ea4f8be74f25d7b05d807aca4a9c7984f1fe0d1d5cf45b2c72b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125283
x-xss-protection
0
server
cafe
etag
5484151696977346988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 22:18:01 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ Frame 16E0 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
95bd103bd7fdf3a6e6558a95d46598c3ba47bfe2dd83c67cf7bd767b8d130d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125800
x-xss-protection
0
server
cafe
etag
13041286476137236605
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 22:18:01 GMT
pubads_impl_2022092101.js
securepubads.g.doubleclick.net/gpt/ Frame E5F7 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
sffe /
Resource Hash
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 11:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131360
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 08:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 11:06:20 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%B5%99%E6%B1%9F%E6%9D%AD%E5%B7%9E%E8%95%AD%E5%B1%B1%E5%9C%8B%E9%9A%9B%E6%A9%9F%E5%A0%B4%E4%B8%89%E6%9C%9F%E9%A0%85%E7%9B%AE%E6%AD%A3%E5%BC%8F%E6%8A%95%E9%81%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-U2auWBjfNcY_-QlB3YrIGA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.9973846955390866&gjid=0.2229588921563177&_r=1&a=9665&z=0.8983524012096524&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022092201.js
securepubads.g.doubleclick.net/gpt/ Frame 2ED0 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
sffe /
Resource Hash
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131358
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 08:36:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Sep 2023 10:54:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B9B3 		603 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-32217727282414270839&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3345&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=23009665&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&ga_hid=9665&dt=1664057880998&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&bdt=2492&dtd=460&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:02 GMT
expires
Sat, 24 Sep 2022 22:18:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 11:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
386273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 11:00:08 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 24 Sep 2022 22:18:02 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220924
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26214
x-jsd-version
1.0.1472
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA, cache-yyz4556-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-5kcFU4ELpJ/3TUqY2DoFFkrnMcY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykkgan2eWOdN%2B4j%2FTth8d8KI79sWSS0iSB5rn7sZ1aTjx0QR4EFrUTe0v6B1MhjqQUCbwOJgP%2BT6%2BLLHsr5PgAG0VAsz3aUhAkHgNpNSbVkXZXTjB2WpVoAJ7BxAhtv%2FlpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74fee4c2fac8a811-SYD
c
prebid.a-mo.net/a/ 		486 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3b025343c1ee76873504aaad4a8da8fca8dc2c15b9be1156949cdb625113f6a6

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
145
content-length
261
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=3043203541
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Sep 2022 22:18:01 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
adreq
ads.servenobid.com/ 		704 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3336
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
48a7d4e90449311d990c5d7ad6669211dd384f7d1884494702413e07efd494d8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
41583f28d093e855af469de0f42fd9f94bf3ed93baa9eb90192aed14074071e7

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
124
alt-svc
clear
via
1.1 google
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
f9bdc98f4c1189097b17d2c80dafac47333048eccdb0443cb6f19aac8c7dd85d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
883edd7d9f5be975b37299b38b18af6c6f91e70ada835ff16a1d3c0fa7a981f0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7a5b7b799c12828a1fa27c02ec89565b5a1edf79ea5e0176693d907b6e28f8ac

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=2d8baa46-e32f-4695-8cdd-0771568f622d%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=d41923e8-aa79-4f6a-9b19-d01cd0e5d194%3B76e8cafe-a36e-45e4-9aba-5c718ff58d71%3Bfaeb1615-b82a-4d76-9b97-bb1a9662568d&l_pb_bid_id=18361bb31e667b8%3B193edadd0b76f15%3B2012cd2a3418809&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.3166978487016827
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f13d0ba70d5f3dfa2deaa8fe6f2e616ac6b4d647f1b8faa216d48ab54f9d3210

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.144.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-144-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
115
vary
Accept-Encoding
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a01a98358705a79c8ff37aac302c533d0d53f971fece8aa145dfa2495499df99

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Sep 2022 22:18:02 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		32 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
61afe043f7462b97e6328b41b170d5f44b48e0bc81627e845d400767d776e20f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Sep 2022 22:18:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fd65584e-56a2-4fa9-a69b-c9a266c16f24
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.29.91 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-29-91.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:02 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225165aa991e33681%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2258591e10b28507e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2261a2147b29730d3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22626e1b67ec38c46%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222d8baa46-e32f-4695-8cdd-0771568f622d%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04993c17ff4057d75d7aba1bf1733814aca0c42636a7c0d5f79f726083adb585

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Pt2BTlWwuwTMoWuVIJAU4jHFMSZpzgRsiTnMBJBRpwAYFZZj79wOOZLBzzFbpOqq6wuyijcThrSkZjz6w6MmKl%2Bw0Jyj200BOPTCxcH3jbNTtyeMfkAP%2BvhNRguPwbDChi9PR0m"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74fee4c34bc2a882-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225165aa991e33681%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2261a2147b29730d3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22626e1b67ec38c46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222d8baa46-e32f-4695-8cdd-0771568f622d%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04993c17ff4057d75d7aba1bf1733814aca0c42636a7c0d5f79f726083adb585

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNdbK6pcI9LunUGVuw44c2Lx9bx69%2BoklOzL4i72qGaLEZjFKueNys%2BLFG4YON%2B1inh0TeJWupE1jo6Xj33wQr2eTcAC%2BZtdXbwTKzFeS45BTUEOGdM6vGjWXaO4bKRu7turM2Uu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74fee4c34bc4a882-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.109.46 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-109-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 24 Sep 2022 22:18:03 GMT
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0ef8fb44-547e-423f-bf67-9aa926ec38ae%2C9e843f63-9bb0-4361-abed-e5b3c511d16c%2Cc1d82047-a45d-4157-8665-f909ea506e9d&nocache=1664057881871&pubcid=2d8baa46-e32f-4695-8cdd-0771568f622d&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f604fa2268c5d9306027cedf7e0bf0cddd807d9f62e9a79274c7ffef03e6d773

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dbf8f0d9-7631-49c5-a111-cdcad353ccbb&nocache=1664057881871&pubcid=2d8baa46-e32f-4695-8cdd-0771568f622d&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:02 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=505a1faf-c9c6-48aa-9de5-e6ff4c6a2aba&nocache=1664057881871&pubcid=2d8baa46-e32f-4695-8cdd-0771568f622d&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:02 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=671199ec-61c7-4693-8c70-75201647f17c&nocache=1664057881872&pubcid=2d8baa46-e32f-4695-8cdd-0771568f622d&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:02 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 7A20 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e86ddbbfd70c408f7abb52abba9cb9d7cc86a88b975d8cdb5d04eea3287950d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 7A20 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7A20 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame D7B7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1782
content-length
673
content-type
text/html
date
Sat, 24 Sep 2022 21:52:26 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 37bf70171215d870fd5bb56cab5030c4.cloudfront.net (CloudFront)
x-amz-cf-id
iFS_M0Py2n0NsdTiGGRtDDkmHJssot_QHUrt-wV-VOFrg1UL6k6PvA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:02 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 01 Oct 2022 22:18:02 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 16E0 		379 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
55cac748efeeda12732991fa76a2b46df940059817ab34ddcd6918002f986ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 16E0 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 16E0 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AEE7 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d2fec1902f7516cbce19dc7e100962df3be7df8f1ea63312d1eeffecde9f21d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9959
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:02 GMT
expires
Sat, 24 Sep 2022 22:18:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame E5F7 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E5F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E5F7 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3805720087221014&correlator=987530854743453&eid=31069793%2C31061166&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664057882211&lmt=1644386353&dlt=1664057880593&idt=1596&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=i9v425qghsgp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=840947740.1664057882&ga_sid=1664057882&ga_hid=1322207673&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
261d63f4f0af14f42323f23c908e5d188a824c0f20f682329f1c5ed97b740141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1e05286dc60c925b98acf33de1816ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C9FF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e05286dc60c925b98acf33de1816ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:02 GMT
expires
Sun, 24 Sep 2023 22:18:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame AEE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBi0jGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoEqgJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WgkxkM870nVucCL17u09sXITrIxVcFV3R7FDN6tj1yMyuwphr1FSgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=KBG0lctMo6A&uach_m=[UACH]&cid=CAQSGwCsnQUxV9aCKKh6QW2AikM9IkgQzNMdeeEy-hgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 24 Sep 2022 22:18:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Sep 2022 22:18:02 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame AEE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-fpCJzIC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQGYIvYyf3MwDbAJF3kszoABIAAA&wp=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
server
Kestrel
server-processing-duration-in-ticks
138329
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame 9C4E 		185 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
591ae5ff07e3d01d41627b296ea5c64d76dc93cb212cb80921bea5a322295aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:02 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=IxtB2kKZyxG_Xkpz_zQJOUuNLIMrF7dSAbNJAHQvkEbVSwqDLhpRV5rDXvmZBL65pYIdnCyMgFsR9ejS5_OsVCkZr3WOoSago8NMb93v9AGtNPy-SaZrztASyt1TAPP32Yi5BxcBAHifp9Kqq40q-JHvCT8BI1PqzmFqCnMMGjKw3na5Bh8UnrLmG2MFBbyCv3kqbNuXOR2ptpZoGIcLed4D0024Oc20AHXW3QFN0LSMAjaN_8B7qgliTj53z_TcHlHBNA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
78565341
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame AEE7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:08:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame AEE7 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 20:36:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AEE7 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:02 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-127.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:59:02 GMT
via
1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
age
1142
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
tnkqVHyaPCwnvjPCkE70is3QxK0U-h2iWHANNnX3ELDcccnFedbNcw==
integrator.js
adservice.google.com.au/adsid/ Frame 2ED0 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2ED0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2ED0 		492 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=353028665979832&correlator=3914532185512201&eid=31069829%2C44761477&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664057882689&lmt=1644386353&dlt=1664057880613&idt=2053&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=tb8x8aavqpwi&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1443278964.1664057883&ga_sid=1664057883&ga_hid=2033699309&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
9e372afd4baa34eb853174c2c49591e142061ae38c7cac6ec79f6d3f7e1517af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e778d620ea5432f0c4488e8fa9e4bab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 10E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e778d620ea5432f0c4488e8fa9e4bab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:02 GMT
expires
Sun, 24 Sep 2023 22:18:02 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame E5F7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
f8520433764cb1b56dfb4bd4199055e86506a4228e1a1eddcd4c4e0f2b99291e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11119
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI2MDc4MjBfMTY2NDA1Nzg4MjkxNiIsInVzZXJJZCI6IjE2MjIyNF8xNjY0MDU3ODgyOTE3Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMjE1Mzg4XzE2NjQwNTc4ODI5MTciLCJwYWdlUGF0aCI6IiUyRmElMkZ6aGUtamlhbmctaGFuZy16aG91LXhpYW8tc2hhbi1ndW8tamktamktY2hhbmctc2FuLXFpLXhpYW5nLW11LXpoZW5nLXNoaS10b3UteXVuLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGemhlLWppYW5nLWhhbmctemhvdS14aWFvLXNoYW4tZ3VvLWppLWppLWNoYW5nLXNhbi1xaS14aWFuZy1tdS16aGVuZy1zaGktdG91LXl1bi5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2NDA1Nzg4MjkxN30=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvemhlLWppYW5nLWhhbmctemhvdS14aWFvLXNoYW4tZ3VvLWppLWppLWNoYW5nLXNhbi1xaS14aWFuZy1tdS16aGVuZy1zaGktdG91LXl1bi5odG1s.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvemhlLWppYW5nLWhhbmctemhvdS14aWFvLXNoYW4tZ3VvLWppLWppLWNoYW5nLXNhbi1xaS14aWFuZy1tdS16aGVuZy1zaGktdG91LXl1bi5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 24 Sep 2022 22:18:03 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=879
content-type
text/html
content-length
555
expires
Sat, 24 Sep 2022 23:18:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D7B7 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
b90e2a5e26de4d61f8fcf641d229971a713b986a18323f6e93cf93bd35d926de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40519
x-xss-protection
0
server
cafe
etag
12397030322499525527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 22:18:03 GMT
truncated
/ Frame AEE7 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4b85a32853bc5e25905dbc29f82f79a6c6ac8f2f8c24a9a08a9940b7178d6de

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
pxl.qccerttest.com/ 		35 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=4252084;fpan=1;fpa=P0-1001619683-1664057883151;pbc=2d8baa46-e32f-4695-8cdd-0771568f622d;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1664057883151;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-86.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:57:14 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
3-QD70pOI5lJAC20rvCXWuU8Dzid0AexjLMKiTi2vazYW8XWhJ2mZw==
pixel;r=1528563649;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc3...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1528563649;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1001619683-1664057883151;pbc=2d8baa46-e32f-4695-8cdd-0771568f622d;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1664057883154;tzo=0;ogl=;ses=1947e692-8895-41c2-a99c-da41fa72c4d5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9C4E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:18:03 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9C4E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:18:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9C4E 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 19 Sep 2023 22:18:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9C4E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 19 Sep 2023 22:18:03 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9C4E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=DfZeGfewFB_ktUPWhcn7XHJ9yLwf3NWxCaSyq7gCJXDJ8UdKOtjc37-S1pWCzu9Yq998PnD1D7DSOLZ4uZ6Gq9nsIPmRi1WobwT7p-U5WRxbWYNuixwG5cWE9-E8-0p1K38berG3rsYQeDa-AthchkTSvsizH9fITV0a0UocmHkyQ03qxNhtBaUVhZ9yrKVZiPJhOWMyXXO4T0vzxy00vvYrbMqv4Jtg0T6DCdCxY-VWMRarF-9JQ0RhuwyGdSd1gCTdOj-FOigsUCp8mCAOFfcuZ8UIcfvGkmZvnhv9Lp8XUNOlcPF8aRnhZO9eHqvXXCFt6nGGWbABIX9ecP_yKQOjGaVGb5a3PQrGDYU8aXvCThGcxz9CON0bsKYnINTJp4ajSBvWbonONykCabwQbBQtapxVKHmTAfQX7509jlpnMY7l7Pq2pyosGOuexx58iznZ0w
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:03 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2772112
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2ED0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
937ff754f0746352fa0f59774b69e653c98196c02995cc00ee916056f09784ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11102
x-xss-protection
0
6321736cfcde4d4dac7f881c583a1a7c_gibson-regular_1.woff
static.criteo.net/design/dt/ Frame 9C4E 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/6321736cfcde4d4dac7f881c583a1a7c_gibson-regular_1.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
47049ed2e8ae9a68deca5cb9452287ff5272edba1d7b7380f30f1047ed58599c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
last-modified
Thu, 12 May 2022 06:53:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"627caf02-577c"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:18:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ Frame D7B7 		347 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js?bust=31069819
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a9439055c4be9973ac171103ce4e63357e0fcfb62169eacb2f57750cc64c5f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125490
x-xss-protection
0
server
cafe
etag
17640915881777425215
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 22:18:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E5F7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:05 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9C4E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
864663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9fNJtzTaeEGozSo0jbNk7thwmN2nwARNsq%2BuHEhlbM0LiZ2XZ1oMn6YWR3fzD3AXx5dFvWuChCACsuyBdbBZqsoKvxm5MFkAJdp65QN78wPTqmK3ObH6QLe97wLuGCo0y9ZkoC4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74fee4cc8f66a96e-SYD
expires
Thu, 14 Sep 2023 22:18:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2ED0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:05 GMT
animejs.js
static.criteo.net/animejs/ Frame 9C4E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:18:03 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=3336&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3336%2F161115%2Ff0131178b44e48df939196f910cb694a_logo_all_horizontal.png&v=3&w=668&s=ZJ_Vq44slMjIc1sQ0EHBsNFw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
78cc90ad6edbab01ff82512f4a689c035dd3310e281f38e3dcecf50e1dd6f7b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28867079
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8678
expires
Fri, 25 Aug 2023 00:56:03 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ15293TANLE_4.jpg&v=3&w=400&s=5hYmyHFZh5gJgo6FpN9z-zaW&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d138c334c5c1946941109374bb34e6b841930ba3c43523cc7ed46afc19317016
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=295550
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5230
expires
Wed, 28 Sep 2022 08:23:54 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FS%2FU%2FSU12059R98LE_4.jpg&v=3&w=400&s=gPoiWn5unV7lCXW1b3DwohzC&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
61b1b324266b4035c6a2f83f9e99bdbb5d3126756a1789cb5362ea7e5cbc5c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=128137
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6144
expires
Mon, 26 Sep 2022 09:53:41 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ16656DBYFT_4.jpg&v=3&w=400&s=df3hNE3JVCMTJFzotvFLup5Z&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
095361d3ea56d8aab97f4854b45c075874b91d80eb8aad1d49fe32d308cb0416
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=306640
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3402
expires
Wed, 28 Sep 2022 11:28:44 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FZ%2FR%2FZR10132GACLE_4.jpg&v=3&w=400&s=RLnB85l-la5bpninBI0pbNfp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0204e46bc07b43b273527df58d0abda3dffc04f627a26568e03bc743bf96a86e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5554
expires
Sat, 24 Sep 2022 22:18:04 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FT%2FO%2FTO12259GACHG_4.jpg&v=3&w=400&s=rtfBzoi5qS4LzLc2VIkxBdhc&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
218b429993fde8f24de8c267969ef375efd81d26421ecd719360f632d5a887f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=197821
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14706
expires
Tue, 27 Sep 2022 05:15:05 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FI%2FL%2FIL11796T07SM_4.jpg&v=3&w=400&s=Vf6uHrFGqBsmvYfi4J_D0udC&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
55b2a3356bc97f3ce7e2f7aa1b3ae03a608c1a2ca21ce9dabfffba11c7200665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=269559
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6408
expires
Wed, 28 Sep 2022 01:10:44 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ16371TJUJZ_4.jpg&v=3&w=400&s=2C5fp9nne95Lw4nMu9OYGHXV&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
89f222ad7c5854616216688870456445264b0fa3baf0422ada6e3768a91e72a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=123849
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3820
expires
Mon, 26 Sep 2022 08:42:13 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FD%2FJ%2FDJ17355BLAFD_4.jpg&v=3&w=400&s=yiDlu3TJf_aIlVgeIhojO7Fv&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
168d0280d34425ecf7257f03bf084e2976eb698f80d1531cb12df80a2fcbd801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=274354
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5266
expires
Wed, 28 Sep 2022 02:30:38 GMT
img
pix.as.criteo.net/img/ Frame 9C4E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3336&q=80&r=0&u=https%3A%2F%2Fwww.styletread.com.au%2Fmedia%2Fcatalog%2Fproduct%2FZ%2FR%2FZR10417PODLE_4____.jpg&v=3&w=400&s=ecZAr4LVIrbuGDhII_yelMUy&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
2f034c79d9f2b3d6988613c7a3d95ca03b7b14a9efe4e131fd470bb5c02fa506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=125256
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4758
expires
Mon, 26 Sep 2022 09:05:40 GMT
all
csm.as.criteo.net/ Frame 9C4E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=IxtB2kKZyxG_Xkpz_zQJOUuNLIMrF7dSAbNJAHQvkEbVSwqDLhpRV5rDXvmZBL65pYIdnCyMgFsR9ejS5_OsVCkZr3WOoSago8NMb93v9AGtNPy-SaZrztASyt1TAPP32Yi5BxcBAHifp9Kqq40q-JHvCT8BI1PqzmFqCnMMGjKw3na5Bh8UnrLmG2MFBbyCv3kqbNuXOR2ptpZoGIcLed4D0024Oc20AHXW3QFN0LSMAjaN_8B7qgliTj53z_TcHlHBNA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Sep 2022 22:18:04 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9C4E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:18:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9C4E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Sep 2023 22:18:03 GMT
integrator.js
adservice.google.com.au/adsid/ Frame D7B7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js?bust=31069819
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D7B7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js?bust=31069819
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B603 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js?bust=31069819
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
51d4399364031aebd31c98ccbc3731183e2f9d214176a1fd8518486b556aea88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9342
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=380749364161836&correlator=579210636066336&eid=31069635&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D741fe51b06bd03f%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D75303d8acfb8d74%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D1f8db0321a0a3203-2219deacafd60016%3AT%3D1664057882%3ART%3D1664057882%3AS%3DALNI_MabqVwny_WvRti6DsiwopMU7jgbLw&gpic=UID%3D000009dc5d47fed3%3AT%3D1664057882%3ART%3D1664057882%3AS%3DALNI_MbR8Wc6AAqFlRkj5tg0jMkOCLF_gQ&arp=1&abxe=1&dt=1664057883782&lmt=1664057883&dlt=1664057878506&idt=4204&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=216763939.1664057884&ga_sid=1664057884&ga_hid=9665&ga_fc=false&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
58a9541412dfd714da895852ff3c16a0ab006f07e4f1c02525c216aec661d07e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19030
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E14B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:03 GMT
expires
Sun, 24 Sep 2023 22:18:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fb780746eb7e2fc6976d96a59e65ad84b141827b00bcce980f9db5a8aed04006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74805
x-xss-protection
0
expires
Sat, 24 Sep 2022 22:18:04 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS96aGUtamlhbmctaGFuZy16aG91LXhpYW8tc2hhbi1ndW8tamktamktY2hhbmctc2FuLXFpLXhpYW5nLW11LXpoZW5nLXNoaS10b3UteXVuLmh0bWwiLCJ0aW1lIjoxNjY0MDU3ODg0MDA4fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
server
nginx/1.14.0 (Ubuntu)
gen_204
pagead2.googlesyndication.com/pagead/ Frame B603 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0Wf3Be7umKe5eyJ7HpKavsB9gW-izTLejJb-bUtbfTSju5I7KThGY0z2QLIuBVvwGBMw9MAZzgMklbj3eTPXXiIqllM5tZ6vbWAyJkKax9M47jsY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B603 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:08:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B603 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:37:22 GMT
l
www.google.com/ads/measurement/ Frame B603 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBepppiIE0I1kkd-4wSmkkHiDX75XCjNrDAejs17_Am0mlJIWxd4Rm0Mksi5-x8uAzTvFWdy4m-VSpePOqQ3LpXItyqQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B603 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9936 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWmp3vszh83tEnj3gA6RDU_yav9Pzi4d65qv4sgw8DoeUh4uD-A4lYc_KrTIB9s41q9FGv0HgjOC5cYkjQSqyXUqApq6A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B603 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-ebat-BWxx0qKO5uG_3qM0_F-duLOFaK0RwTFYMitvRHLu0-U9WARyxob1haZr3J_LMFZmr1KhUCxi-SvRLZGXP03B3GPhrTSbtUFLUqDNGsy5A9LNZ_AUmY1hQ8f_k-N25ODivbUGX1ZbZmarvEZyYRHmg&dbm_d=AKAmf-A4qAFKWtH0X7icsRTzGtVAL-1AV9S5vQzT54hoe7DvCWz1MmOT1iF6GRArM4x3amOTvmyr0H5ugUyQbWj8oBXno-7gaJIAFRu1jJY6nKgYqHDhyOYYRS62n_Pa5JEGyNW9nX_EwhI4ZRJRjdJ4AOIEOthpwuLF8BJhWWmb2YMxx4JxMPRtVDUXhCLahxr9gYi3W04Yp6ziEaGpeT68tVRdpWa1zDiUHl967WbIJ_DceGdxZwmgg-HwbLpbizKcamaxDsnLUYFOHLmJcENmo-rML0xH_f9U59asVAqcHQQBoxyA2ImHsEgPLL3g8w5Q0P50W1uXaB8XAreXuGwm_lVhledX2MET1oTVWRmd62nl2IyQIjAM0dqw-SL8Yk_X-H2-9AYPhvfG35I5CY4E_bS5pd_kX4o98yoTtMLQBWE3IkzRlllWH1MXzgNArm57wbzM5_MAxJVjasTub2KsF6QKVmg9QTUi4HAfVToYoShmoopAL00GTh3CKr1U0m_py2Yf16az22lcmbxJOb5Z7sSuVxCVU3-z04ERGMaJJwqwZ09tBXVjYkwHYmi08X3OoSXqtC-rb6-9lqx64IW0M-U3BpLPPdFS-BZlLj1uq6W3o38vy7Rx6JT3bheD6GvZ1OUgbu_qp15OnOu9JydawcUqjuwNWftA2w1Ir4CaEuH1JSoEjeVXPyxG7A7NwE9vuW3lW4AbdPQuswfpoj0CR909I7OkdJDZ1bvCZDhzKy9Fk_4JBE2uCxmEXA31vjktCf1akocWibMAAekPGxBg3lBBizZKh_E9KsURpsy7JjlO8IL1yjY35uEkjKLSgrWDMRLZ7StvOlPsdmxqAMaB47CIKiDnPNnYdAoYsFZ79OKq9dZvVgZ881j8kB-gGnUzoeBuF1yjfUByaQ3IdASqhA84L6R6HkgT9eCKqlfCdiq-QF8BJm-MmXaK4Zo7j6zzsr1_aQfnw0Z_tEnqMKN_O7SlNE6Ze1mp4UMJsrswdEzr27-d23zYqCYVANhSqM3Jpaak6cSrMjTxOnaYNWVo2HUpJo4xu1gm1iMDjVkURGcH0mFWUekqcK39lhZAFDets1PUIRX6VpN3CqqgX9sHOcPGag6d4-jlTIncEzCtuHF4e8VXua9W-lUeG0JgPHTUheMY94i9Ltb5Yd8kL7CKAwcvJAw6_5FjsHDYhP58HyzK9l_r5cC2R71kPEISe6YadskqYRhgUMcqreFDl686_7Vlnl-iVn0Eb27nx-VuLIgnRIBicSQxxdfGXYN5miegTogaBfRBcjbB2EqUDPGB8x-HiiSoCz9jsMTNkV4Io6iKRqA3hWX1G29AN7H9iUtVnD2dhNT7BvG4F-ChuBSfpgdNv4KLDtRoCEdhnMvvAOQrJx4LLKmaFkDsXJ5NrjEByrX59jLpIQUPAoHDGIoOizXbxQvlRSK8FF5TsgDpVm-LT0w44_kwVcbmFVY4KPtVhb8H_chN2SaPRLcJ74c8BApInzUA2xLQ-ca-BtiO9KLZuxYhblrkqOlI9WGwuRFkz9OJ_vb6zQPPQLRpd-yl2K_O0GHaEyswKRyNuXTFrHd4o6PWQ2TIiByi82JVBOwh7-tqTYv-0BhEBblz7rpCl8c4ls7MBzWjzRzUG1tSIhhv9o8zPlZP8E_EQx0ib_lra2T0wtg5GkC7WgMcAP8iKSBEahAs1IQvRLAvrndlGMka5v3sB6G9Ws0YqRE_zbBS_NZfXHV29bnessPfgNIkA6XfDf_FoaILHRNMwz0VK1jRU9aisITHCaqy5dmc74yVk9-ub3czD0SJXN939QUsbWTwlbkNbugH5e-0iOLqwn9vFMMyIFJ7Nd41lVMiWLQNAp8qG1lQCjxMOV8uSrSfVtDLZJmkx956bick3BK1MF9yqef7QZ3wLgCkDaf6tUq9TPwMcoUUfG3z71xBBM8F-rGWdVtM18SVscNv7a2uhuSaZu8qNKC1lxY-XdXCJsLo_qRIFSIisaFuCzpbh4lGXh-grVPSahriNTsR0b_99M8hTAw9CbGeK5I3akSOsYTxX1f1f49d2ayR7PbLhvj9d2Gt_2JqG96OwX_NPmqXhCSb1K78tWqlCl5gEboYDq_yXRdkm0DyIlDhgLd4jxUYuyDBurxCyhSTPueuy13cxt5CWdpc6ls5zwfzV9zGXE2P2a80ISEKkRZIcqSla1Hw0FCACUeUgTLjrw8lViYV79klwLivJj_iOWWk_pnxmHyv_l-WLjerRwl8EbrpoBpDL8B66CLJV3e17UCndS-fe0OrP9kfXwIGHXZPBuHwYVowJnTLfLc6CtI6QMFmG3QlyDJyFeFsFeDs4vez-AUYBHbHvR_JX0AZdkxvPqV_VAoaEaNGUcUXQgQqzsnCVOWKHDkw4VgwaM_yclvODQg0XWHfjNBl2qF2ZT3ajcimv8_mt_EwAxDEQRPAl3VTepfFqoxPELscvYAIiYcSk9XN7ITAzfkofGhO9xWBVZJ3avOndsfrd15RA1jesToDzZJm5feydowuGOLbF-dHDAL__am6-6Hmydk5VwRgtbClOm9Qqqo0cwNZezkz60scQtqJBhReJ-04SjiU9o9Z3O0cBaIwdNbR6pKNwGW_8lIkSywzDrVSAhfDbZXezYgdM9-sSSnHsvSujyN3bdGf4RF_6Y-sCqoIabLI4Bm9gS0FJJXAceuNZSJ9LiJSRMo7ftfjUTEMTQOveGye4xT8cTnCo6m-tptBf4OdD_bjvmr6hG75FF2RQcwRQ3kDQZ6VScolS0REgnsE00Xd0PPSm4Z75jmuo5BWXKPZr7L0Qpspm4LoaXEVebYrlJNqzep_v5viXaIcuE1LaYwsxgEQW5_opWlZ2oQbaG11TkkeeT0dEulwtgq_bJcu-syVDuEBIrEwsmhNF-FevBfe0SikfHBGYUxmo12tmVAImi8Q_Rp0wiMJxAko-H24bLdEKmdjmKxTJ45_sCIvn_UQ8uPZA9n9Ol1B6ZvpTIt40gLNrcuMm_ryW1Ig12FtYUGRZWlw23kBRJI02rXn9RH85-hYtXgDzVtdqSkxbvQXP6gsUZumpFpbnQITN_Ux&cid=CAASEuRoJCj8i_Mq0CC3sVah6dmVaA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ebac134017eb048dd6c24637cf2ad36fd7f6b9e2b880aec4594968007868ae5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33999
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AEE7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKgOGePDU4Yr1AEBbhrxkSOrOKfmfIo5SZoJ3dNylyF6n-vXe0M4h0T0t4E03kIsy96nMTtHPT8r0ycPxDTYcswSZD&sig=Cg0ArKJSzHaL_5fuY9eiEAE&id=lidar2&mcvt=1004&p=0,0,280,336&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664057881950&rpt=1163&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9936
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED022-6gVjHF56Iv-rgc33Q&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED022-6gVjHF56Iv-rgc33Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWmp3vszh83tEnj3gA6RDU_yav9Pzi4d65qv4sgw8DoeUh4uD-A4lYc_KrTIB9s41q9FGv0HgjOC5cYkjQSqyXUqApq6A
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4d4ee31a89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BD8XJQ%2BnwVW%2F2N3dfVCL4Z9FO4qXcoemRki37H9ZfaYOVZ8yU1MobS2BDB0DEzAoLEcec4oUVFuduj8dTMwoOsCxnUv4B6w0L2KQAwoyXyl1vW5HNnRFtZnTg8DMkzQ1%2FLU0C9zU%2BBYdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED022-6gVjHF56Iv-rgc33Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9936
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy.CHKuYL2cjhEGEVD1B6AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED022-6gVjHF56Iv-rgc33Q&google_cver=1&google_hm=2
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED022-6gVjHF56Iv-rgc33Q&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWmp3vszh83tEnj3gA6RDU_yav9Pzi4d65qv4sgw8DoeUh4uD-A4lYc_KrTIB9s41q9FGv0HgjOC5cYkjQSqyXUqApq6A
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4d6ffd6a89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPdgNgWQ8Rbe9eLKKIzFUQjnHiVUShSe7k8bZFRI7xCkSfsp2HlE2QEGWAHKVb76hip%2Bjn%2FtFNlkgfutRdavq7TITwxlMX4QVW591Fu%2FAvHGThMMYs5MMf74rbAYA96vE4W02Ig0qpfaZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED022-6gVjHF56Iv-rgc33Q&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9936
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAQNzNJRtKY8IyMA79RnYjE&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQNzNJRtKY8IyMA79RnYjE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWmp3vszh83tEnj3gA6RDU_yav9Pzi4d65qv4sgw8DoeUh4uD-A4lYc_KrTIB9s41q9FGv0HgjOC5cYkjQSqyXUqApq6A
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:05 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5570d3ae-145c-4d3e-b703-e43b286eb958
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQNzNJRtKY8IyMA79RnYjE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9936
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODU0NDMxNzI0MjgwNTIxNw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODU0NDMxNzI0MjgwNTIxNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWmp3vszh83tEnj3gA6RDU_yav9Pzi4d65qv4sgw8DoeUh4uD-A4lYc_KrTIB9s41q9FGv0HgjOC5cYkjQSqyXUqApq6A
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:04 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5df61fe5-0478-46a6-b3ef-f3592677af48
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODU0NDMxNzI0MjgwNTIxNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D306 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:03 GMT
expires
Sun, 24 Sep 2023 22:18:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B7A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:03 GMT
expires
Sun, 24 Sep 2023 22:18:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9EDC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:03 GMT
expires
Sun, 24 Sep 2023 22:18:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B603 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame B603 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-ebat-BWxx0qKO5uG_3qM0_F-duLOFaK0RwTFYMitvRHLu0-U9WARyxob1haZr3J_LMFZmr1KhUCxi-SvRLZGXP03B3GPhrTSbtUFLUqDNGsy5A9LNZ_AUmY1hQ8f_k-N25ODivbUGX1ZbZmarvEZyYRHmg&dbm_d=AKAmf-A4qAFKWtH0X7icsRTzGtVAL-1AV9S5vQzT54hoe7DvCWz1MmOT1iF6GRArM4x3amOTvmyr0H5ugUyQbWj8oBXno-7gaJIAFRu1jJY6nKgYqHDhyOYYRS62n_Pa5JEGyNW9nX_EwhI4ZRJRjdJ4AOIEOthpwuLF8BJhWWmb2YMxx4JxMPRtVDUXhCLahxr9gYi3W04Yp6ziEaGpeT68tVRdpWa1zDiUHl967WbIJ_DceGdxZwmgg-HwbLpbizKcamaxDsnLUYFOHLmJcENmo-rML0xH_f9U59asVAqcHQQBoxyA2ImHsEgPLL3g8w5Q0P50W1uXaB8XAreXuGwm_lVhledX2MET1oTVWRmd62nl2IyQIjAM0dqw-SL8Yk_X-H2-9AYPhvfG35I5CY4E_bS5pd_kX4o98yoTtMLQBWE3IkzRlllWH1MXzgNArm57wbzM5_MAxJVjasTub2KsF6QKVmg9QTUi4HAfVToYoShmoopAL00GTh3CKr1U0m_py2Yf16az22lcmbxJOb5Z7sSuVxCVU3-z04ERGMaJJwqwZ09tBXVjYkwHYmi08X3OoSXqtC-rb6-9lqx64IW0M-U3BpLPPdFS-BZlLj1uq6W3o38vy7Rx6JT3bheD6GvZ1OUgbu_qp15OnOu9JydawcUqjuwNWftA2w1Ir4CaEuH1JSoEjeVXPyxG7A7NwE9vuW3lW4AbdPQuswfpoj0CR909I7OkdJDZ1bvCZDhzKy9Fk_4JBE2uCxmEXA31vjktCf1akocWibMAAekPGxBg3lBBizZKh_E9KsURpsy7JjlO8IL1yjY35uEkjKLSgrWDMRLZ7StvOlPsdmxqAMaB47CIKiDnPNnYdAoYsFZ79OKq9dZvVgZ881j8kB-gGnUzoeBuF1yjfUByaQ3IdASqhA84L6R6HkgT9eCKqlfCdiq-QF8BJm-MmXaK4Zo7j6zzsr1_aQfnw0Z_tEnqMKN_O7SlNE6Ze1mp4UMJsrswdEzr27-d23zYqCYVANhSqM3Jpaak6cSrMjTxOnaYNWVo2HUpJo4xu1gm1iMDjVkURGcH0mFWUekqcK39lhZAFDets1PUIRX6VpN3CqqgX9sHOcPGag6d4-jlTIncEzCtuHF4e8VXua9W-lUeG0JgPHTUheMY94i9Ltb5Yd8kL7CKAwcvJAw6_5FjsHDYhP58HyzK9l_r5cC2R71kPEISe6YadskqYRhgUMcqreFDl686_7Vlnl-iVn0Eb27nx-VuLIgnRIBicSQxxdfGXYN5miegTogaBfRBcjbB2EqUDPGB8x-HiiSoCz9jsMTNkV4Io6iKRqA3hWX1G29AN7H9iUtVnD2dhNT7BvG4F-ChuBSfpgdNv4KLDtRoCEdhnMvvAOQrJx4LLKmaFkDsXJ5NrjEByrX59jLpIQUPAoHDGIoOizXbxQvlRSK8FF5TsgDpVm-LT0w44_kwVcbmFVY4KPtVhb8H_chN2SaPRLcJ74c8BApInzUA2xLQ-ca-BtiO9KLZuxYhblrkqOlI9WGwuRFkz9OJ_vb6zQPPQLRpd-yl2K_O0GHaEyswKRyNuXTFrHd4o6PWQ2TIiByi82JVBOwh7-tqTYv-0BhEBblz7rpCl8c4ls7MBzWjzRzUG1tSIhhv9o8zPlZP8E_EQx0ib_lra2T0wtg5GkC7WgMcAP8iKSBEahAs1IQvRLAvrndlGMka5v3sB6G9Ws0YqRE_zbBS_NZfXHV29bnessPfgNIkA6XfDf_FoaILHRNMwz0VK1jRU9aisITHCaqy5dmc74yVk9-ub3czD0SJXN939QUsbWTwlbkNbugH5e-0iOLqwn9vFMMyIFJ7Nd41lVMiWLQNAp8qG1lQCjxMOV8uSrSfVtDLZJmkx956bick3BK1MF9yqef7QZ3wLgCkDaf6tUq9TPwMcoUUfG3z71xBBM8F-rGWdVtM18SVscNv7a2uhuSaZu8qNKC1lxY-XdXCJsLo_qRIFSIisaFuCzpbh4lGXh-grVPSahriNTsR0b_99M8hTAw9CbGeK5I3akSOsYTxX1f1f49d2ayR7PbLhvj9d2Gt_2JqG96OwX_NPmqXhCSb1K78tWqlCl5gEboYDq_yXRdkm0DyIlDhgLd4jxUYuyDBurxCyhSTPueuy13cxt5CWdpc6ls5zwfzV9zGXE2P2a80ISEKkRZIcqSla1Hw0FCACUeUgTLjrw8lViYV79klwLivJj_iOWWk_pnxmHyv_l-WLjerRwl8EbrpoBpDL8B66CLJV3e17UCndS-fe0OrP9kfXwIGHXZPBuHwYVowJnTLfLc6CtI6QMFmG3QlyDJyFeFsFeDs4vez-AUYBHbHvR_JX0AZdkxvPqV_VAoaEaNGUcUXQgQqzsnCVOWKHDkw4VgwaM_yclvODQg0XWHfjNBl2qF2ZT3ajcimv8_mt_EwAxDEQRPAl3VTepfFqoxPELscvYAIiYcSk9XN7ITAzfkofGhO9xWBVZJ3avOndsfrd15RA1jesToDzZJm5feydowuGOLbF-dHDAL__am6-6Hmydk5VwRgtbClOm9Qqqo0cwNZezkz60scQtqJBhReJ-04SjiU9o9Z3O0cBaIwdNbR6pKNwGW_8lIkSywzDrVSAhfDbZXezYgdM9-sSSnHsvSujyN3bdGf4RF_6Y-sCqoIabLI4Bm9gS0FJJXAceuNZSJ9LiJSRMo7ftfjUTEMTQOveGye4xT8cTnCo6m-tptBf4OdD_bjvmr6hG75FF2RQcwRQ3kDQZ6VScolS0REgnsE00Xd0PPSm4Z75jmuo5BWXKPZr7L0Qpspm4LoaXEVebYrlJNqzep_v5viXaIcuE1LaYwsxgEQW5_opWlZ2oQbaG11TkkeeT0dEulwtgq_bJcu-syVDuEBIrEwsmhNF-FevBfe0SikfHBGYUxmo12tmVAImi8Q_Rp0wiMJxAko-H24bLdEKmdjmKxTJ45_sCIvn_UQ8uPZA9n9Ol1B6ZvpTIt40gLNrcuMm_ryW1Ig12FtYUGRZWlw23kBRJI02rXn9RH85-hYtXgDzVtdqSkxbvQXP6gsUZumpFpbnQITN_Ux&cid=CAASEuRoJCj8i_Mq0CC3sVah6dmVaA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 19:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 19:13:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame B603 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-ebat-BWxx0qKO5uG_3qM0_F-duLOFaK0RwTFYMitvRHLu0-U9WARyxob1haZr3J_LMFZmr1KhUCxi-SvRLZGXP03B3GPhrTSbtUFLUqDNGsy5A9LNZ_AUmY1hQ8f_k-N25ODivbUGX1ZbZmarvEZyYRHmg&dbm_d=AKAmf-A4qAFKWtH0X7icsRTzGtVAL-1AV9S5vQzT54hoe7DvCWz1MmOT1iF6GRArM4x3amOTvmyr0H5ugUyQbWj8oBXno-7gaJIAFRu1jJY6nKgYqHDhyOYYRS62n_Pa5JEGyNW9nX_EwhI4ZRJRjdJ4AOIEOthpwuLF8BJhWWmb2YMxx4JxMPRtVDUXhCLahxr9gYi3W04Yp6ziEaGpeT68tVRdpWa1zDiUHl967WbIJ_DceGdxZwmgg-HwbLpbizKcamaxDsnLUYFOHLmJcENmo-rML0xH_f9U59asVAqcHQQBoxyA2ImHsEgPLL3g8w5Q0P50W1uXaB8XAreXuGwm_lVhledX2MET1oTVWRmd62nl2IyQIjAM0dqw-SL8Yk_X-H2-9AYPhvfG35I5CY4E_bS5pd_kX4o98yoTtMLQBWE3IkzRlllWH1MXzgNArm57wbzM5_MAxJVjasTub2KsF6QKVmg9QTUi4HAfVToYoShmoopAL00GTh3CKr1U0m_py2Yf16az22lcmbxJOb5Z7sSuVxCVU3-z04ERGMaJJwqwZ09tBXVjYkwHYmi08X3OoSXqtC-rb6-9lqx64IW0M-U3BpLPPdFS-BZlLj1uq6W3o38vy7Rx6JT3bheD6GvZ1OUgbu_qp15OnOu9JydawcUqjuwNWftA2w1Ir4CaEuH1JSoEjeVXPyxG7A7NwE9vuW3lW4AbdPQuswfpoj0CR909I7OkdJDZ1bvCZDhzKy9Fk_4JBE2uCxmEXA31vjktCf1akocWibMAAekPGxBg3lBBizZKh_E9KsURpsy7JjlO8IL1yjY35uEkjKLSgrWDMRLZ7StvOlPsdmxqAMaB47CIKiDnPNnYdAoYsFZ79OKq9dZvVgZ881j8kB-gGnUzoeBuF1yjfUByaQ3IdASqhA84L6R6HkgT9eCKqlfCdiq-QF8BJm-MmXaK4Zo7j6zzsr1_aQfnw0Z_tEnqMKN_O7SlNE6Ze1mp4UMJsrswdEzr27-d23zYqCYVANhSqM3Jpaak6cSrMjTxOnaYNWVo2HUpJo4xu1gm1iMDjVkURGcH0mFWUekqcK39lhZAFDets1PUIRX6VpN3CqqgX9sHOcPGag6d4-jlTIncEzCtuHF4e8VXua9W-lUeG0JgPHTUheMY94i9Ltb5Yd8kL7CKAwcvJAw6_5FjsHDYhP58HyzK9l_r5cC2R71kPEISe6YadskqYRhgUMcqreFDl686_7Vlnl-iVn0Eb27nx-VuLIgnRIBicSQxxdfGXYN5miegTogaBfRBcjbB2EqUDPGB8x-HiiSoCz9jsMTNkV4Io6iKRqA3hWX1G29AN7H9iUtVnD2dhNT7BvG4F-ChuBSfpgdNv4KLDtRoCEdhnMvvAOQrJx4LLKmaFkDsXJ5NrjEByrX59jLpIQUPAoHDGIoOizXbxQvlRSK8FF5TsgDpVm-LT0w44_kwVcbmFVY4KPtVhb8H_chN2SaPRLcJ74c8BApInzUA2xLQ-ca-BtiO9KLZuxYhblrkqOlI9WGwuRFkz9OJ_vb6zQPPQLRpd-yl2K_O0GHaEyswKRyNuXTFrHd4o6PWQ2TIiByi82JVBOwh7-tqTYv-0BhEBblz7rpCl8c4ls7MBzWjzRzUG1tSIhhv9o8zPlZP8E_EQx0ib_lra2T0wtg5GkC7WgMcAP8iKSBEahAs1IQvRLAvrndlGMka5v3sB6G9Ws0YqRE_zbBS_NZfXHV29bnessPfgNIkA6XfDf_FoaILHRNMwz0VK1jRU9aisITHCaqy5dmc74yVk9-ub3czD0SJXN939QUsbWTwlbkNbugH5e-0iOLqwn9vFMMyIFJ7Nd41lVMiWLQNAp8qG1lQCjxMOV8uSrSfVtDLZJmkx956bick3BK1MF9yqef7QZ3wLgCkDaf6tUq9TPwMcoUUfG3z71xBBM8F-rGWdVtM18SVscNv7a2uhuSaZu8qNKC1lxY-XdXCJsLo_qRIFSIisaFuCzpbh4lGXh-grVPSahriNTsR0b_99M8hTAw9CbGeK5I3akSOsYTxX1f1f49d2ayR7PbLhvj9d2Gt_2JqG96OwX_NPmqXhCSb1K78tWqlCl5gEboYDq_yXRdkm0DyIlDhgLd4jxUYuyDBurxCyhSTPueuy13cxt5CWdpc6ls5zwfzV9zGXE2P2a80ISEKkRZIcqSla1Hw0FCACUeUgTLjrw8lViYV79klwLivJj_iOWWk_pnxmHyv_l-WLjerRwl8EbrpoBpDL8B66CLJV3e17UCndS-fe0OrP9kfXwIGHXZPBuHwYVowJnTLfLc6CtI6QMFmG3QlyDJyFeFsFeDs4vez-AUYBHbHvR_JX0AZdkxvPqV_VAoaEaNGUcUXQgQqzsnCVOWKHDkw4VgwaM_yclvODQg0XWHfjNBl2qF2ZT3ajcimv8_mt_EwAxDEQRPAl3VTepfFqoxPELscvYAIiYcSk9XN7ITAzfkofGhO9xWBVZJ3avOndsfrd15RA1jesToDzZJm5feydowuGOLbF-dHDAL__am6-6Hmydk5VwRgtbClOm9Qqqo0cwNZezkz60scQtqJBhReJ-04SjiU9o9Z3O0cBaIwdNbR6pKNwGW_8lIkSywzDrVSAhfDbZXezYgdM9-sSSnHsvSujyN3bdGf4RF_6Y-sCqoIabLI4Bm9gS0FJJXAceuNZSJ9LiJSRMo7ftfjUTEMTQOveGye4xT8cTnCo6m-tptBf4OdD_bjvmr6hG75FF2RQcwRQ3kDQZ6VScolS0REgnsE00Xd0PPSm4Z75jmuo5BWXKPZr7L0Qpspm4LoaXEVebYrlJNqzep_v5viXaIcuE1LaYwsxgEQW5_opWlZ2oQbaG11TkkeeT0dEulwtgq_bJcu-syVDuEBIrEwsmhNF-FevBfe0SikfHBGYUxmo12tmVAImi8Q_Rp0wiMJxAko-H24bLdEKmdjmKxTJ45_sCIvn_UQ8uPZA9n9Ol1B6ZvpTIt40gLNrcuMm_ryW1Ig12FtYUGRZWlw23kBRJI02rXn9RH85-hYtXgDzVtdqSkxbvQXP6gsUZumpFpbnQITN_Ux&cid=CAASEuRoJCj8i_Mq0CC3sVah6dmVaA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:52:12 GMT
all
csm.as.criteo.net/ Frame 9C4E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=IxtB2kKZyxG_Xkpz_zQJOUuNLIMrF7dSAbNJAHQvkEbVSwqDLhpRV5rDXvmZBL65pYIdnCyMgFsR9ejS5_OsVCkZr3WOoSago8NMb93v9AGtNPy-SaZrztASyt1TAPP32Yi5BxcBAHifp9Kqq40q-JHvCT8BI1PqzmFqCnMMGjKw3na5Bh8UnrLmG2MFBbyCv3kqbNuXOR2ptpZoGIcLed4D0024Oc20AHXW3QFN0LSMAjaN_8B7qgliTj53z_TcHlHBNA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Sep 2022 22:18:04 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
pixel
googleads.g.doubleclick.net/xbbe/ Frame 45ED 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COLeahC_-YoBGK_on9MBMAE&v=APEucNWQDCIuwvqIogymbKU7K04__xPdXTQUs4RZU6JjwpgissgvukqjdmxsH7RvVTQd_rYbdfw1HmZ1kCc7omv_IWNjpTu5Lw
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D306 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGNcsKdT9Z2Qfj96rqAynxpEu4sBgXFOe_JEnhQhV_yMMMPPFQ1JlgRPmQx5k5RpKkz-1mLHyHJ3K7CZdIjWQV0pePxg&cry=1&dbm_d=AKAmf-AtkztIvC9ijtwrs2q38qJhi7hEC25vSnnmInfEAWHE0DlcgqACuxOHB3qP8c-LiLo-kdlLRjRS8FuG0YU3SKoBzUCKtP4p1jz3OlazA-YUkxTMPCLzAM6LeB9yWHT_vIWiw5izakqoz61whhYxwEdIIUTXHNhQXE3IY9OXns9zDoLma-CHA_H_vJA_AAhVjWjKcf4z6PBnkOCMQ-514_X8Z96MVrFJ7tskGmHwa44gil9_8fnuuejZt_yMNyyMoo2zFTkR-UoMRFuQLVARaz8nU97WNljgEurBdfR95ZOtxnpYirC09d_UYl9HU0M5FAKayKZAh0tDnub39iQSFDWu_iHnh8Lyzk32eVQgnOIZIqSOqk9WFq69a2LRIQ96vrkqdWEeGYqMomM0DkF4FyrV8u7FPkWqkMPaYJWXKb8W38Gcaz54wF0Dk5VyeBW3tsIr2rlawie5PQmGVj7plkJEittumNwG6v9fxb3BrJdW2mSBTeSexrK3fdKc9kLRZhN3xFLnYEVYsG0KSBoV3UKfwJ1yHX-Pjs6ZzqgF8wzXSzUiwsV8-UxgsX5EEUNNCNtOhjmF-kHNol3on8qW67dZexLPADG6hTU34xhDOcMDU5M1wWdfBAmbqC8cdg43l6yYsWzEL03UE2rRyjAJsw6hG53UoB7OU48O2MfEgLNok8TQS3sSajdfCBHJ2scBnTzVcJ6W095ZdgDQr56Q-_XcANZXMsab0DE8I6VsW_y4qvJSEpP4yher-LLo1z3B_7bq4zNzzxuu4aXW4BeyQFLjEss0I2_r0pziRwyyviGMCNHqqbsZB8LdgxTb-_K4bkTpQSyMkadNPTodkgIEnsTP73VxTBtK_B-xiH43jcsblhgl_3xtUHEfRcPycHXNVCgC9aWcLbD2PHNEwvCHe_0CiFo5f6zYVVT10G9KaBJDvOK2NCNFZ--IDiWvOp9U8_VxjJxrk7T9ltapgHNHhPd_GbyggjV95TDAlI9eiM_jBAz0ET1DipzxfmmGJuJvZU2ZypnNncbsaRkoIZMqJiZriSYXPOGFmRbaNvNFBZooGjGVcNA-YTwQUTgeW1dyLXK9AmB3EfrnhlnQHndbRwq6YQLTr90i0ixsFVtdiU7TyHRo-9h-nInFlobGa5TmXW5n8Mh1jU5-gAJvycZXYPx7vLKKT8U6ai6ictNrsk12_7CeDkqMwkQ5Mqaz2v-tM5F-6mklTwBYmiJigFiJiUJ4XHubwdKT4ENhdFNNJvKDeqLen6tkBIN6s_72aglZkNW7Svqs8eeok6SodnjYphSlLRVt1lLs6rz0FYyk8ZFAOH46wt_fIUvx5Zk7W2SsJ7S8BNvA5P_l-shkqYYdt91z4wbChAiW5n1kzvN6peBxNIOnabRKfjyOfrumzwd6w1u1mOu7ZUEUxty7stu8UnLVm6McIMnxdJrugSR6x5pkeejE_mJLba-ud_Ix_TydYJLncCyU5gbzWEGs4qG2L7B6Gjg-IA1MafqckAdVRux_7Srcm441iVYbpPZI9HW8ha79KWoHgiPlVmSNi7-ftEqpg9sIj7unOyDIetZl9VRH6iiO5GbwX35JkMjw5tmOPWSri33lIc67-hZLrjts3vQELtwQt23Cu5ZlTsexQCwKVHxA_z2HHIyv8zV6mzzj3G-QA-aJGxSSZVLFGe2o2qcpSeT57EY0GmgDuYquPa2uZ2XbXtAHDjcp2jLhUXE75pjvEY8vFbjgj1qv_bHS7iOxh78IaYylfQKkBD6n1SAbL4y7FfCzu3BTr_NPa-1TArkBtyXRvA6MRD1KuLHXrj5FWH5Nkx731pbc_CQUOeTZccrbIBeXZDuTSew3C5d_aCIo8s0p3TTU44QZxVjCqwh1_xVOew-Wkd592ta_AQlIBY9epyTDaNOxEptWLFAHRettjIx068QFTAYL5Yp5nLxF37FS6Hgp2blnR2RLVYc5CKaYrWYZN8aWoBx5ag3zxdAbmwiqT9xyKS4tOrLsDUwC4TLegeJpNhbmePKkK72-0zk_SBsyc11Ig8XYNJnoAwYhq4Swe_5hAXw9rEPFBQRfs_s-s-3X6ypebgyPPCaSW3c8x2ZdYAJNcWT17Yo3j_Zr0dIABysVW9JSK1T_AKTMpo9pd6oilO1k-SrJKeDm7LokOW4D2ihEvEF0k8LZs1sCmuoYBOvomVvGNg1ZEDLuq2vdw0nCaptTDN1ZSj3kw21leCgjqN_pGRbLIS7zRdhyDKbZL0hNw3ndi6oGc7Fp2v9uv0OOfrzvs9Evb7DLcPSK8DyGW7g8-jwihIXx7OWclFCrHI90Ndhnn3bwgskR6ixl9QriiNhZbwM91T1AJ8ARemnZgKXcXM1_VR5JIFQJq3fMeP5eXabPmmztqzRwRd3T6boJfRPK294AWy3pPscV-FXHWXp8_Q99avxvmcjbfH9ZNw2Il12HLeiM0oarUG4y0MPaQ2-bh20c3T_kr8haFaq2JceEoEoioQPEOd-zSi8i94HvKi3j8m8mgfhkdrOpyxrSvJIqmZwsUvYlyAeN__fVsgoMkzzjpeTyNO8ePCFZzR-QsJM4h2bITYAkyGS0RE-5BiH8M0Y5tPnMzlw8bi9UI4KglUTi-OQAZ_QRr2rfv_rRtXSJrOS_dBrQtPa4eccGokEz0ypoUM9Ann5yHaqe94b3tu67UNDSg2SNIV4XdNzMhpyUB-BAcSY_E4C4rXLWpo7DMS4Nfh32-fM8WOcUbCXNNaIhBBqmD_jDj5hpVbp-8hO89azeoQy2ifb7mn2twskr0GXp_UuwyaamSYFtQDxM21haZhaLP36FTi0q4ejj0QImx5ET49BL8_koJ_PAuEMZJ7aV3OdnwMjBpGJ5nPOSrlupmz5Ifpu4vP_sgfpe1JtIB6OfbIdn7d6-425rwNlKiO31as5JBBZXjPkEmWNrAS7YgsZCZe1D0zSHOKdWix6GRkRyPEcDlyaehwzD0dhHl_Y3EdGkLVsQ17zEmJ9YeaKaYJuP_PrCUN5FoHr5AUsp8S2ozAHlxLq8AXFg0FJz6OjuJcDeM6tbSRrmZHhxtrGpH4u-CDyJsGwZuDOkJ0TeGU2VMaUo-zpAOtWf6UhvyyRekbfovidR3HnT5BXriUisu-HCfMSiCSJJ2VD9yHTYagrCO2VcxhHJPVbdeCX8NqRKmmwczyi0PFo5t-9TC7txd_4CPkFZ6tDRNYucfPZb71csooZqWx9pYSD6Olm2MPWP2O-InsB_FGlDICCxbAWCM2jcGzjG6ff6K3jY8ghComlm_fRxWk1C9_iLQMVR2es-5PRhxjKppbKuc2Kzo8pZ9eKQLk0JR0Fne-CudlsmmOf9QD9IDbrSRWFnlLheQiD2oh-jV28cCzShMUZuEDa65co3msfV-L9VG7cAaQ2rQ5QlwPzUyz100g&cid=CAASJORodi0FUrQQ_uv-ZUXcsKLvXGWPPem0nPYqNP7han_gnAxSpg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
b4fb75b29b9bdba6b10574cadb5adec9b558cab7f5199346eaf6f93775933130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D306 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A39tvAqV_g9CCq_djwNKFP7GZxASL68Q3gPG7BPC1ZG8Gg1ifZ759L_ehwkO8yv9hBBvyC9RszAsFrKAVPa-xH_5qazpHkh1ufp_dEOl0tcwJ065M
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame D306 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:08:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame D306 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:37:22 GMT
l
www.google.com/ads/measurement/ Frame D306 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQug7TVgJjx6YCTCdrRLilT5a4hycWTqSyx6m_XlRHwvaMccUkGlZ1QS5AS4RaQ0ghLKEGiPr8GRftp85DxuBw17OdgHA
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D306 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6C6C 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLioLhDv9MTxAhi_s6_RATAB&v=APEucNUzbgyQZIehKl_d1G4Xzl6wcQoeM0ksGIOWXRU4jbevIJUZZbCNZC5yYBHqPTiC0T8Q05GVOsy_aFkLEL0eRT-0aOzD4w
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9B7A 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWGaxZXjlEk8gHR2LpB0w4l8oYbkwYIGTYrR1KuQVMe0MVs3CEMiv8QW2feh6miFHB-xZsVxXSwdapz_W-I9eUVsR1pw&cry=1&dbm_d=AKAmf-DEqQXOAjVgusCDx2eOXdoOEd12chr4UZk1jKJV8FfD2_wK-57Fy1RmGEYYSYXsHtIPrmL2pYXzMLRXkwqXqa4zXLnXMfyloeaEWWX-K8W0voppB0btoK3FP9LIaIqJ28D_qSO01FAtDTFypQR4GxPAi81PULEU2q6VeaPGuyPht7XwpvXEjkxDxsHXUfu3R0tzdqMPLqdDzphXEvKHtwhBSuIyXhPBxrWphAcBwikK4NyFneyZNLiu6RXAvV6DQNhXJfH21jcas5I5c2s0V_uojeVVMlxm3d30T0cAfrcNLjB62IV2LBRco2j9G7apU_vcibWXuK0DSC9MQ_GjbyG-vGbLkT9JmGvDKjE4YBudeJiHvAwzsEoUMDfDLYM5oIUbGIIVsC7SDl09pyYqN2XkW32Nc0FhuBZIu7G8kgJWgt7_YFhcqBL_5tDPn2HjiHv0Gi6RwfrJYh4bECPgPTGeVH53q9Yq3Up0llpxz8xDA8v4Znqf1tf2xXzIi-fNq4tyGtPQeyxqh1C-mVvdcIzz6rtOskpItKJnF-BR6A22YFqTTVSK-o-qtB4K4fzwHQRkoqhFFhgKdBCQA2WxZDt2y6BA_N1UCnpXwWp6k07paWasfM3PR7smMFYfAuHkpDN3CMZnrA_7VrKbJMe9Z9yyCyFpwByQmtojCpf-W2fdf4Xwxx8Uj20dUIkOhssM5WNAzcZ5eJvISpuRjZstlLi-FnFKMhjos1F_yX8HIhrhaFAorRjj9UwYOw-oFXm29nojhFpMtGWyrFHwe6_961Bc6u2NzaceCB25Yqzfj7VDJdExBlCjrAdjVq66zHoor5jBsao7l8gHLNGP4WrAYTr99Q1L2WzYLoFMb5L1lqGVpGxn5FV9IUX-wSsh-Mgc-beYFfbzTZAUDFyO1uRgR5u1IvvMZptIFE-0E1tXKzrGpP3ORqAafrlblyuGBG6EOKSuzz8rtBfpQf_BR6zj91b78mtLJ2fivgCEQP9zl6Y8i1y7mT4AQKC0GR3RxqVKzbUsO1v7k7Vi_exY-EUpw1O6Dru6q7Sil7hVBP1qalRJh9y8GQjquhu5k0nPdsWIIHFrlp8gBf_oNusIAkixm-FzY3a4I5VBV-sc_AZLrmvB0JDabGaEbNVk5PVgMKMHV2WsNRSxaJZ3_cFu5QxVcaUQP6FZKiEyNeru87X7SHmEjoViLcWtxDfmTo8GQOsc7sWEY0KqTsTMdO472J4yaOPdi05yz93DYs1xxsbNnWWDxqZsJ9m-KGpiRnekH3Oa2jD4S4uR7EGbtTCCnRR48vdSPxRSphvFOcnIwhS-6qqprx78OJntdOPwCVk088O8hIhPeJVGnerzbphY8Eabbw0O5LJUlR69Jy_du7v94hNesUYpo-aPADpLcb08qYerC0BrZCo69PJPeAaJ6LAbOG1UAK2CEZb8iGE15y8WAv1mhhTEBgTlH6ouf7KIG_auP2kv2rm23gjh1DuOWBhM8yiQAVtCA5xz2wCpLPLxKbXTlQTPry1B01kMA3gkn3Oh8fCQEb7xJORBpuM77vvM8O3tfUXQWgsWOy0zQmIc5eLol7LEQki5u41tJR1TE265MjtCrjZSbWB2nutNSKWLic1msTwNogmdDaZ-OZZezKo_tkfpgB9rGRu4n8bmwKk7ORBXQ3ss8gQLh_cga7MI1nEXuDkFM0-RbwhJhO2D9HXBwRBSClV4d-ou61649nyHNxhQEqSvf-tBSw0tqAxEIcM-xcKKOno5-MRi0HfiUuppCYfb-UTN5OoIYVmOvPS4XF7BlOqrBSdwZQdROKlwe22jLubdECwk_qRL-bUSYV_XYBam_M_wV8KYU8lCBNXaW14j0Wymo0TikkBwsou5PW23Y-su75cfJrY3iuwh2yyy1W0x0QfW3fqMTjFE8c5rDjr4NWejNqaLPKQJZ0jtb7Dh3fNkZSlLUmEK0Vc_H4zanGdxPj4bcwV58_e5PhxFibcRD2CBMLXdvfVYOEFizHCS-PMOiawNiKopLYqlF5gkvC01Ae4cyEoGdtYpfGkGS-ym2PegmQr7owGFBhYsM2vbIY62B6RHMgW1ItDy3JBHFH801Qq7hmCIg8j0e_mG48_M3fZ6JzKash_Get9rp4qgI5HIzqAwz36vYeg8i5tdilV7ulNgnWY60EN5fc1gqa58CEQtETD3NIES0gGmhZRtwBHyzPaQCiL-glZ58yLBZTU6Mx8EQ7BIvG7-h2Idb-vRVcplhYeA0nUVAVgywThgLt3ILQxbw968TY3LZ1AzJtM42ANxgzd4XqwOpN48NU3EkG9E-X0QidkYUF2gqloMrrPrI0XtTjie-Ke9eK4ZTK3wyScb9qzomrd-LPhzvzckJuHTLpg7pOsc2pn_9ylVJED3yXbNsdE-We8Cwqv1YKbevfieLN8AdSB9DFgjGZXLz9rJhL4lPThPbJ8il-gH3z3JY7fWcU6f3HERqoqgZH-Rx_k5O1YWDZgrNGX-euuFNJlNWTeKEl48EZiZL5XauGhxW5Rv_xppeaBZO8hhwu6zLqMlAmVRIyhohnUmywEMYNSq3JNzMY-4w4zUnOeJpu61es3GhTthw8-ktpvs5sM9blPtR1SO6kDM2fxxv8YZCgRUlBPm43Br5xFF6KcQzsteSkLZ7yVbANQDGapaGrkOQn7hFcH3deFigfRCyyx__7eW1bAvdLw74d4gu9pyTbbGRQ-GAsqnGg8H4LcKVwjUiL1lcSZOihBo-XVf_4Tzq2DT-wnCG-UU2TS-W9cL-jKNFEYI-pXzfKiB24NZnSuy-YamHM98MButq8cmM1o5XO4Uly47ci8o8QqwogvcypOUw869uN3FSfvZ6qj1_p_KWUuqBWaM3nHYDNovwmHqYLsPi3u03zcXE3MQSGLydX9-SU9p0iKCl-awQdQre3C3Cn3m4VwactBTzoTHog946awucjiE1T-j786mdL7fyNk_O_D89EFdLtiKSOurgCyxYlbEef3Mn38MWgsBZQDWMjq_1UI_zztncCmRLe31do9v88AzPbm_aDFeCmB2pHFpPqake9M_RqzGTOp3-EZDKyOAsPY3ZP3N-otgmZe6AeYae3FKqtm9nLeQfXHmQMjAjQDNQ2cXPNmkQ_Kg7EMLztMCyqhM7tY69EbImLik6Wj9VpLpDzslPoUtFzYlCdnU-4dHnlPrGC9m9Ygsvy6jh_7O28geywUTHd1Giie4jrCkwNQe_4cne2zUZes-qp5CTSmdYLUEpelfsMgtgT5QkTf2j2gLm5kjKhkP9H6zPMLzTx6wUIrs-mbZvjTin5-9zySHD3RLHqNhh_Pkd5H0jm3nGgmjDai1EnYLTuyixhu6aO92-u8w2eyJQKcScPpfAqXimw8Gso4J2BcLjdXM6K7bP4LcK6ty-pgms8oAcTbsRmFUzDHzR0CFZcl_Hso0OL8&cid=CAASJORoSB5T4QWBCTEw23tgczCr3WmAKgAYSKdzsDAPrrDGV5_Hsw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
f855a67f3d33f360c684af4a7e163596c5dbb141afcc423873990f896e05d2b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34361
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B7A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkbcyME11byysRjKuN4RZXnGBOmF8Iy4yhqlQyQBmhV5uIsu8534t87gvVNieLajo0-l8W4U_mQzXPNR82we9KTrzAzUx91nnh8VNxv_JFoWIRVpo
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9B7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:08:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9B7A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:37:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B7A 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 92CE 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNW95RbbAkIp9x25Wjyyzjba1wn27ILbGcqNwdB93xEY2olju8a8YtcGmkKp1cV5hdRIKYYVbWWetS-SxDVx4PIMm6Zqig
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9EDC 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQIcQM-MlIRfqLuYVWvWAIEp02FOYK_rfiRSlOIvD16-O3wPvRc_JKG99dfS2VTCX5KYrPxj5BLLqp_2ti-_E-O7NjNwayK1X9IdLTR95RZ-LyQAfi-pOotKaanrtWimJKBTpKPyyqctmKWqYKMvquDVYxyg&dbm_d=AKAmf-CV6P47oxT6j8YDhnv2prumUD2N8Wbm0R-D8GqxZBW39VfRxslKm9Ryfi-gLlIAzB9rTs_5vKOp2Xybvr6OOCRw5qKtEscelcYS69pdgfMUS0PFwxhmCwTQf23vXZm-5nhmG0cwlPqMksffbl164ROWo3luqFcVJVKjg4H0-lPbemG1-fKgA-UnVeaMM0snbAwGCDYHu5g8WhPHpOhVJRNflMCm2rPOCMsly6XUS7MAbgxhcS45INbCRTPJOfxGhQdYlkwUmBjlqPs-pwUpNrLv_ss8-k3Oxq9I37vPkaS4othrprPbfbwbClZM-D4F9i5TNqWYZvwDXYPf075YYN77dnTcBCeInxvb-BHdV-RzyTnIOKTrvJ1hK3DGaG0loulMsnIkulFPSJDUBEOtTnBc6JbELsFWEMOSzv38xYrJNvyAgEhXFO7n2zO5_2tGIXnLVPSgpOVUQ4XC7Awji4rAUitcQbi0aL8EIN89p4GJXWTZR1_3aoL1NBJXnRDVCN4jueJcc6tl3tWNJCKIt9qnGQ3XfyMLSJY1-Lo5-NDbUMqR45ALCNQp1zZJDe_nZtZ5cJd1ZpU61rWa6oaBb357cPVyE_lJX8gbauXTHzyK6PkmwLcd2c7tsZHh0RZDN_LB5RL0hO6gebx61bKIN26UbSSYvj5qtmFJWl9ikeMMfHHlEXi149lwRwbZZU5srEimG3MKSK_zh9lb427DcSWXBo-gX-sTK3xAXjXDsC8Lozk2cOdli5udaB7yMnzDfi1mXv_AFHgQjpOj8BzHbHl8LWhMkACfibVwlzYojrFQ4FBovjWkwx3l0wIvfMJ1g8tvwFUjKIOZh1kC3D0tlSx1_JHcXGWFDMSUXTySqA_kaffCcEm4XJLA0KnY1NN1Ke6lLvwwpopikGHeU9qNzhiXLfUulTqD2EVQDgQGkYhngdZrejvMQ_2e80mneSvhQbzKMNIyjqMHs9nkF60lTmvTxY214D_qzMkfojn8ciz_s2qqB1O9uD33BpJ1ZnuM6B20EyIP_oQzziPpptQhR-DZ56KKTemQKlMJkuqwpc_qn04_JFVztF7jq9eRxSmb3rRv6gDKnJ_1QwtYOAjB4JsZlyf71k6ew__vZAGk6IiUYlsQVOeHW0YYLeNQQwF-FIRk4-IIbTDk3Et6heKpa9daeyqXjfXE_hrRC2eXTLWcw-VKeeFDcXREUB4LEWr5MlQfTXZDN3SfvdPeVBUDAxml0UV-M2u9srKZHiMg_PxG1bdy9v5rT2epjktUybyVWP_gg0GFsNd7TC7IE9SBjS5Eqng2duNnE-OF2pY7K_yj3njdMfB6JWRsqBOCmcv4uwh94l4iY_kHikMU0xYWl-8sD9QDHSTyK4OgqGwUisrQ_ciIfBWM7fxk7_ui8O_juwNGs21uVJm8FG2ChzXA7kHLSbHMLeDPIJzaNG7a0rW5GQkB12knRWWZkC75Ffnb3s_ydZxPbtNhefC4RSrmZDtLKUtYctHhX5BaKo8TBi6Q4PU3Su7YNgHiCQxUdKv67vADcZaSMToLEaU8JwnXez0v7cJ9Stx9QYAuNsxbrJAgUj2XFe9q1RVmUpB3bmtIupHWrlOQgLiS7iQAmkHt32Z19VwACsevCP2vIjyv7fzoGFcQ71qWwHnlns2Jm71TrPtoHjmMV5KLGkL3OdhkMWFmxcyDwe-p-hP7R3Kd5TNEB95bRY6YA2ey31dROeAP9z2px7YygJIPrvgZFTZv0aH_icntNy1WXyQ-igxG1ylP419u4tsAJr0Hpu9OV9HjOKc5AU8i6hagEynSON8BfM8weiZfTxmYN1HgRPlSW9qoVzs615Z7Fi0ThWrbLtuDJS0no9udm07SNhmurGQcYNEQs2jJp8fSWLYtNz5UDgRZYDRAeVjKkjllThCw1EGSL9oSeeN6gTfb9uUbNWbpzl_a8aRy2mGZhR8ddI7DrFrjGItbmpwUXV1VrtY0pOPurMT-25vTeC_NPROSZICaLURO9USjMXgpm9HTjOoeDKsqp36W7hT74VPuO5XcDPxOa4aTDI6smAKzDtPvXt1K3ejJVx6jFyp49GRGe7DbRtPi8-sVjMhNtyDuUoKB5fttE6lc7gLlq18IE7BOsfIndljZA0Y63b3WgqAfAz55EWNbJhK1PxUzaP-uGiLPHI8NMjOv1dGq36JSUIqtcgRehVmDpIjI8LWP174wxhZgFnSLv2YsaiQLOwU1n1WYISca6DEN4RmFV2m3bQeUyFqpSXGAyXQvWXvU3KN7Y3hywHoqNfCqjLdmtIOMA8HX0D-aZlQTIRuw3gl8D9p94NhVNPu-v08KsTo0_vl2iYYTNzSlqXBFgHEc78hHsUlYGB_5I6zjTYHNAIaDa361nXs2y7A1LOCvv5BQzfIzCHVc8n9wJFm891ICPlj-rjjBpMIAzCgaZpDGScZ4Daj3HGohFRhvUi-bYt9scELYOlOTPFuX_uWlG-HW7YTS1NhuDIEjN1Zqunp7Ti8dzcuUyE8SCHshXWQp3B442RmdtJAzYe4BPDMeexF8oS8dusHCT8Cfm5yGqD_VD-djrgJ2WunFcIZUNKfRBIrCmDE6I7uiXsmCa9l39m3R7Jhsu_nfl-1VAb4bOZg5vmPxOi_7r5Zw6S6gSGBB5XSfot8ZToC_e_Nc0PlWOw-y3svN0VpJt-nT78WCpFFol6-ODt91WakEV6yuQ4CYh8gW9CDcpYLDARDrFw73bT7c5f_s08tp_oHA8QYu6Fjp_vEQa9KzmVFbjZdUs97ugPnIhA9I0uzPfI9gCZsCFHMJmYhSkS_QjabflT9dQ2RO9TgopXRt_jFNeEpkL2wSr4miOzacjK6qluVEFpkoLA6LnxMfBE7IMZfh9FnAlhBHKzirV5lSLVaNvVu410YyvCrd4SOEZEV_R3h1xA4WbcVd72XSeH-lRkt-Vj-yF7K06_BgazeMj-pHAOt0-7o3nQ109R1gwC5qc5MQWEdwUO9q_pM4rqMA3PdRU5DVjQCZfcoH5BWTP2KyKCfm0Ys7aWaWnNoHxNQFYz2RRI4-v7bTxKrIvp_LanZeTniTrRbT6-tMxOefCIznEY5LWJTM0qxwfvPAxkrhZd4d5-CRqRNWxK0MUkIqyHGszOP7pQSSTpY9dQHWdlrCap6qDRArs5n0VMsGKUMZOgoGEtL3fc3CUEHWR8L_r7fsDRyJJEIQqqospVfSaXiZwwrwz3TBI4U6oB4zWRfgRCxW0kQUNeqXK-G9_Dskvqh-4VlAQuIYVBM7y6h7qc2DpqRHzvXZI12PxnYe78cJzJWaFNcNIFpZwhSSw8OSiY4oAVltOfm3Zq3c8zoJ-XZfC1-UqVbLiA&cid=CAASJORos5HRMIrDu8GSOq2b3Y0IlDMho0MegA3KFIVCSXAgFZfP0Q&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
2417c71c9e9b7576d676949d0850b33a69360295bb91bbe0a38d0e875af5ba47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34499
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EDC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCGtNF8-MHDuyP083XYNsM-9agLUOeQjyEfX_gFrNeOzHk-kcJy25saAI25KWbypCPTEERIpcFtxGvXKH-7LkrsEc5sXsv1O28cATTs60IqifShwY
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9EDC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:08:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9EDC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:37:22 GMT
l
www.google.com/ads/measurement/ Frame 9EDC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTf7SVGqEh7Dx8mfhKU-TL0pzQlw5uedISIgXqCmwdS2F7rpdGfSwuCPpED9rq8ESYdsWA79-4NQ7-KcZ9i5w6AzBxKnQ
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EDC 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 16E0 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
f00c1893364426fd8e64c20a93784fa2c2ef43dab57fd0e8c088052925991a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11355
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B603 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 04:26:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8FF1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
38205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 11:41:19 GMT
etag
48472445140208031
expires
Sun, 25 Sep 2022 11:41:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B603 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68f801024b70cfdb04c8854c6e137333cab900397adafc4238d5aa654d7083c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 45ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLeahC_-YoBGK_on9MBMAE&v=APEucNWQDCIuwvqIogymbKU7K04__xPdXTQUs4RZU6JjwpgissgvukqjdmxsH7RvVTQd_rYbdfw1HmZ1kCc7omv_IWNjpTu5Lw
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45ED
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLeahC_-YoBGK_on9MBMAE&v=APEucNWQDCIuwvqIogymbKU7K04__xPdXTQUs4RZU6JjwpgissgvukqjdmxsH7RvVTQd_rYbdfw1HmZ1kCc7omv_IWNjpTu5Lw
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 45ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLeahC_-YoBGK_on9MBMAE&v=APEucNWQDCIuwvqIogymbKU7K04__xPdXTQUs4RZU6JjwpgissgvukqjdmxsH7RvVTQd_rYbdfw1HmZ1kCc7omv_IWNjpTu5Lw
Protocol
H2
Server
23.50.119.72 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-119-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 24 Sep 2022 22:18:06 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45ED
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COLeahC_-YoBGK_on9MBMAE&v=APEucNWQDCIuwvqIogymbKU7K04__xPdXTQUs4RZU6JjwpgissgvukqjdmxsH7RvVTQd_rYbdfw1HmZ1kCc7omv_IWNjpTu5Lw
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 24 Sep 2022 22:18:06 GMT
sd
us-u.openx.net/w/1.0/ Frame 6C6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLioLhDv9MTxAhi_s6_RATAB&v=APEucNUzbgyQZIehKl_d1G4Xzl6wcQoeM0ksGIOWXRU4jbevIJUZZbCNZC5yYBHqPTiC0T8Q05GVOsy_aFkLEL0eRT-0aOzD4w
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C6C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLioLhDv9MTxAhi_s6_RATAB&v=APEucNUzbgyQZIehKl_d1G4Xzl6wcQoeM0ksGIOWXRU4jbevIJUZZbCNZC5yYBHqPTiC0T8Q05GVOsy_aFkLEL0eRT-0aOzD4w
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 6C6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLioLhDv9MTxAhi_s6_RATAB&v=APEucNUzbgyQZIehKl_d1G4Xzl6wcQoeM0ksGIOWXRU4jbevIJUZZbCNZC5yYBHqPTiC0T8Q05GVOsy_aFkLEL0eRT-0aOzD4w
Protocol
H2
Server
23.50.119.72 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-119-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 24 Sep 2022 22:18:06 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C6C
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLioLhDv9MTxAhi_s6_RATAB&v=APEucNUzbgyQZIehKl_d1G4Xzl6wcQoeM0ksGIOWXRU4jbevIJUZZbCNZC5yYBHqPTiC0T8Q05GVOsy_aFkLEL0eRT-0aOzD4w
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 24 Sep 2022 22:18:06 GMT
sd
us-u.openx.net/w/1.0/ Frame 92CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNW95RbbAkIp9x25Wjyyzjba1wn27ILbGcqNwdB93xEY2olju8a8YtcGmkKp1cV5hdRIKYYVbWWetS-SxDVx4PIMm6Zqig
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92CE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNW95RbbAkIp9x25Wjyyzjba1wn27ILbGcqNwdB93xEY2olju8a8YtcGmkKp1cV5hdRIKYYVbWWetS-SxDVx4PIMm6Zqig
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 92CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNW95RbbAkIp9x25Wjyyzjba1wn27ILbGcqNwdB93xEY2olju8a8YtcGmkKp1cV5hdRIKYYVbWWetS-SxDVx4PIMm6Zqig
Protocol
H2
Server
23.50.119.72 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-119-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 24 Sep 2022 22:18:06 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEAfw9qqsOhX4nVa7DZBGpNw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92CE
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNW95RbbAkIp9x25Wjyyzjba1wn27ILbGcqNwdB93xEY2olju8a8YtcGmkKp1cV5hdRIKYYVbWWetS-SxDVx4PIMm6Zqig
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTM0ODlkYjUtYzE1MS00MzkyLThjNGMtNzMxMTAzNmJhMWQ1
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 24 Sep 2022 22:18:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 16E0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:05 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Sep 2022 22:18:04 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9l0&_p=9665&cid=216763939.1664057884&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664057884&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&dt=%E6%B5%99%E6%B1%9F%E6%9D%AD%E5%B7%9E%E8%95%AD%E5%B1%B1%E5%9C%8B%E9%9A%9B%E6%A9%9F%E5%A0%B4%E4%B8%89%E6%9C%9F%E9%A0%85%E7%9B%AE%E6%AD%A3%E5%BC%8F%E6%8A%95%E9%81%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FF1
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESELvS7PMMGh79JY9Rw8AUVcg&google_cver=1&google_push=AZmPxg8aGtyPH3pj9wsLMXuciNNnWSY8Vrucr_gWAMwxC3IvCw96nTOyVwnK7r5KdpaNUkpCvjtpxGag_7KTgz9S_PcLcrZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8aGtyPH3pj9wsLMXuciNNnWSY8Vrucr_gWAMwxC3IvCw96nTOyVwnK7r5KdpaNUkpCvjtpxGag_7KTgz9S_PcLcrZhMA7V
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8aGtyPH3pj9wsLMXuciNNnWSY8Vrucr_gWAMwxC3IvCw96nTOyVwnK7r5KdpaNUkpCvjtpxGag_7KTgz9S_PcLcrZhMA7V
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8aGtyPH3pj9wsLMXuciNNnWSY8Vrucr_gWAMwxC3IvCw96nTOyVwnK7r5KdpaNUkpCvjtpxGag_7KTgz9S_PcLcrZhMA7V
Date
Sat, 24 Sep 2022 22:18:05 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8FF1
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEAvOqVhp7j4iAq6cVSrAJfM&google_cver=1&google_push=AZmPxg-cyCCSAX0DucAKnBQ0LdCCVAA3WacNQdUt565Rj7htHPoAUWqEtvLSPJVL0xXHBep_Ybqkd...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-cyCCSAX0DucAKnBQ0LdCCVAA3WacNQdUt565Rj7htHPoAUWqEtvLSPJVL0xXHBep_Ybqkde8J2rW3nghZ10XNwEdqBHY&google_hm=ckdadWF2ZU5HR2FtQ0tl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-cyCCSAX0DucAKnBQ0LdCCVAA3WacNQdUt565Rj7htHPoAUWqEtvLSPJVL0xXHBep_Ybqkde8J2rW3nghZ10XNwEdqBHY&google_hm=ckdadWF2ZU5HR2FtQ0tlbENkeDRhMmk3NTcw&from_google=sp1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:05 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-cyCCSAX0DucAKnBQ0LdCCVAA3WacNQdUt565Rj7htHPoAUWqEtvLSPJVL0xXHBep_Ybqkde8J2rW3nghZ10XNwEdqBHY&google_hm=ckdadWF2ZU5HR2FtQ0tlbENkeDRhMmk3NTcw&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 8FF1
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEF8uAccJk9laxMyXb2iNvMs&google_cver=1&google_push=AZmPxg_PD-KCsa5RNUNL8BevePt2KtGUTfkLzzKLlr1YUx5XaG5u0vM1xnWKtL1UXvSxftQCyoQZL0pHatMnLB-UJ6hykdaeUXVo
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_PD-KCsa5RNUNL8BevePt2KtGUTfkLzzKLlr1YUx5XaG5u0vM1xnWKtL1UXvSxftQCyoQZL0pHatMnLB-UJ6hykdaeUXVo&google_hm=Z2Y1MmY1MDBmYjhmY2Y5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_PD-KCsa5RNUNL8BevePt2KtGUTfkLzzKLlr1YUx5XaG5u0vM1xnWKtL1UXvSxftQCyoQZL0pHatMnLB-UJ6hykdaeUXVo&google_hm=Z2Y1MmY1MDBmYjhmY2Y5ZDFlMDI=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_PD-KCsa5RNUNL8BevePt2KtGUTfkLzzKLlr1YUx5XaG5u0vM1xnWKtL1UXvSxftQCyoQZL0pHatMnLB-UJ6hykdaeUXVo&google_hm=Z2Y1MmY1MDBmYjhmY2Y5ZDFlMDI=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8FF1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECs3KQHle9qZQ9da6o-8Tck&google_cver=1&google_push=AZmPxg-k9OZQPbmqbXRoZb4wswhKuLidrEXkEgRJkXDPNTjDbbY6LGH-OkEcwJg4Os9tJfQTJsu_p7...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg-k9OZQPbmqbXRoZb4wswhKuLidrEXkEgRJkXDPNTjDbbY6LGH-OkEcwJg4Os9tJfQTJsu_p7UjuDB6DDO_Kd0WKOnn1QX1&google_hm=MzU4MDI1MT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg-k9OZQPbmqbXRoZb4wswhKuLidrEXkEgRJkXDPNTjDbbY6LGH-OkEcwJg4Os9tJfQTJsu_p7UjuDB6DDO_Kd0WKOnn1QX1&google_hm=MzU4MDI1MTM4MzU5NzQ1NTkxMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg-k9OZQPbmqbXRoZb4wswhKuLidrEXkEgRJkXDPNTjDbbY6LGH-OkEcwJg4Os9tJfQTJsu_p7UjuDB6DDO_Kd0WKOnn1QX1&google_hm=MzU4MDI1MTM4MzU5NzQ1NTkxMQ%3D%3D
date
Sat, 24 Sep 2022 22:18:04 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8FF1
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESENyiw66T3ouO8ksU6-jDoBM&google_cver=1&google_push=AZmPxg9foxQ5wOGLOqwPtqhIUarB45yM5Ml2rxWTBWg0KpADR8agBg26f...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg9foxQ5wOGLOqwPtqhIUarB45yM5Ml2rxWTBWg0KpADR8agBg26f8WPaPXfUNUWwuIxox1_FtwZ4lMvSpyUViOamA2ZhlaxwA&google_hm=QlMuODdhOS00YmM2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg9foxQ5wOGLOqwPtqhIUarB45yM5Ml2rxWTBWg0KpADR8agBg26f8WPaPXfUNUWwuIxox1_FtwZ4lMvSpyUViOamA2ZhlaxwA&google_hm=QlMuODdhOS00YmM2LTQzZGUtYjU2Nw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg9foxQ5wOGLOqwPtqhIUarB45yM5Ml2rxWTBWg0KpADR8agBg26f8WPaPXfUNUWwuIxox1_FtwZ4lMvSpyUViOamA2ZhlaxwA&google_hm=QlMuODdhOS00YmM2LTQzZGUtYjU2Nw==
Date
Sat, 24 Sep 2022 22:18:05 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 8FF1
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJ_LzvrYyecV6Vd-jkPCHxA&google_cver=1&google_push=AZmPxg9hRd7_MrgO74y0tu7FGxN9SC-vB9PoEDFwLQS0eV1Wf8-DBSCuvtyOvWEc...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJ_LzvrYyecV6Vd-jkPCHxA&google_cver=1&google_push=AZmPxg9hRd7_MrgO74y0tu7FGxN9SC-vB9PoEDFwLQS0eV1Wf8-DBSCuvtyOvWEc...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg9hRd7_MrgO74y0tu7FGxN9SC-vB9PoEDFwLQS0eV1Wf8-DBSCuvtyOvWEc7kaZUecM7LOGFX_eGu8S2meQHMSTo4BsZzAUJg&google_hm=MVg0ZXEyMkVUc...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg9hRd7_MrgO74y0tu7FGxN9SC-vB9PoEDFwLQS0eV1Wf8-DBSCuvtyOvWEc7kaZUecM7LOGFX_eGu8S2meQHMSTo4BsZzAUJg&google_hm=MVg0ZXEyMkVUc3U=&suid-set=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:06 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg9hRd7_MrgO74y0tu7FGxN9SC-vB9PoEDFwLQS0eV1Wf8-DBSCuvtyOvWEc7kaZUecM7LOGFX_eGu8S2meQHMSTo4BsZzAUJg&google_hm=MVg0ZXEyMkVUc3U=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
spacer.gif
an.yandex.ru/resource/ Frame 8FF1
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?ext-param=AZmPxg_VS4MbEuIYPFLDsfpNEJ2Ju43tXlKZ34Ph9hNw6nQ_WGg9SA8L2jRxlZWY7ygqeYCCrZL_i7hm1evH2tM5XQDgFwMSt06WwQ&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?redir-setuniq=1&ext-param=AZmPxg_VS4MbEuIYPFLDsfpNEJ2Ju43tXlKZ34Ph9hNw6nQ_WGg9SA8L2jRxlZWY7ygqeYCCrZL_i7hm1evH2tM5XQDgFwMSt06WwQ&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEypW96PXKPkbzmXOe6Smcc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:07 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 22:18:07 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8FF1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JN3gu8eKRFvQOSoklaMEhPmNoNB2WErwXyObE4PinkqubZLkiOIXNa6u_hqT1CTgPNyWyo0RK5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7096 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
238162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 04:08:43 GMT
expires
Fri, 22 Sep 2023 04:08:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:05 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Sep 2022 22:18:05 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 7096 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9EDC 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Origin
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 9EDC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQIcQM-MlIRfqLuYVWvWAIEp02FOYK_rfiRSlOIvD16-O3wPvRc_JKG99dfS2VTCX5KYrPxj5BLLqp_2ti-_E-O7NjNwayK1X9IdLTR95RZ-LyQAfi-pOotKaanrtWimJKBTpKPyyqctmKWqYKMvquDVYxyg&dbm_d=AKAmf-CV6P47oxT6j8YDhnv2prumUD2N8Wbm0R-D8GqxZBW39VfRxslKm9Ryfi-gLlIAzB9rTs_5vKOp2Xybvr6OOCRw5qKtEscelcYS69pdgfMUS0PFwxhmCwTQf23vXZm-5nhmG0cwlPqMksffbl164ROWo3luqFcVJVKjg4H0-lPbemG1-fKgA-UnVeaMM0snbAwGCDYHu5g8WhPHpOhVJRNflMCm2rPOCMsly6XUS7MAbgxhcS45INbCRTPJOfxGhQdYlkwUmBjlqPs-pwUpNrLv_ss8-k3Oxq9I37vPkaS4othrprPbfbwbClZM-D4F9i5TNqWYZvwDXYPf075YYN77dnTcBCeInxvb-BHdV-RzyTnIOKTrvJ1hK3DGaG0loulMsnIkulFPSJDUBEOtTnBc6JbELsFWEMOSzv38xYrJNvyAgEhXFO7n2zO5_2tGIXnLVPSgpOVUQ4XC7Awji4rAUitcQbi0aL8EIN89p4GJXWTZR1_3aoL1NBJXnRDVCN4jueJcc6tl3tWNJCKIt9qnGQ3XfyMLSJY1-Lo5-NDbUMqR45ALCNQp1zZJDe_nZtZ5cJd1ZpU61rWa6oaBb357cPVyE_lJX8gbauXTHzyK6PkmwLcd2c7tsZHh0RZDN_LB5RL0hO6gebx61bKIN26UbSSYvj5qtmFJWl9ikeMMfHHlEXi149lwRwbZZU5srEimG3MKSK_zh9lb427DcSWXBo-gX-sTK3xAXjXDsC8Lozk2cOdli5udaB7yMnzDfi1mXv_AFHgQjpOj8BzHbHl8LWhMkACfibVwlzYojrFQ4FBovjWkwx3l0wIvfMJ1g8tvwFUjKIOZh1kC3D0tlSx1_JHcXGWFDMSUXTySqA_kaffCcEm4XJLA0KnY1NN1Ke6lLvwwpopikGHeU9qNzhiXLfUulTqD2EVQDgQGkYhngdZrejvMQ_2e80mneSvhQbzKMNIyjqMHs9nkF60lTmvTxY214D_qzMkfojn8ciz_s2qqB1O9uD33BpJ1ZnuM6B20EyIP_oQzziPpptQhR-DZ56KKTemQKlMJkuqwpc_qn04_JFVztF7jq9eRxSmb3rRv6gDKnJ_1QwtYOAjB4JsZlyf71k6ew__vZAGk6IiUYlsQVOeHW0YYLeNQQwF-FIRk4-IIbTDk3Et6heKpa9daeyqXjfXE_hrRC2eXTLWcw-VKeeFDcXREUB4LEWr5MlQfTXZDN3SfvdPeVBUDAxml0UV-M2u9srKZHiMg_PxG1bdy9v5rT2epjktUybyVWP_gg0GFsNd7TC7IE9SBjS5Eqng2duNnE-OF2pY7K_yj3njdMfB6JWRsqBOCmcv4uwh94l4iY_kHikMU0xYWl-8sD9QDHSTyK4OgqGwUisrQ_ciIfBWM7fxk7_ui8O_juwNGs21uVJm8FG2ChzXA7kHLSbHMLeDPIJzaNG7a0rW5GQkB12knRWWZkC75Ffnb3s_ydZxPbtNhefC4RSrmZDtLKUtYctHhX5BaKo8TBi6Q4PU3Su7YNgHiCQxUdKv67vADcZaSMToLEaU8JwnXez0v7cJ9Stx9QYAuNsxbrJAgUj2XFe9q1RVmUpB3bmtIupHWrlOQgLiS7iQAmkHt32Z19VwACsevCP2vIjyv7fzoGFcQ71qWwHnlns2Jm71TrPtoHjmMV5KLGkL3OdhkMWFmxcyDwe-p-hP7R3Kd5TNEB95bRY6YA2ey31dROeAP9z2px7YygJIPrvgZFTZv0aH_icntNy1WXyQ-igxG1ylP419u4tsAJr0Hpu9OV9HjOKc5AU8i6hagEynSON8BfM8weiZfTxmYN1HgRPlSW9qoVzs615Z7Fi0ThWrbLtuDJS0no9udm07SNhmurGQcYNEQs2jJp8fSWLYtNz5UDgRZYDRAeVjKkjllThCw1EGSL9oSeeN6gTfb9uUbNWbpzl_a8aRy2mGZhR8ddI7DrFrjGItbmpwUXV1VrtY0pOPurMT-25vTeC_NPROSZICaLURO9USjMXgpm9HTjOoeDKsqp36W7hT74VPuO5XcDPxOa4aTDI6smAKzDtPvXt1K3ejJVx6jFyp49GRGe7DbRtPi8-sVjMhNtyDuUoKB5fttE6lc7gLlq18IE7BOsfIndljZA0Y63b3WgqAfAz55EWNbJhK1PxUzaP-uGiLPHI8NMjOv1dGq36JSUIqtcgRehVmDpIjI8LWP174wxhZgFnSLv2YsaiQLOwU1n1WYISca6DEN4RmFV2m3bQeUyFqpSXGAyXQvWXvU3KN7Y3hywHoqNfCqjLdmtIOMA8HX0D-aZlQTIRuw3gl8D9p94NhVNPu-v08KsTo0_vl2iYYTNzSlqXBFgHEc78hHsUlYGB_5I6zjTYHNAIaDa361nXs2y7A1LOCvv5BQzfIzCHVc8n9wJFm891ICPlj-rjjBpMIAzCgaZpDGScZ4Daj3HGohFRhvUi-bYt9scELYOlOTPFuX_uWlG-HW7YTS1NhuDIEjN1Zqunp7Ti8dzcuUyE8SCHshXWQp3B442RmdtJAzYe4BPDMeexF8oS8dusHCT8Cfm5yGqD_VD-djrgJ2WunFcIZUNKfRBIrCmDE6I7uiXsmCa9l39m3R7Jhsu_nfl-1VAb4bOZg5vmPxOi_7r5Zw6S6gSGBB5XSfot8ZToC_e_Nc0PlWOw-y3svN0VpJt-nT78WCpFFol6-ODt91WakEV6yuQ4CYh8gW9CDcpYLDARDrFw73bT7c5f_s08tp_oHA8QYu6Fjp_vEQa9KzmVFbjZdUs97ugPnIhA9I0uzPfI9gCZsCFHMJmYhSkS_QjabflT9dQ2RO9TgopXRt_jFNeEpkL2wSr4miOzacjK6qluVEFpkoLA6LnxMfBE7IMZfh9FnAlhBHKzirV5lSLVaNvVu410YyvCrd4SOEZEV_R3h1xA4WbcVd72XSeH-lRkt-Vj-yF7K06_BgazeMj-pHAOt0-7o3nQ109R1gwC5qc5MQWEdwUO9q_pM4rqMA3PdRU5DVjQCZfcoH5BWTP2KyKCfm0Ys7aWaWnNoHxNQFYz2RRI4-v7bTxKrIvp_LanZeTniTrRbT6-tMxOefCIznEY5LWJTM0qxwfvPAxkrhZd4d5-CRqRNWxK0MUkIqyHGszOP7pQSSTpY9dQHWdlrCap6qDRArs5n0VMsGKUMZOgoGEtL3fc3CUEHWR8L_r7fsDRyJJEIQqqospVfSaXiZwwrwz3TBI4U6oB4zWRfgRCxW0kQUNeqXK-G9_Dskvqh-4VlAQuIYVBM7y6h7qc2DpqRHzvXZI12PxnYe78cJzJWaFNcNIFpZwhSSw8OSiY4oAVltOfm3Zq3c8zoJ-XZfC1-UqVbLiA&cid=CAASJORos5HRMIrDu8GSOq2b3Y0IlDMho0MegA3KFIVCSXAgFZfP0Q&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 19:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 19:13:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 9EDC 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQIcQM-MlIRfqLuYVWvWAIEp02FOYK_rfiRSlOIvD16-O3wPvRc_JKG99dfS2VTCX5KYrPxj5BLLqp_2ti-_E-O7NjNwayK1X9IdLTR95RZ-LyQAfi-pOotKaanrtWimJKBTpKPyyqctmKWqYKMvquDVYxyg&dbm_d=AKAmf-CV6P47oxT6j8YDhnv2prumUD2N8Wbm0R-D8GqxZBW39VfRxslKm9Ryfi-gLlIAzB9rTs_5vKOp2Xybvr6OOCRw5qKtEscelcYS69pdgfMUS0PFwxhmCwTQf23vXZm-5nhmG0cwlPqMksffbl164ROWo3luqFcVJVKjg4H0-lPbemG1-fKgA-UnVeaMM0snbAwGCDYHu5g8WhPHpOhVJRNflMCm2rPOCMsly6XUS7MAbgxhcS45INbCRTPJOfxGhQdYlkwUmBjlqPs-pwUpNrLv_ss8-k3Oxq9I37vPkaS4othrprPbfbwbClZM-D4F9i5TNqWYZvwDXYPf075YYN77dnTcBCeInxvb-BHdV-RzyTnIOKTrvJ1hK3DGaG0loulMsnIkulFPSJDUBEOtTnBc6JbELsFWEMOSzv38xYrJNvyAgEhXFO7n2zO5_2tGIXnLVPSgpOVUQ4XC7Awji4rAUitcQbi0aL8EIN89p4GJXWTZR1_3aoL1NBJXnRDVCN4jueJcc6tl3tWNJCKIt9qnGQ3XfyMLSJY1-Lo5-NDbUMqR45ALCNQp1zZJDe_nZtZ5cJd1ZpU61rWa6oaBb357cPVyE_lJX8gbauXTHzyK6PkmwLcd2c7tsZHh0RZDN_LB5RL0hO6gebx61bKIN26UbSSYvj5qtmFJWl9ikeMMfHHlEXi149lwRwbZZU5srEimG3MKSK_zh9lb427DcSWXBo-gX-sTK3xAXjXDsC8Lozk2cOdli5udaB7yMnzDfi1mXv_AFHgQjpOj8BzHbHl8LWhMkACfibVwlzYojrFQ4FBovjWkwx3l0wIvfMJ1g8tvwFUjKIOZh1kC3D0tlSx1_JHcXGWFDMSUXTySqA_kaffCcEm4XJLA0KnY1NN1Ke6lLvwwpopikGHeU9qNzhiXLfUulTqD2EVQDgQGkYhngdZrejvMQ_2e80mneSvhQbzKMNIyjqMHs9nkF60lTmvTxY214D_qzMkfojn8ciz_s2qqB1O9uD33BpJ1ZnuM6B20EyIP_oQzziPpptQhR-DZ56KKTemQKlMJkuqwpc_qn04_JFVztF7jq9eRxSmb3rRv6gDKnJ_1QwtYOAjB4JsZlyf71k6ew__vZAGk6IiUYlsQVOeHW0YYLeNQQwF-FIRk4-IIbTDk3Et6heKpa9daeyqXjfXE_hrRC2eXTLWcw-VKeeFDcXREUB4LEWr5MlQfTXZDN3SfvdPeVBUDAxml0UV-M2u9srKZHiMg_PxG1bdy9v5rT2epjktUybyVWP_gg0GFsNd7TC7IE9SBjS5Eqng2duNnE-OF2pY7K_yj3njdMfB6JWRsqBOCmcv4uwh94l4iY_kHikMU0xYWl-8sD9QDHSTyK4OgqGwUisrQ_ciIfBWM7fxk7_ui8O_juwNGs21uVJm8FG2ChzXA7kHLSbHMLeDPIJzaNG7a0rW5GQkB12knRWWZkC75Ffnb3s_ydZxPbtNhefC4RSrmZDtLKUtYctHhX5BaKo8TBi6Q4PU3Su7YNgHiCQxUdKv67vADcZaSMToLEaU8JwnXez0v7cJ9Stx9QYAuNsxbrJAgUj2XFe9q1RVmUpB3bmtIupHWrlOQgLiS7iQAmkHt32Z19VwACsevCP2vIjyv7fzoGFcQ71qWwHnlns2Jm71TrPtoHjmMV5KLGkL3OdhkMWFmxcyDwe-p-hP7R3Kd5TNEB95bRY6YA2ey31dROeAP9z2px7YygJIPrvgZFTZv0aH_icntNy1WXyQ-igxG1ylP419u4tsAJr0Hpu9OV9HjOKc5AU8i6hagEynSON8BfM8weiZfTxmYN1HgRPlSW9qoVzs615Z7Fi0ThWrbLtuDJS0no9udm07SNhmurGQcYNEQs2jJp8fSWLYtNz5UDgRZYDRAeVjKkjllThCw1EGSL9oSeeN6gTfb9uUbNWbpzl_a8aRy2mGZhR8ddI7DrFrjGItbmpwUXV1VrtY0pOPurMT-25vTeC_NPROSZICaLURO9USjMXgpm9HTjOoeDKsqp36W7hT74VPuO5XcDPxOa4aTDI6smAKzDtPvXt1K3ejJVx6jFyp49GRGe7DbRtPi8-sVjMhNtyDuUoKB5fttE6lc7gLlq18IE7BOsfIndljZA0Y63b3WgqAfAz55EWNbJhK1PxUzaP-uGiLPHI8NMjOv1dGq36JSUIqtcgRehVmDpIjI8LWP174wxhZgFnSLv2YsaiQLOwU1n1WYISca6DEN4RmFV2m3bQeUyFqpSXGAyXQvWXvU3KN7Y3hywHoqNfCqjLdmtIOMA8HX0D-aZlQTIRuw3gl8D9p94NhVNPu-v08KsTo0_vl2iYYTNzSlqXBFgHEc78hHsUlYGB_5I6zjTYHNAIaDa361nXs2y7A1LOCvv5BQzfIzCHVc8n9wJFm891ICPlj-rjjBpMIAzCgaZpDGScZ4Daj3HGohFRhvUi-bYt9scELYOlOTPFuX_uWlG-HW7YTS1NhuDIEjN1Zqunp7Ti8dzcuUyE8SCHshXWQp3B442RmdtJAzYe4BPDMeexF8oS8dusHCT8Cfm5yGqD_VD-djrgJ2WunFcIZUNKfRBIrCmDE6I7uiXsmCa9l39m3R7Jhsu_nfl-1VAb4bOZg5vmPxOi_7r5Zw6S6gSGBB5XSfot8ZToC_e_Nc0PlWOw-y3svN0VpJt-nT78WCpFFol6-ODt91WakEV6yuQ4CYh8gW9CDcpYLDARDrFw73bT7c5f_s08tp_oHA8QYu6Fjp_vEQa9KzmVFbjZdUs97ugPnIhA9I0uzPfI9gCZsCFHMJmYhSkS_QjabflT9dQ2RO9TgopXRt_jFNeEpkL2wSr4miOzacjK6qluVEFpkoLA6LnxMfBE7IMZfh9FnAlhBHKzirV5lSLVaNvVu410YyvCrd4SOEZEV_R3h1xA4WbcVd72XSeH-lRkt-Vj-yF7K06_BgazeMj-pHAOt0-7o3nQ109R1gwC5qc5MQWEdwUO9q_pM4rqMA3PdRU5DVjQCZfcoH5BWTP2KyKCfm0Ys7aWaWnNoHxNQFYz2RRI4-v7bTxKrIvp_LanZeTniTrRbT6-tMxOefCIznEY5LWJTM0qxwfvPAxkrhZd4d5-CRqRNWxK0MUkIqyHGszOP7pQSSTpY9dQHWdlrCap6qDRArs5n0VMsGKUMZOgoGEtL3fc3CUEHWR8L_r7fsDRyJJEIQqqospVfSaXiZwwrwz3TBI4U6oB4zWRfgRCxW0kQUNeqXK-G9_Dskvqh-4VlAQuIYVBM7y6h7qc2DpqRHzvXZI12PxnYe78cJzJWaFNcNIFpZwhSSw8OSiY4oAVltOfm3Zq3c8zoJ-XZfC1-UqVbLiA&cid=CAASJORos5HRMIrDu8GSOq2b3Y0IlDMho0MegA3KFIVCSXAgFZfP0Q&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:52:12 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D306 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Origin
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame D306 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGNcsKdT9Z2Qfj96rqAynxpEu4sBgXFOe_JEnhQhV_yMMMPPFQ1JlgRPmQx5k5RpKkz-1mLHyHJ3K7CZdIjWQV0pePxg&cry=1&dbm_d=AKAmf-AtkztIvC9ijtwrs2q38qJhi7hEC25vSnnmInfEAWHE0DlcgqACuxOHB3qP8c-LiLo-kdlLRjRS8FuG0YU3SKoBzUCKtP4p1jz3OlazA-YUkxTMPCLzAM6LeB9yWHT_vIWiw5izakqoz61whhYxwEdIIUTXHNhQXE3IY9OXns9zDoLma-CHA_H_vJA_AAhVjWjKcf4z6PBnkOCMQ-514_X8Z96MVrFJ7tskGmHwa44gil9_8fnuuejZt_yMNyyMoo2zFTkR-UoMRFuQLVARaz8nU97WNljgEurBdfR95ZOtxnpYirC09d_UYl9HU0M5FAKayKZAh0tDnub39iQSFDWu_iHnh8Lyzk32eVQgnOIZIqSOqk9WFq69a2LRIQ96vrkqdWEeGYqMomM0DkF4FyrV8u7FPkWqkMPaYJWXKb8W38Gcaz54wF0Dk5VyeBW3tsIr2rlawie5PQmGVj7plkJEittumNwG6v9fxb3BrJdW2mSBTeSexrK3fdKc9kLRZhN3xFLnYEVYsG0KSBoV3UKfwJ1yHX-Pjs6ZzqgF8wzXSzUiwsV8-UxgsX5EEUNNCNtOhjmF-kHNol3on8qW67dZexLPADG6hTU34xhDOcMDU5M1wWdfBAmbqC8cdg43l6yYsWzEL03UE2rRyjAJsw6hG53UoB7OU48O2MfEgLNok8TQS3sSajdfCBHJ2scBnTzVcJ6W095ZdgDQr56Q-_XcANZXMsab0DE8I6VsW_y4qvJSEpP4yher-LLo1z3B_7bq4zNzzxuu4aXW4BeyQFLjEss0I2_r0pziRwyyviGMCNHqqbsZB8LdgxTb-_K4bkTpQSyMkadNPTodkgIEnsTP73VxTBtK_B-xiH43jcsblhgl_3xtUHEfRcPycHXNVCgC9aWcLbD2PHNEwvCHe_0CiFo5f6zYVVT10G9KaBJDvOK2NCNFZ--IDiWvOp9U8_VxjJxrk7T9ltapgHNHhPd_GbyggjV95TDAlI9eiM_jBAz0ET1DipzxfmmGJuJvZU2ZypnNncbsaRkoIZMqJiZriSYXPOGFmRbaNvNFBZooGjGVcNA-YTwQUTgeW1dyLXK9AmB3EfrnhlnQHndbRwq6YQLTr90i0ixsFVtdiU7TyHRo-9h-nInFlobGa5TmXW5n8Mh1jU5-gAJvycZXYPx7vLKKT8U6ai6ictNrsk12_7CeDkqMwkQ5Mqaz2v-tM5F-6mklTwBYmiJigFiJiUJ4XHubwdKT4ENhdFNNJvKDeqLen6tkBIN6s_72aglZkNW7Svqs8eeok6SodnjYphSlLRVt1lLs6rz0FYyk8ZFAOH46wt_fIUvx5Zk7W2SsJ7S8BNvA5P_l-shkqYYdt91z4wbChAiW5n1kzvN6peBxNIOnabRKfjyOfrumzwd6w1u1mOu7ZUEUxty7stu8UnLVm6McIMnxdJrugSR6x5pkeejE_mJLba-ud_Ix_TydYJLncCyU5gbzWEGs4qG2L7B6Gjg-IA1MafqckAdVRux_7Srcm441iVYbpPZI9HW8ha79KWoHgiPlVmSNi7-ftEqpg9sIj7unOyDIetZl9VRH6iiO5GbwX35JkMjw5tmOPWSri33lIc67-hZLrjts3vQELtwQt23Cu5ZlTsexQCwKVHxA_z2HHIyv8zV6mzzj3G-QA-aJGxSSZVLFGe2o2qcpSeT57EY0GmgDuYquPa2uZ2XbXtAHDjcp2jLhUXE75pjvEY8vFbjgj1qv_bHS7iOxh78IaYylfQKkBD6n1SAbL4y7FfCzu3BTr_NPa-1TArkBtyXRvA6MRD1KuLHXrj5FWH5Nkx731pbc_CQUOeTZccrbIBeXZDuTSew3C5d_aCIo8s0p3TTU44QZxVjCqwh1_xVOew-Wkd592ta_AQlIBY9epyTDaNOxEptWLFAHRettjIx068QFTAYL5Yp5nLxF37FS6Hgp2blnR2RLVYc5CKaYrWYZN8aWoBx5ag3zxdAbmwiqT9xyKS4tOrLsDUwC4TLegeJpNhbmePKkK72-0zk_SBsyc11Ig8XYNJnoAwYhq4Swe_5hAXw9rEPFBQRfs_s-s-3X6ypebgyPPCaSW3c8x2ZdYAJNcWT17Yo3j_Zr0dIABysVW9JSK1T_AKTMpo9pd6oilO1k-SrJKeDm7LokOW4D2ihEvEF0k8LZs1sCmuoYBOvomVvGNg1ZEDLuq2vdw0nCaptTDN1ZSj3kw21leCgjqN_pGRbLIS7zRdhyDKbZL0hNw3ndi6oGc7Fp2v9uv0OOfrzvs9Evb7DLcPSK8DyGW7g8-jwihIXx7OWclFCrHI90Ndhnn3bwgskR6ixl9QriiNhZbwM91T1AJ8ARemnZgKXcXM1_VR5JIFQJq3fMeP5eXabPmmztqzRwRd3T6boJfRPK294AWy3pPscV-FXHWXp8_Q99avxvmcjbfH9ZNw2Il12HLeiM0oarUG4y0MPaQ2-bh20c3T_kr8haFaq2JceEoEoioQPEOd-zSi8i94HvKi3j8m8mgfhkdrOpyxrSvJIqmZwsUvYlyAeN__fVsgoMkzzjpeTyNO8ePCFZzR-QsJM4h2bITYAkyGS0RE-5BiH8M0Y5tPnMzlw8bi9UI4KglUTi-OQAZ_QRr2rfv_rRtXSJrOS_dBrQtPa4eccGokEz0ypoUM9Ann5yHaqe94b3tu67UNDSg2SNIV4XdNzMhpyUB-BAcSY_E4C4rXLWpo7DMS4Nfh32-fM8WOcUbCXNNaIhBBqmD_jDj5hpVbp-8hO89azeoQy2ifb7mn2twskr0GXp_UuwyaamSYFtQDxM21haZhaLP36FTi0q4ejj0QImx5ET49BL8_koJ_PAuEMZJ7aV3OdnwMjBpGJ5nPOSrlupmz5Ifpu4vP_sgfpe1JtIB6OfbIdn7d6-425rwNlKiO31as5JBBZXjPkEmWNrAS7YgsZCZe1D0zSHOKdWix6GRkRyPEcDlyaehwzD0dhHl_Y3EdGkLVsQ17zEmJ9YeaKaYJuP_PrCUN5FoHr5AUsp8S2ozAHlxLq8AXFg0FJz6OjuJcDeM6tbSRrmZHhxtrGpH4u-CDyJsGwZuDOkJ0TeGU2VMaUo-zpAOtWf6UhvyyRekbfovidR3HnT5BXriUisu-HCfMSiCSJJ2VD9yHTYagrCO2VcxhHJPVbdeCX8NqRKmmwczyi0PFo5t-9TC7txd_4CPkFZ6tDRNYucfPZb71csooZqWx9pYSD6Olm2MPWP2O-InsB_FGlDICCxbAWCM2jcGzjG6ff6K3jY8ghComlm_fRxWk1C9_iLQMVR2es-5PRhxjKppbKuc2Kzo8pZ9eKQLk0JR0Fne-CudlsmmOf9QD9IDbrSRWFnlLheQiD2oh-jV28cCzShMUZuEDa65co3msfV-L9VG7cAaQ2rQ5QlwPzUyz100g&cid=CAASJORodi0FUrQQ_uv-ZUXcsKLvXGWPPem0nPYqNP7han_gnAxSpg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 19:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 19:13:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame D306 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGNcsKdT9Z2Qfj96rqAynxpEu4sBgXFOe_JEnhQhV_yMMMPPFQ1JlgRPmQx5k5RpKkz-1mLHyHJ3K7CZdIjWQV0pePxg&cry=1&dbm_d=AKAmf-AtkztIvC9ijtwrs2q38qJhi7hEC25vSnnmInfEAWHE0DlcgqACuxOHB3qP8c-LiLo-kdlLRjRS8FuG0YU3SKoBzUCKtP4p1jz3OlazA-YUkxTMPCLzAM6LeB9yWHT_vIWiw5izakqoz61whhYxwEdIIUTXHNhQXE3IY9OXns9zDoLma-CHA_H_vJA_AAhVjWjKcf4z6PBnkOCMQ-514_X8Z96MVrFJ7tskGmHwa44gil9_8fnuuejZt_yMNyyMoo2zFTkR-UoMRFuQLVARaz8nU97WNljgEurBdfR95ZOtxnpYirC09d_UYl9HU0M5FAKayKZAh0tDnub39iQSFDWu_iHnh8Lyzk32eVQgnOIZIqSOqk9WFq69a2LRIQ96vrkqdWEeGYqMomM0DkF4FyrV8u7FPkWqkMPaYJWXKb8W38Gcaz54wF0Dk5VyeBW3tsIr2rlawie5PQmGVj7plkJEittumNwG6v9fxb3BrJdW2mSBTeSexrK3fdKc9kLRZhN3xFLnYEVYsG0KSBoV3UKfwJ1yHX-Pjs6ZzqgF8wzXSzUiwsV8-UxgsX5EEUNNCNtOhjmF-kHNol3on8qW67dZexLPADG6hTU34xhDOcMDU5M1wWdfBAmbqC8cdg43l6yYsWzEL03UE2rRyjAJsw6hG53UoB7OU48O2MfEgLNok8TQS3sSajdfCBHJ2scBnTzVcJ6W095ZdgDQr56Q-_XcANZXMsab0DE8I6VsW_y4qvJSEpP4yher-LLo1z3B_7bq4zNzzxuu4aXW4BeyQFLjEss0I2_r0pziRwyyviGMCNHqqbsZB8LdgxTb-_K4bkTpQSyMkadNPTodkgIEnsTP73VxTBtK_B-xiH43jcsblhgl_3xtUHEfRcPycHXNVCgC9aWcLbD2PHNEwvCHe_0CiFo5f6zYVVT10G9KaBJDvOK2NCNFZ--IDiWvOp9U8_VxjJxrk7T9ltapgHNHhPd_GbyggjV95TDAlI9eiM_jBAz0ET1DipzxfmmGJuJvZU2ZypnNncbsaRkoIZMqJiZriSYXPOGFmRbaNvNFBZooGjGVcNA-YTwQUTgeW1dyLXK9AmB3EfrnhlnQHndbRwq6YQLTr90i0ixsFVtdiU7TyHRo-9h-nInFlobGa5TmXW5n8Mh1jU5-gAJvycZXYPx7vLKKT8U6ai6ictNrsk12_7CeDkqMwkQ5Mqaz2v-tM5F-6mklTwBYmiJigFiJiUJ4XHubwdKT4ENhdFNNJvKDeqLen6tkBIN6s_72aglZkNW7Svqs8eeok6SodnjYphSlLRVt1lLs6rz0FYyk8ZFAOH46wt_fIUvx5Zk7W2SsJ7S8BNvA5P_l-shkqYYdt91z4wbChAiW5n1kzvN6peBxNIOnabRKfjyOfrumzwd6w1u1mOu7ZUEUxty7stu8UnLVm6McIMnxdJrugSR6x5pkeejE_mJLba-ud_Ix_TydYJLncCyU5gbzWEGs4qG2L7B6Gjg-IA1MafqckAdVRux_7Srcm441iVYbpPZI9HW8ha79KWoHgiPlVmSNi7-ftEqpg9sIj7unOyDIetZl9VRH6iiO5GbwX35JkMjw5tmOPWSri33lIc67-hZLrjts3vQELtwQt23Cu5ZlTsexQCwKVHxA_z2HHIyv8zV6mzzj3G-QA-aJGxSSZVLFGe2o2qcpSeT57EY0GmgDuYquPa2uZ2XbXtAHDjcp2jLhUXE75pjvEY8vFbjgj1qv_bHS7iOxh78IaYylfQKkBD6n1SAbL4y7FfCzu3BTr_NPa-1TArkBtyXRvA6MRD1KuLHXrj5FWH5Nkx731pbc_CQUOeTZccrbIBeXZDuTSew3C5d_aCIo8s0p3TTU44QZxVjCqwh1_xVOew-Wkd592ta_AQlIBY9epyTDaNOxEptWLFAHRettjIx068QFTAYL5Yp5nLxF37FS6Hgp2blnR2RLVYc5CKaYrWYZN8aWoBx5ag3zxdAbmwiqT9xyKS4tOrLsDUwC4TLegeJpNhbmePKkK72-0zk_SBsyc11Ig8XYNJnoAwYhq4Swe_5hAXw9rEPFBQRfs_s-s-3X6ypebgyPPCaSW3c8x2ZdYAJNcWT17Yo3j_Zr0dIABysVW9JSK1T_AKTMpo9pd6oilO1k-SrJKeDm7LokOW4D2ihEvEF0k8LZs1sCmuoYBOvomVvGNg1ZEDLuq2vdw0nCaptTDN1ZSj3kw21leCgjqN_pGRbLIS7zRdhyDKbZL0hNw3ndi6oGc7Fp2v9uv0OOfrzvs9Evb7DLcPSK8DyGW7g8-jwihIXx7OWclFCrHI90Ndhnn3bwgskR6ixl9QriiNhZbwM91T1AJ8ARemnZgKXcXM1_VR5JIFQJq3fMeP5eXabPmmztqzRwRd3T6boJfRPK294AWy3pPscV-FXHWXp8_Q99avxvmcjbfH9ZNw2Il12HLeiM0oarUG4y0MPaQ2-bh20c3T_kr8haFaq2JceEoEoioQPEOd-zSi8i94HvKi3j8m8mgfhkdrOpyxrSvJIqmZwsUvYlyAeN__fVsgoMkzzjpeTyNO8ePCFZzR-QsJM4h2bITYAkyGS0RE-5BiH8M0Y5tPnMzlw8bi9UI4KglUTi-OQAZ_QRr2rfv_rRtXSJrOS_dBrQtPa4eccGokEz0ypoUM9Ann5yHaqe94b3tu67UNDSg2SNIV4XdNzMhpyUB-BAcSY_E4C4rXLWpo7DMS4Nfh32-fM8WOcUbCXNNaIhBBqmD_jDj5hpVbp-8hO89azeoQy2ifb7mn2twskr0GXp_UuwyaamSYFtQDxM21haZhaLP36FTi0q4ejj0QImx5ET49BL8_koJ_PAuEMZJ7aV3OdnwMjBpGJ5nPOSrlupmz5Ifpu4vP_sgfpe1JtIB6OfbIdn7d6-425rwNlKiO31as5JBBZXjPkEmWNrAS7YgsZCZe1D0zSHOKdWix6GRkRyPEcDlyaehwzD0dhHl_Y3EdGkLVsQ17zEmJ9YeaKaYJuP_PrCUN5FoHr5AUsp8S2ozAHlxLq8AXFg0FJz6OjuJcDeM6tbSRrmZHhxtrGpH4u-CDyJsGwZuDOkJ0TeGU2VMaUo-zpAOtWf6UhvyyRekbfovidR3HnT5BXriUisu-HCfMSiCSJJ2VD9yHTYagrCO2VcxhHJPVbdeCX8NqRKmmwczyi0PFo5t-9TC7txd_4CPkFZ6tDRNYucfPZb71csooZqWx9pYSD6Olm2MPWP2O-InsB_FGlDICCxbAWCM2jcGzjG6ff6K3jY8ghComlm_fRxWk1C9_iLQMVR2es-5PRhxjKppbKuc2Kzo8pZ9eKQLk0JR0Fne-CudlsmmOf9QD9IDbrSRWFnlLheQiD2oh-jV28cCzShMUZuEDa65co3msfV-L9VG7cAaQ2rQ5QlwPzUyz100g&cid=CAASJORodi0FUrQQ_uv-ZUXcsKLvXGWPPem0nPYqNP7han_gnAxSpg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:52:12 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9B7A 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Origin
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 9B7A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWGaxZXjlEk8gHR2LpB0w4l8oYbkwYIGTYrR1KuQVMe0MVs3CEMiv8QW2feh6miFHB-xZsVxXSwdapz_W-I9eUVsR1pw&cry=1&dbm_d=AKAmf-DEqQXOAjVgusCDx2eOXdoOEd12chr4UZk1jKJV8FfD2_wK-57Fy1RmGEYYSYXsHtIPrmL2pYXzMLRXkwqXqa4zXLnXMfyloeaEWWX-K8W0voppB0btoK3FP9LIaIqJ28D_qSO01FAtDTFypQR4GxPAi81PULEU2q6VeaPGuyPht7XwpvXEjkxDxsHXUfu3R0tzdqMPLqdDzphXEvKHtwhBSuIyXhPBxrWphAcBwikK4NyFneyZNLiu6RXAvV6DQNhXJfH21jcas5I5c2s0V_uojeVVMlxm3d30T0cAfrcNLjB62IV2LBRco2j9G7apU_vcibWXuK0DSC9MQ_GjbyG-vGbLkT9JmGvDKjE4YBudeJiHvAwzsEoUMDfDLYM5oIUbGIIVsC7SDl09pyYqN2XkW32Nc0FhuBZIu7G8kgJWgt7_YFhcqBL_5tDPn2HjiHv0Gi6RwfrJYh4bECPgPTGeVH53q9Yq3Up0llpxz8xDA8v4Znqf1tf2xXzIi-fNq4tyGtPQeyxqh1C-mVvdcIzz6rtOskpItKJnF-BR6A22YFqTTVSK-o-qtB4K4fzwHQRkoqhFFhgKdBCQA2WxZDt2y6BA_N1UCnpXwWp6k07paWasfM3PR7smMFYfAuHkpDN3CMZnrA_7VrKbJMe9Z9yyCyFpwByQmtojCpf-W2fdf4Xwxx8Uj20dUIkOhssM5WNAzcZ5eJvISpuRjZstlLi-FnFKMhjos1F_yX8HIhrhaFAorRjj9UwYOw-oFXm29nojhFpMtGWyrFHwe6_961Bc6u2NzaceCB25Yqzfj7VDJdExBlCjrAdjVq66zHoor5jBsao7l8gHLNGP4WrAYTr99Q1L2WzYLoFMb5L1lqGVpGxn5FV9IUX-wSsh-Mgc-beYFfbzTZAUDFyO1uRgR5u1IvvMZptIFE-0E1tXKzrGpP3ORqAafrlblyuGBG6EOKSuzz8rtBfpQf_BR6zj91b78mtLJ2fivgCEQP9zl6Y8i1y7mT4AQKC0GR3RxqVKzbUsO1v7k7Vi_exY-EUpw1O6Dru6q7Sil7hVBP1qalRJh9y8GQjquhu5k0nPdsWIIHFrlp8gBf_oNusIAkixm-FzY3a4I5VBV-sc_AZLrmvB0JDabGaEbNVk5PVgMKMHV2WsNRSxaJZ3_cFu5QxVcaUQP6FZKiEyNeru87X7SHmEjoViLcWtxDfmTo8GQOsc7sWEY0KqTsTMdO472J4yaOPdi05yz93DYs1xxsbNnWWDxqZsJ9m-KGpiRnekH3Oa2jD4S4uR7EGbtTCCnRR48vdSPxRSphvFOcnIwhS-6qqprx78OJntdOPwCVk088O8hIhPeJVGnerzbphY8Eabbw0O5LJUlR69Jy_du7v94hNesUYpo-aPADpLcb08qYerC0BrZCo69PJPeAaJ6LAbOG1UAK2CEZb8iGE15y8WAv1mhhTEBgTlH6ouf7KIG_auP2kv2rm23gjh1DuOWBhM8yiQAVtCA5xz2wCpLPLxKbXTlQTPry1B01kMA3gkn3Oh8fCQEb7xJORBpuM77vvM8O3tfUXQWgsWOy0zQmIc5eLol7LEQki5u41tJR1TE265MjtCrjZSbWB2nutNSKWLic1msTwNogmdDaZ-OZZezKo_tkfpgB9rGRu4n8bmwKk7ORBXQ3ss8gQLh_cga7MI1nEXuDkFM0-RbwhJhO2D9HXBwRBSClV4d-ou61649nyHNxhQEqSvf-tBSw0tqAxEIcM-xcKKOno5-MRi0HfiUuppCYfb-UTN5OoIYVmOvPS4XF7BlOqrBSdwZQdROKlwe22jLubdECwk_qRL-bUSYV_XYBam_M_wV8KYU8lCBNXaW14j0Wymo0TikkBwsou5PW23Y-su75cfJrY3iuwh2yyy1W0x0QfW3fqMTjFE8c5rDjr4NWejNqaLPKQJZ0jtb7Dh3fNkZSlLUmEK0Vc_H4zanGdxPj4bcwV58_e5PhxFibcRD2CBMLXdvfVYOEFizHCS-PMOiawNiKopLYqlF5gkvC01Ae4cyEoGdtYpfGkGS-ym2PegmQr7owGFBhYsM2vbIY62B6RHMgW1ItDy3JBHFH801Qq7hmCIg8j0e_mG48_M3fZ6JzKash_Get9rp4qgI5HIzqAwz36vYeg8i5tdilV7ulNgnWY60EN5fc1gqa58CEQtETD3NIES0gGmhZRtwBHyzPaQCiL-glZ58yLBZTU6Mx8EQ7BIvG7-h2Idb-vRVcplhYeA0nUVAVgywThgLt3ILQxbw968TY3LZ1AzJtM42ANxgzd4XqwOpN48NU3EkG9E-X0QidkYUF2gqloMrrPrI0XtTjie-Ke9eK4ZTK3wyScb9qzomrd-LPhzvzckJuHTLpg7pOsc2pn_9ylVJED3yXbNsdE-We8Cwqv1YKbevfieLN8AdSB9DFgjGZXLz9rJhL4lPThPbJ8il-gH3z3JY7fWcU6f3HERqoqgZH-Rx_k5O1YWDZgrNGX-euuFNJlNWTeKEl48EZiZL5XauGhxW5Rv_xppeaBZO8hhwu6zLqMlAmVRIyhohnUmywEMYNSq3JNzMY-4w4zUnOeJpu61es3GhTthw8-ktpvs5sM9blPtR1SO6kDM2fxxv8YZCgRUlBPm43Br5xFF6KcQzsteSkLZ7yVbANQDGapaGrkOQn7hFcH3deFigfRCyyx__7eW1bAvdLw74d4gu9pyTbbGRQ-GAsqnGg8H4LcKVwjUiL1lcSZOihBo-XVf_4Tzq2DT-wnCG-UU2TS-W9cL-jKNFEYI-pXzfKiB24NZnSuy-YamHM98MButq8cmM1o5XO4Uly47ci8o8QqwogvcypOUw869uN3FSfvZ6qj1_p_KWUuqBWaM3nHYDNovwmHqYLsPi3u03zcXE3MQSGLydX9-SU9p0iKCl-awQdQre3C3Cn3m4VwactBTzoTHog946awucjiE1T-j786mdL7fyNk_O_D89EFdLtiKSOurgCyxYlbEef3Mn38MWgsBZQDWMjq_1UI_zztncCmRLe31do9v88AzPbm_aDFeCmB2pHFpPqake9M_RqzGTOp3-EZDKyOAsPY3ZP3N-otgmZe6AeYae3FKqtm9nLeQfXHmQMjAjQDNQ2cXPNmkQ_Kg7EMLztMCyqhM7tY69EbImLik6Wj9VpLpDzslPoUtFzYlCdnU-4dHnlPrGC9m9Ygsvy6jh_7O28geywUTHd1Giie4jrCkwNQe_4cne2zUZes-qp5CTSmdYLUEpelfsMgtgT5QkTf2j2gLm5kjKhkP9H6zPMLzTx6wUIrs-mbZvjTin5-9zySHD3RLHqNhh_Pkd5H0jm3nGgmjDai1EnYLTuyixhu6aO92-u8w2eyJQKcScPpfAqXimw8Gso4J2BcLjdXM6K7bP4LcK6ty-pgms8oAcTbsRmFUzDHzR0CFZcl_Hso0OL8&cid=CAASJORoSB5T4QWBCTEw23tgczCr3WmAKgAYSKdzsDAPrrDGV5_Hsw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 19:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 19:13:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 9B7A 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWGaxZXjlEk8gHR2LpB0w4l8oYbkwYIGTYrR1KuQVMe0MVs3CEMiv8QW2feh6miFHB-xZsVxXSwdapz_W-I9eUVsR1pw&cry=1&dbm_d=AKAmf-DEqQXOAjVgusCDx2eOXdoOEd12chr4UZk1jKJV8FfD2_wK-57Fy1RmGEYYSYXsHtIPrmL2pYXzMLRXkwqXqa4zXLnXMfyloeaEWWX-K8W0voppB0btoK3FP9LIaIqJ28D_qSO01FAtDTFypQR4GxPAi81PULEU2q6VeaPGuyPht7XwpvXEjkxDxsHXUfu3R0tzdqMPLqdDzphXEvKHtwhBSuIyXhPBxrWphAcBwikK4NyFneyZNLiu6RXAvV6DQNhXJfH21jcas5I5c2s0V_uojeVVMlxm3d30T0cAfrcNLjB62IV2LBRco2j9G7apU_vcibWXuK0DSC9MQ_GjbyG-vGbLkT9JmGvDKjE4YBudeJiHvAwzsEoUMDfDLYM5oIUbGIIVsC7SDl09pyYqN2XkW32Nc0FhuBZIu7G8kgJWgt7_YFhcqBL_5tDPn2HjiHv0Gi6RwfrJYh4bECPgPTGeVH53q9Yq3Up0llpxz8xDA8v4Znqf1tf2xXzIi-fNq4tyGtPQeyxqh1C-mVvdcIzz6rtOskpItKJnF-BR6A22YFqTTVSK-o-qtB4K4fzwHQRkoqhFFhgKdBCQA2WxZDt2y6BA_N1UCnpXwWp6k07paWasfM3PR7smMFYfAuHkpDN3CMZnrA_7VrKbJMe9Z9yyCyFpwByQmtojCpf-W2fdf4Xwxx8Uj20dUIkOhssM5WNAzcZ5eJvISpuRjZstlLi-FnFKMhjos1F_yX8HIhrhaFAorRjj9UwYOw-oFXm29nojhFpMtGWyrFHwe6_961Bc6u2NzaceCB25Yqzfj7VDJdExBlCjrAdjVq66zHoor5jBsao7l8gHLNGP4WrAYTr99Q1L2WzYLoFMb5L1lqGVpGxn5FV9IUX-wSsh-Mgc-beYFfbzTZAUDFyO1uRgR5u1IvvMZptIFE-0E1tXKzrGpP3ORqAafrlblyuGBG6EOKSuzz8rtBfpQf_BR6zj91b78mtLJ2fivgCEQP9zl6Y8i1y7mT4AQKC0GR3RxqVKzbUsO1v7k7Vi_exY-EUpw1O6Dru6q7Sil7hVBP1qalRJh9y8GQjquhu5k0nPdsWIIHFrlp8gBf_oNusIAkixm-FzY3a4I5VBV-sc_AZLrmvB0JDabGaEbNVk5PVgMKMHV2WsNRSxaJZ3_cFu5QxVcaUQP6FZKiEyNeru87X7SHmEjoViLcWtxDfmTo8GQOsc7sWEY0KqTsTMdO472J4yaOPdi05yz93DYs1xxsbNnWWDxqZsJ9m-KGpiRnekH3Oa2jD4S4uR7EGbtTCCnRR48vdSPxRSphvFOcnIwhS-6qqprx78OJntdOPwCVk088O8hIhPeJVGnerzbphY8Eabbw0O5LJUlR69Jy_du7v94hNesUYpo-aPADpLcb08qYerC0BrZCo69PJPeAaJ6LAbOG1UAK2CEZb8iGE15y8WAv1mhhTEBgTlH6ouf7KIG_auP2kv2rm23gjh1DuOWBhM8yiQAVtCA5xz2wCpLPLxKbXTlQTPry1B01kMA3gkn3Oh8fCQEb7xJORBpuM77vvM8O3tfUXQWgsWOy0zQmIc5eLol7LEQki5u41tJR1TE265MjtCrjZSbWB2nutNSKWLic1msTwNogmdDaZ-OZZezKo_tkfpgB9rGRu4n8bmwKk7ORBXQ3ss8gQLh_cga7MI1nEXuDkFM0-RbwhJhO2D9HXBwRBSClV4d-ou61649nyHNxhQEqSvf-tBSw0tqAxEIcM-xcKKOno5-MRi0HfiUuppCYfb-UTN5OoIYVmOvPS4XF7BlOqrBSdwZQdROKlwe22jLubdECwk_qRL-bUSYV_XYBam_M_wV8KYU8lCBNXaW14j0Wymo0TikkBwsou5PW23Y-su75cfJrY3iuwh2yyy1W0x0QfW3fqMTjFE8c5rDjr4NWejNqaLPKQJZ0jtb7Dh3fNkZSlLUmEK0Vc_H4zanGdxPj4bcwV58_e5PhxFibcRD2CBMLXdvfVYOEFizHCS-PMOiawNiKopLYqlF5gkvC01Ae4cyEoGdtYpfGkGS-ym2PegmQr7owGFBhYsM2vbIY62B6RHMgW1ItDy3JBHFH801Qq7hmCIg8j0e_mG48_M3fZ6JzKash_Get9rp4qgI5HIzqAwz36vYeg8i5tdilV7ulNgnWY60EN5fc1gqa58CEQtETD3NIES0gGmhZRtwBHyzPaQCiL-glZ58yLBZTU6Mx8EQ7BIvG7-h2Idb-vRVcplhYeA0nUVAVgywThgLt3ILQxbw968TY3LZ1AzJtM42ANxgzd4XqwOpN48NU3EkG9E-X0QidkYUF2gqloMrrPrI0XtTjie-Ke9eK4ZTK3wyScb9qzomrd-LPhzvzckJuHTLpg7pOsc2pn_9ylVJED3yXbNsdE-We8Cwqv1YKbevfieLN8AdSB9DFgjGZXLz9rJhL4lPThPbJ8il-gH3z3JY7fWcU6f3HERqoqgZH-Rx_k5O1YWDZgrNGX-euuFNJlNWTeKEl48EZiZL5XauGhxW5Rv_xppeaBZO8hhwu6zLqMlAmVRIyhohnUmywEMYNSq3JNzMY-4w4zUnOeJpu61es3GhTthw8-ktpvs5sM9blPtR1SO6kDM2fxxv8YZCgRUlBPm43Br5xFF6KcQzsteSkLZ7yVbANQDGapaGrkOQn7hFcH3deFigfRCyyx__7eW1bAvdLw74d4gu9pyTbbGRQ-GAsqnGg8H4LcKVwjUiL1lcSZOihBo-XVf_4Tzq2DT-wnCG-UU2TS-W9cL-jKNFEYI-pXzfKiB24NZnSuy-YamHM98MButq8cmM1o5XO4Uly47ci8o8QqwogvcypOUw869uN3FSfvZ6qj1_p_KWUuqBWaM3nHYDNovwmHqYLsPi3u03zcXE3MQSGLydX9-SU9p0iKCl-awQdQre3C3Cn3m4VwactBTzoTHog946awucjiE1T-j786mdL7fyNk_O_D89EFdLtiKSOurgCyxYlbEef3Mn38MWgsBZQDWMjq_1UI_zztncCmRLe31do9v88AzPbm_aDFeCmB2pHFpPqake9M_RqzGTOp3-EZDKyOAsPY3ZP3N-otgmZe6AeYae3FKqtm9nLeQfXHmQMjAjQDNQ2cXPNmkQ_Kg7EMLztMCyqhM7tY69EbImLik6Wj9VpLpDzslPoUtFzYlCdnU-4dHnlPrGC9m9Ygsvy6jh_7O28geywUTHd1Giie4jrCkwNQe_4cne2zUZes-qp5CTSmdYLUEpelfsMgtgT5QkTf2j2gLm5kjKhkP9H6zPMLzTx6wUIrs-mbZvjTin5-9zySHD3RLHqNhh_Pkd5H0jm3nGgmjDai1EnYLTuyixhu6aO92-u8w2eyJQKcScPpfAqXimw8Gso4J2BcLjdXM6K7bP4LcK6ty-pgms8oAcTbsRmFUzDHzR0CFZcl_Hso0OL8&cid=CAASJORoSB5T4QWBCTEw23tgczCr3WmAKgAYSKdzsDAPrrDGV5_Hsw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 Oct 2022 21:52:12 GMT
index_336x280_google.html
s0.2mdn.net/sadbundle/12129862044491927380/ Frame A9CC 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
bb5b8374afc57391fda2b5c18633e74299030844ed77dfb27b90c07413e99854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
535103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2201
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 17:39:42 GMT
expires
Mon, 18 Sep 2023 17:39:42 GMT
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B603 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8e-bzjP-rZ1SO8hCKqUKVy6-ecnlLfWh6kXQ790QBDOCNu0DkXlY0s4AxVgKH6pVj_911gHom2GS1GOsHfkRBAS5nn5sS38UAnQ3NgAhrVCYoYDw5mr2WJ9Lr7xt5xf1UplT6gDSMptu-uP6pTcfFgyRefL8NbwLfs7Wi0bzfCH5wmKfDLM6GThKTL9glZ2YuzpWER7e2Tiaz4OpWKmxbLRKFEMWwe-zWj-BeYYKDWmsPQcPQ_v3oyVbZBgRiFwSCJ6hNes1Rv37WganmkAhyHVAuHwRBtrrbhQ2hKgk7RvWHCMzMN4nqJvWuc6Y6RD1P-eGwPKc4PR3lkLNIb77RqgOFicYpS9kzIuF9fF3SmBkBAxieZAVrvxu23kfvZZn9AHqQQKYGAFSb09IGjx4QsODmi57fkLnxyrwWNpnZl5Wc--KpnKn1VYELsp-6rZkx1rdNq0uM3V7fd11VIbaiz4IFATNCXWccNrvGE1Z8VHYx6N1o5y8Chs7PIy-W1CvZFBHCcXUXFtFO2NVj0XpKpoNYaLnjEt0yU97wCnyrzruSdHMkqNgh4DNe9br2_RExXYestOgFfhL1xrBvrAnMPW4kpdtFb3FUOJ_UGmnr2rpprD3p3gO25QbEBxV_j-E91F5vhYJn1KdxEZZ8FKdZyXXYU31d0QjaxcJuXYs7pNaM4E53_ehqSLmYWGgjKexxYcWSEWkowk59DihAEktjnYQPo9fwhSq9kdhesm-FW0ZshIqhUSOtpA0l3K4rj_25dbiUbS8r_PcNwiHPp_5WWSSGV2SJ7Rx8oj45Am7tJgkKauNJoFOg3BwzWplJMq_KbtsgCMxsGOiwFkUuAhqKz3YmLRWPD0rqyxR-PIxtAISILmM-3-cMqjDtsY6KrHoKKjsu3fJRPcwl6EzvlHusFd_KQ0iSsEF71Qy4M-7vAPZTjzFNYq36PIptagN2TZirONbFfoKL1RadoRprcmDLlRdezntsoXIiZm9P5nIM6MeuOxcO1hKUdcNBieTIcadpZRmTVJr4xMmWZVEfQu0N80Rw0pR_hsoc51SsBz6eVZPEtCJaE4q8UgPamOn5HVGNzg4ayT9H1t9kKc4J23V7aj9QQrss0TILlkAXmWHkiEIqMyXWDoNqB8LvVK5vYYUhOK99UnhbfJbsVjXMtIhRZg&sai=AMfl-YTM06hbYYLyQZACHdVN3wvIR5fMj-vo2Z6kzvVlIIORpn2veYqlMJqh6YY0g2JWo8zFegvHkL5gDgfwyfHFD7KVLBbhzNqlO5ar41P9UHmAYXJ788vbcvbkJGiN9fCMa7QrhjdMEcsnCNsmUPlVkC4PBGwLfw&sig=Cg0ArKJSzIK1f6_YaJT4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=829&cbvp=1&cstd=826&cisv=r20220921.00891&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 24 Sep 2022 22:18:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=4103336389;
ad.atdmt.com/i/ Frame B603 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
328688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C1FD 		783 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
54857a8846b3da2e8a8ff84ea6e24ef533ac97993019ad345f84f24cb33552c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nIn-_gSr7UIsp8JxI7EUHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-nIn-_gSr7UIsp8JxI7EUHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:05 GMT
expires
Sat, 24 Sep 2022 22:18:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B899 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
328688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 13F9 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
0844e1148e163ac56ee4cc04214506d2e6ea50b39f5794a78ef1fefa82f60b0e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TFwio0d4Wr1FVEQCghMgoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-TFwio0d4Wr1FVEQCghMgoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:05 GMT
expires
Sat, 24 Sep 2022 22:18:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B7C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
328688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E405 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
bd439b7bb78653b33674b9c08663b12cb5052ca5c8a1d540f1176b5f2914af1e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vlqoPA_L3m8Ieq-WOgxYjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-vlqoPA_L3m8Ieq-WOgxYjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:05 GMT
expires
Sat, 24 Sep 2022 22:18:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9EDC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 04:26:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6DA4 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
38206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 11:41:19 GMT
etag
48472445140208031
expires
Sun, 25 Sep 2022 11:41:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9EDC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4d59a51a8eecd9642d5bb8a6f92a91864b19a58015d3d3968f9a54278e97ce6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D306 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 04:26:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EE17 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
38206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 11:41:19 GMT
etag
48472445140208031
expires
Sun, 25 Sep 2022 11:41:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D306 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dab748fc34c67043e2583d6474141dd8a8084119a0243f66297100cb976c84b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9B7A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 04:26:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 04A7 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
38206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 11:41:19 GMT
etag
48472445140208031
expires
Sun, 25 Sep 2022 11:41:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9B7A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bba28f6f736d5d3bacaf6d76c9c622c2e399bf2ea5b4221cfb076602a6d37f5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 52B5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame B899 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 8B7C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
i.match
s.tribalfusion.com/z/ Frame 6DA4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nof...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422n...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nofymPB7EtEJGJVcB4sK3FSWTjqrLaT67Zp635_jTCQpShIeNcSe0zz60&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nofymPB7EtEJGJVcB4sK3FSWTjqrLaT67Zp635_jTCQpShIeNcSe0zz60%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74fee4dcbfbaa94d-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
309
cf-ray
74fee4dabdeaa94d-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nofymPB7EtEJGJVcB4sK3FSWTjqrLaT67Zp635_jTCQpShIeNcSe0zz60&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_IkhMJd5d3V-ZXQ8K-HYZGxmkDvu0h3onRzSouZJAZiDBcFX-S4KXyq-Bvr3ApyvqqmlS9v8jPQ37VkJ8l60mhC3Q422nofymPB7EtEJGJVcB4sK3FSWTjqrLaT67Zp635_jTCQpShIeNcSe0zz60%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6DA4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEH_ghP3jrxbNzW3a774rd5E&google_cver=1&google_push=AZmPxg_wHZ9h7_AWdMcrP_jxYyvT3pPHvp0iu1mAFEYJePaapK0yzzjjdi3-fTf1kGxN3DkFR_2glfqDillwRhTyHdrqbSjK2WF_49...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=43525A80803C4D43A1CB91C32F12F310&google_push=AZmPxg_wHZ9h7_AWdMcrP_jxYyvT3pPHvp0iu1mAFEYJePaapK0yzzjjdi3-fTf1kGxN3DkFR_2glfqDillwRhT...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=43525A80803C4D43A1CB91C32F12F310&google_push=AZmPxg_wHZ9h7_AWdMcrP_jxYyvT3pPHvp0iu1mAFEYJePaapK0yzzjjdi3-fTf1kGxN3DkFR_2glfqDillwRhTyHdrqbSjK2WF_49a02R8xQy3dMFzWqHRJGe396ZyqoduhLZpkZ1ZJpUF4x1tA59og-40
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=43525A80803C4D43A1CB91C32F12F310&google_push=AZmPxg_wHZ9h7_AWdMcrP_jxYyvT3pPHvp0iu1mAFEYJePaapK0yzzjjdi3-fTf1kGxN3DkFR_2glfqDillwRhTyHdrqbSjK2WF_49a02R8xQy3dMFzWqHRJGe396ZyqoduhLZpkZ1ZJpUF4x1tA59og-40
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Sep 2022 22:18:06 GMT
pixel
cm.g.doubleclick.net/ Frame 6DA4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg_xqihTNE6VNl3FEVW3mp_khpOkJ4YqpFnrj6-o4pC0AGABiqEUuiSWlSnCvDNRVs6GG8jdsNLQGBDjg0vYI2...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg_xqihTNE6VNl3FEVW3mp_khpOkJ4YqpFnrj6-o4pC0AGABiqEUuiSWlSnCvDNRVs6GG8jdsNLQGBDjg0vYI2...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 6DA4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_cver=1&google_push=AZmPxg-5qARgd2O3FFMxNJmM5SGyRoaq8ALsvatGXMMLFC861-ahkT-gBWN_rMUSI6em-5VixVz3CzMXX9gut...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_push=AZmPxg-5qARgd2O3FFMxNJmM5SGyRoaq8ALsvatGXMMLFC861-ahkT-gBWN_rMUSI6em-5VixVz3CzMXX9gut...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-5qARgd2O3FFMxNJmM5SGyRoaq8ALsvatGXMMLFC861-ahkT-gBWN_rMUSI6em-5VixVz3CzMXX9guttmf2qbIhbsXuaeiFNB69dyaL6fzxYnEuWoXVy6744KEPTC...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-5qARgd2O3FFMxNJmM5SGyRoaq8ALsvatGXMMLFC861-ahkT-gBWN_rMUSI6em-5VixVz3CzMXX9guttmf2qbIhbsXuaeiFNB69dyaL6fzxYnEuWoXVy6744KEPTC8mks5ez1oRgx0XgsJXMxknR4&google_hm=YlZnYjMwRDRYc3Z5UjdRUkJXOEo=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:07 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-5qARgd2O3FFMxNJmM5SGyRoaq8ALsvatGXMMLFC861-ahkT-gBWN_rMUSI6em-5VixVz3CzMXX9guttmf2qbIhbsXuaeiFNB69dyaL6fzxYnEuWoXVy6744KEPTC8mks5ez1oRgx0XgsJXMxknR4&google_hm=YlZnYjMwRDRYc3Z5UjdRUkJXOEo=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 6DA4
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?ext-param=AZmPxg8W8TiqRy8JcajHSVdxz3GawIEvWHpa4wFhE-htiR8pstlCAYNpzQLikm2ebgP1alIkNCHUNYeonZYyHyDImTX_yAotCr894efl_pcyNHJRLDtFnd-UjiuD...
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?redir-setuniq=1&ext-param=AZmPxg8W8TiqRy8JcajHSVdxz3GawIEvWHpa4wFhE-htiR8pstlCAYNpzQLikm2ebgP1alIkNCHUNYeonZYyHyDImTX_yAotCr894efl_pcy...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEypW96PXKPkbzmXOe6Smcc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:07 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 22:18:07 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6DA4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGU73Q9v6rpzcy2VLaXw4b2DJ8iieHjEa0kSgXbxoG0muWr-Ew69jiX-4_
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7096 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Biw--HIIvY-DRC8KMmsMPk6yf4AcAAAAAOAHgBAI&bg=!CQqlCk7NAAYIxsuQKMY7ACkAdvg8WtTRd9sAJKtmdm5Skr2V1UxGtljQRYlt-cABjjNGq8KKp131FQIAAADvUgAAAAJoAQcKADfbiOSx2c2AqVmRrKk8vWNEdPMh9hf76CL-Iy0KSkWh-KoAdbhbwqaD40uYIiyHbHG6g9xn0M3FmQLpN7aGly9sR_MCSyTC-PLmTZTEoP0YFj1mHtbzybFc7gAhSBCCBqCzRLqsQDyKorO0MIF9p2IAVS7A-snLpDi-wQsRY1kj1zQHDKAyClGVnGV5DYTxRvI-FOVWDgyWtPJ3XZe1xMUr8q2ae-Ee-zaytaDg9FFuIpx0JMxHNNZgFM5a9JV3OkH6kXDbrmMUSHtQublONU8k21Zz5ooN9fhfZ1VUSM7as7_bLLysIzmWDh-zIKEh51m4c58EjMIPRVeiPA_lq9MZrAC3G74yCK8s9fM_PXJqYgi5kZ7wY0ESbtACykCr1OS-UFrQDTPxSIPFSFqJskz4-lxcShwXOgQ2-toj63NKKenAHEC8nLT0vQtTWVgO-Vi0KfPdICPC-zA3yC4YOt266FtgJ0ekNETTw_DGRY_06133li6LaCHqSPcXcdbtdxZjqre4URDY4WPmHDOGTFMEjhHAlY_a2AB6wDtSHKlwZbuqG0pZP5nMIZvZXGzmg205LIy5Kuf0kal0395pCDfbgilY89_QV2S5JKwj27CcR-9C7zpHFQT5GIwL7ce5xhRDD7gSWZnhDzsJHm_Svy-o-1O990_-0MfQ5Y3sTflxFE9nNJcTve1pXGxGdZegV9LtQFB5ifOMsrLNU3XxqmZlaF42cQxSFKdWjaADBn1sITQyzUxd3eUrkVxFgYg9ELXkBYrc3-074DXa9-Kz9UbCHyxgd1TFiTeAUpaSLIdUFMj-AdP4icoeZU67TK4RXe7Neh2pg1oXy2NCxQQX9GaTpFDdmNDpIHWB65cKWjmOVXHc6x3NaxQ3vq_t3KzeYiWDciKhbxouXcpG-EYknUUHSOjQAd8pgRntUYjJZPASn3eASIw3LPdsYaXrCVBJBDcZA1Tu0hTiHwiYbM3ND8xo_s2OQBJ2USJXv5PBXbsVZFebdJ6t4QQOw58uPet1Zzx8N7iZyuUcxRP3ouUzbvWBquDeVL2KM388yeUL7zzrgoFrmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E798 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
238162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 04:08:43 GMT
expires
Fri, 22 Sep 2023 04:08:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame EE17
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUheln...
43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW2KeInigMKI2UiI8KrqPY0pdQsqq1znoE3g9tx_vPEY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW2KeInigMKI2UiI8KrqPY0pdQsqq1znoE3g9tx_vPEY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74fee4dcbfb7a94d-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
397
cf-ray
74fee4dabdeea94d-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW2KeInigMKI2UiI8KrqPY0pdQsqq1znoE3g9tx_vPEY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-yRgWgwaGNK1cAd8zIYBtXko1Lzh-8HqTyXnl_n8SpsoDysJyToLeBz8sYQklpQTEe0Y0EnaOrc0mi3vYb-bEYOuUhelnSW2KeInigMKI2UiI8KrqPY0pdQsqq1znoE3g9tx_vPEY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEH_ghP3jrxbNzW3a774rd5E&google_cver=1&google_push=AZmPxg9AwstN21--h1Qjvmh-rmW3TY1rwX9EmvEnkvCirYwtM8RjtsGTkZuuIPLJxyC_uPT96-simfrum2hzhmQrSnBAJrj5KZWlH5...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CE8D5B091D614E7BB25A31D7D38CD4DA&google_push=AZmPxg9AwstN21--h1Qjvmh-rmW3TY1rwX9EmvEnkvCirYwtM8RjtsGTkZuuIPLJxyC_uPT96-simfrum2hzhmQ...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CE8D5B091D614E7BB25A31D7D38CD4DA&google_push=AZmPxg9AwstN21--h1Qjvmh-rmW3TY1rwX9EmvEnkvCirYwtM8RjtsGTkZuuIPLJxyC_uPT96-simfrum2hzhmQrSnBAJrj5KZWlH5LrvYeg-vGfNxro56UHi00aY0pFtrb7Mxo-SfIjmMI
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CE8D5B091D614E7BB25A31D7D38CD4DA&google_push=AZmPxg9AwstN21--h1Qjvmh-rmW3TY1rwX9EmvEnkvCirYwtM8RjtsGTkZuuIPLJxyC_uPT96-simfrum2hzhmQrSnBAJrj5KZWlH5LrvYeg-vGfNxro56UHi00aY0pFtrb7Mxo-SfIjmMI
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Sep 2022 22:18:06 GMT
pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg91rJVuRy9yayWRdTfPg6djb5pBzs8HN0whNggjGgTiQB59LyLaA4EBQsMpnisPSdm32KpwTZD1E0TWqpE_o6...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg91rJVuRy9yayWRdTfPg6djb5pBzs8HN0whNggjGgTiQB59LyLaA4EBQsMpnisPSdm32KpwTZD1E0TWqpE_o6...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame EE17
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_cver=1&google_push=AZmPxg9UTYy3XAO6V3E9iIVbgD58FMEsHu0M9n3voukIU65jdOYSk8_Zw-k-uQ8OC-yXqd3xX2FbMVyXLlwml...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_push=AZmPxg9UTYy3XAO6V3E9iIVbgD58FMEsHu0M9n3voukIU65jdOYSk8_Zw-k-uQ8OC-yXqd3xX2FbMVyXLlwml...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9UTYy3XAO6V3E9iIVbgD58FMEsHu0M9n3voukIU65jdOYSk8_Zw-k-uQ8OC-yXqd3xX2FbMVyXLlwmlW0SHjCFH5LSYPuT8TuojAV7ikhE5QsA6vOnfDWRfEatFgX...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9UTYy3XAO6V3E9iIVbgD58FMEsHu0M9n3voukIU65jdOYSk8_Zw-k-uQ8OC-yXqd3xX2FbMVyXLlwmlW0SHjCFH5LSYPuT8TuojAV7ikhE5QsA6vOnfDWRfEatFgXxa810hDjC_go0&google_hm=SlJnVkRFbGdsT2syQl9fZVVySDQ=
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:07 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9UTYy3XAO6V3E9iIVbgD58FMEsHu0M9n3voukIU65jdOYSk8_Zw-k-uQ8OC-yXqd3xX2FbMVyXLlwmlW0SHjCFH5LSYPuT8TuojAV7ikhE5QsA6vOnfDWRfEatFgXxa810hDjC_go0&google_hm=SlJnVkRFbGdsT2syQl9fZVVySDQ=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
280
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame EE17
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?ext-param=AZmPxg9ZTYlj4xjowYadttcYYYG8_EmVVRxGM-3hskJfPzZ5T39xy_RAwAPHHL0D812Oo5j-P_n4Rev7WJ6WreqcbCNKT3_Os9sAEo7DUCzxhP-QWV_Mnd-TcotK...
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?redir-setuniq=1&ext-param=AZmPxg9ZTYlj4xjowYadttcYYYG8_EmVVRxGM-3hskJfPzZ5T39xy_RAwAPHHL0D812Oo5j-P_n4Rev7WJ6WreqcbCNKT3_Os9sAEo7DUCzx...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEypW96PXKPkbzmXOe6Smcc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:07 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 22:18:07 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EE17 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqXFZEz7O8SLvIDkKFaaUPD8-VaoWJuZTvyrDvzovIQF9sMN_ZYO1xW8Nq
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame 04A7
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE...
43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76tibT7eIu2nb8mH2QVh5yWuXbfLswwzmWe5nZNMdBORm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76tibT7eIu2nb8mH2QVh5yWuXbfLswwzmWe5nZNMdBORm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74fee4dcbfb8a94d-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
94
cf-ray
74fee4dabdf0a94d-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENl0aMEkKYyDCJycHBk1kDk&google_cver=1&google_push=AZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76tibT7eIu2nb8mH2QVh5yWuXbfLswwzmWe5nZNMdBORm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_zMBTGek-VSF5j0aUw4CNsIGZTZxYQVI90YBC1Fhib9oRMvPTLVyOvt-oqlKws5YO4LB5lXvuYjkFW73wDwaMLmah77ZE76tibT7eIu2nb8mH2QVh5yWuXbfLswwzmWe5nZNMdBORm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04A7
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEH_ghP3jrxbNzW3a774rd5E&google_cver=1&google_push=AZmPxg-JRJzUu9scUZXzMcjC220RZSOQcGXQBdJd0pIEmBxyzJnCWsTA48ZTOu5uhhoCgrwy5AyNKCf2dVPKBb4exfb3tR0sjfhQ2J...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B2A13C560324A29B1BCFE61491F7FDE&google_push=AZmPxg-JRJzUu9scUZXzMcjC220RZSOQcGXQBdJd0pIEmBxyzJnCWsTA48ZTOu5uhhoCgrwy5AyNKCf2dVPKBb4...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B2A13C560324A29B1BCFE61491F7FDE&google_push=AZmPxg-JRJzUu9scUZXzMcjC220RZSOQcGXQBdJd0pIEmBxyzJnCWsTA48ZTOu5uhhoCgrwy5AyNKCf2dVPKBb4exfb3tR0sjfhQ2Jrgmar6v7PbxcBN-bmDEALYBlfjQhIiw32pn1thAX4O
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B2A13C560324A29B1BCFE61491F7FDE&google_push=AZmPxg-JRJzUu9scUZXzMcjC220RZSOQcGXQBdJd0pIEmBxyzJnCWsTA48ZTOu5uhhoCgrwy5AyNKCf2dVPKBb4exfb3tR0sjfhQ2Jrgmar6v7PbxcBN-bmDEALYBlfjQhIiw32pn1thAX4O
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Sep 2022 22:18:06 GMT
pixel
cm.g.doubleclick.net/ Frame 04A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg_Taky4y0MUAleIU_F-FS7jL3BjKd7PYU01oC8QRpUjmHLzd6FYOmbDlu659KOIkvZjT221WxEB7S9m8Rc-Hy...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJfjQhWX0e-7Rurw9hvbSxg&google_cver=1&google_push=AZmPxg_Taky4y0MUAleIU_F-FS7jL3BjKd7PYU01oC8QRpUjmHLzd6FYOmbDlu659KOIkvZjT221WxEB7S9m8Rc-Hy...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWI5MTY5NDAtNjM4My00ZThhLWJhYWEtYWExMjk1NWM1MTAy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=eb916940-6383-4e8a-baaa-aa12955c5102
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 04A7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_cver=1&google_push=AZmPxg9xQjgiN6eAv6L38ci7FYnDeo9CZIzgwaSxPHMMAZuyYBxX1iBb6FKqMTmE4Fklt9e9AR8AhZS6_fPn3...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKDkugcP0XeA2xns7acKPW8&google_push=AZmPxg9xQjgiN6eAv6L38ci7FYnDeo9CZIzgwaSxPHMMAZuyYBxX1iBb6FKqMTmE4Fklt9e9AR8AhZS6_fPn3...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9xQjgiN6eAv6L38ci7FYnDeo9CZIzgwaSxPHMMAZuyYBxX1iBb6FKqMTmE4Fklt9e9AR8AhZS6_fPn3IU-a8vlM4-jE9T2_vLXQj2GdTl-_2hmnFf9yiP3x-inWhl...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9xQjgiN6eAv6L38ci7FYnDeo9CZIzgwaSxPHMMAZuyYBxX1iBb6FKqMTmE4Fklt9e9AR8AhZS6_fPn3IU-a8vlM4-jE9T2_vLXQj2GdTl-_2hmnFf9yiP3x-inWhlEQs-ZlWMhFfvM&google_hm=ekFGX2Q1MXF1a0hqeXdIUE1Md1Q=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:07 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9xQjgiN6eAv6L38ci7FYnDeo9CZIzgwaSxPHMMAZuyYBxX1iBb6FKqMTmE4Fklt9e9AR8AhZS6_fPn3IU-a8vlM4-jE9T2_vLXQj2GdTl-_2hmnFf9yiP3x-inWhlEQs-ZlWMhFfvM&google_hm=ekFGX2Q1MXF1a0hqeXdIUE1Md1Q=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
280
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 04A7
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?ext-param=AZmPxg9OUBWGqdNmh1FEmgCPKc845Ar07k2COIcIEtNriyrG4R-C8Wti6vHItBu4sLwkLQQTdefAvqDFvdH1UXREbwfjv4ko0Ecu7tWdkO_3J1_1wdbj8S6AoCzY...
  • https://an.yandex.ru/mapuid/google/CAESEEypW96PXKPkbzmXOe6Smcc?redir-setuniq=1&ext-param=AZmPxg9OUBWGqdNmh1FEmgCPKc845Ar07k2COIcIEtNriyrG4R-C8Wti6vHItBu4sLwkLQQTdefAvqDFvdH1UXREbwfjv4ko0Ecu7tWdkO_3...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEypW96PXKPkbzmXOe6Smcc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:07 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 22:18:07 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 04A7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jr2fVG_kfhv4b34mg9PATcCWRPopf882DTTkAYffXy6NqxT6h0HBY5wTSn
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1D4B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
238162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 04:08:43 GMT
expires
Fri, 22 Sep 2023 04:08:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 37FA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
238162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 04:08:43 GMT
expires
Fri, 22 Sep 2023 04:08:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index_120x600_google.html
s0.2mdn.net/sadbundle/4942068020373019979/ Frame 2F57 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
3c739ccbfad2a264757c1608cb342f9829a077fad87b0cc079540ab03aeb2412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
74900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2200
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 01:29:45 GMT
expires
Sun, 24 Sep 2023 01:29:45 GMT
last-modified
Mon, 05 Sep 2022 15:11:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9EDC 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4VjRoAeTet3qyy-uAzbkcjpFqRdNcjJefDikRXKT5Y8ZjJx90pzMQ9HNhTWVveS-fcS6xcuB1Zw5n-jMSyi2XXaHFXAb6QtLT5g6zMfe-fLIPuXXey2kmzGbpWLkO-GIYtjsl4jMha0j657-f_YeOeu1l9LS-7NZPdblxmmsxeVcIKUMNy0c7lsIZqh97rXMkM4he151adiMKQx6i826aIbMHSiF1XqyXsdt8diBlRwFGKM-c7ZxuayBBJZIs-K1-2tN0okrQvoupsYICpOahT5t2xzSD3wmWq8qnQI57iNV9q5DWzDW04ELGvvGN0fNBWMSrnYnXyhw-T8hgeWanyDXYjnn1_84IhuS28bkC54QQ29R11mbq-6JddNTZS-Cc1ZZWS38Xov7FtcEgx_Uq1ly-p9CprTY3ydARiitZo05G-Ejw30R-iuXzRuxPwfOh0pg_Vxfe2e93JS37WOHO_zJ4Z_8uxMnieHCpc7Y7GojOH83MB6cS03FGhFHX3TeTHPYKDn7rqsahS8ZT_zC-6N83hR2pmU2N7fBsGlaI84xc4NbojAk9_MSQ6JL1yn5P6dQ2Z4vOHHWEmvzpRthE357bTPXqmM7mDWFNwoUxJBbspkY1p2ialwll1YoHqxaREXeNvVE0ZW0wzuTyBibMUj-j_N0FmCceUVoBzskoEkqqVD5cVaBnwfZR8fJr_wiT5Li6EV33WwuKpDw-4-4XgrMNmBt07cCgKL4IK9_rwuTrW5pn5TNoUUTgTODXaB7X3cv3uiwI7u9VC6Z0CQf9yzqouHvlhN4XU4EhjcVYTJHPBjUjVhZUfrq5GvLy5p-O-5Ha0S_Tp3A3pxUxz-SG8yhn1rF9mtlm1FFWpgcCwQyBeMCKOePF1uzPeCg_l-vlN-IrEn0ndmrwMejYR3R5_qyCv671dSDLUYN7Vb8-k-tlIJhoKCZEu9OvrOaJ3GKCV_Z43n5iM2gxVcxePHQi85uG1vVKtdkqMQj7xXb1Ne7axqLnyH9ms77eB3ssgGYcuCuRJnitfBQuJfOl9Q1aMcwbYqA_HTZy-Cd2i6RajZGSUUxjZKyMvrMD7eMnUM9jnfj-tjZBbH7oCW1JuPhxdbn7VMlu302YvydBQAy5RJe1iNKQHTR0jyDBc0GYgT01ZJfcmyBLrl4N0ARddEzucO4VjPT23X9HoyxfpGwR05Jfr8bP2ryzKih-tmnhWDgfrYHduN3BZEMhuxWdZbkU1gXITTnXYcQvEeGuV85mF_k1KoU7SRMxZVR9ypJvBHGR3vkbsLmNfWLRGmcqAL4&sai=AMfl-YRJee_xWJt49P40IyQjTe8aAMXdi0Fn3sc4oB0D4DNdeze5l-ZzVHQINOzf2IK_kuQbJz1hQIz_eJUFjpGQsixu220teCnx0-dR9Sp-O7dvZeEAKZOFzfzOVCEiRC1qEHq6H-iVRukJ9bOnHQjFry-mtHgz6whDdNTqtVIDG2GI-QGfEQ7BV6FZMHkdqSDEcGpGq355q3d3hjEjqr7Sjg&sig=Cg0ArKJSzKlrVVaHxxuhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=588&cbvp=1&cstd=586&cisv=r20220921.91843&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 24 Sep 2022 22:18:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1919223098;
ad.atdmt.com/i/ Frame 9EDC 		0
0
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A9CC 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 22:18:06 GMT
easeljs_1.0.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A9CC 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easeljs_1.0.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36116
x-xss-protection
0
last-modified
Tue, 19 Nov 2019 16:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 22:18:06 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A9CC 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 22:18:06 GMT
index_336x280_google.js
s0.2mdn.net/sadbundle/12129862044491927380/ Frame A9CC 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
15fa1b7e6f0d2a575dd72e03903b37f563430d1bde293650abd09bdc55d2b1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 17:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
535104
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8752
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 17:39:42 GMT
jload
pixel.adsafeprotected.com/ Frame D306 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=923402&advId=6786803&campId=28582653&pubId=7010008&chanId=177932324&placementId=346150698&adsafe_par&bidurl=&bidPr=&uId=AMsySZYLwZFM7RwVftIU2OO1nXZ6&impId=
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.146.150 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-146-150.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
cdf37653a73d1ae3d18f647975c8b382382c147affa39284bd2914f10d22572a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
index.html
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
ee3b8782a38d82780c812b54167626758b6e4052a5a4b8f183385b2b54d7c840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
8178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2751
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 20:01:48 GMT
expires
Sun, 24 Sep 2023 20:01:48 GMT
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D306 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLtml7J0MivO1iTyHZ-FESvhx24SZkvhEKvi2i4B_SmwOjsQ-nw03JvUiaGQRdFaUCDbeCz2CqnKpIS7aESWZlpBf6ma0WSH1cA1rx611t4dXLHMqtDOLTGxnZ7LjNq4JErtEtKTz9TMhT6JYReNhxCN3JlUCK8d_C55hHbua7Dp93GYCR4vCc8nXjHoypNfKvBuE_DAt1yEuZzAHwHC8Iv4NhDtbngQHIMyHcoVkmK_t3cvEpgDzRMrJmyF4Kgzy13uwQeMOoAoL_1DI-snfV2hLWNNcuZhHS1nQI2ChRvhoMXnhfgQLtIMgQQD0trGAuT9-3QXP1CXDFGQTdErg1RdUsma3CZDk5eW-SeqhSwtZJmBBxGHEEFfjdRXU4yBOhdE7hCNLXoBuvjxxS-g5Aqy4ZcUBtGRLMfwo-CoNmG2GLw-_ixwBeYzwa7LgqNARoz9BJeQFZUnIUoBC_n-WMbQOBsjdSxVSAnr07mejSFQrotYr1SQf3uKpiq74p1rwt_Oo1YYtnAOrsaeAQCPYXZGU2_t2539E_t9bJ1f4eQi2PGfDNKIibp35MNKnKJR5g8jIdwlxKgmf6I3hM7Q1rzgoHnpYheOnqmRgSFzMFcnoyYbKdYApRM5TunJBwzTZGdZf_CIwOTBElPwJjkLo8p7__nEPG1ZjWfsANrqbRRou3I98xR0Xmq9c9LISulVUGFt08KPi4OqkhnuKwgADtyzIUZbpTU4FJtf2Ly_0gN3h8_zA--M24bFyNGhHnRtFozCI40ynZYg_Fswclvi9dmnnWpjnPD0hOXzUiWUR2s081hGq-hS5iToINoep1su36lxty4u6UXjOyxzGii4NzOWTvtJ6svVlN2QuQgzkMzgmvx42TufXGNtYFLl4P8TcZu6e6lVoqXJisvsAT5ZIMxvL9zwYG93Y_5VfWWVjqZ1j0I6bAsbxB-HAvgXv50D8n0luHsm10B1qkCErEq75ODnQ4mk9OeBoXfdcAIgCnHVVk3-c0GBYLaQ4_UuztHDGUtBj5PGlt2pmX2Wd5FlB1pAW_MIr1EYbHZP7uC_so6TPiQC6JtO9R6AmKp6FS_rH2xzyYrO3Vavfb8_-XGG9FzrGpYy76tlsIkQn5-lwoP38i2vwfgm3PUtC7YykLRg-9wr3MTMTiU3-YPD5XNu4h1pzjwnE8v1i1dIBQ0ctwa_wtylGHBHLmlKubqnDf6a88HWQiCDvIdnD-4YvvoFR3mn8ZgoV5fJN4ie0XgzkauBqZYQTdXzcltXot57LKTAYv30U-YeBhaYLJo32rueZEFo69XQjpS9zDDc7kZBW_bXoA0SaXFOGUZ1fuN4B7jTcfY-CeliM&sai=AMfl-YQjVBhBz9gkP-AbTIyOzzUYafJCillmhb80FyWu_8nH62IdgCEBAOkr2e2I0PLA7xSU9i98Z6y-VGtgSqdCnWepdp10W727rc7ZjlU9qgvR5_GIXPTimvGjS0jm3PJHfJXcQEeQ0safcEdJyv2Db5XUtDYh1JtMEFvH839DEfJTKg7Ogk5I72vQgqYCExaR2-DDrtIIxw4MeU_ktcEVwffq2iHzjE3MVHucKZdiN8RAeX4&sig=Cg0ArKJSzGUEgmpf8aw_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=759&cbvp=1&cstd=758&cisv=r20220921.34216&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 24 Sep 2022 22:18:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/pagead/ Frame C1FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=353028665979832&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E405 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=871172703584013&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame E798 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 13F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092101&jk=3805720087221014&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2F57 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 22:18:06 GMT
easeljs_1.0.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2F57 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easeljs_1.0.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36116
x-xss-protection
0
last-modified
Tue, 19 Nov 2019 16:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 22:18:06 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2F57 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 22:18:06 GMT
index_120x600_google.js
s0.2mdn.net/sadbundle/4942068020373019979/ Frame 2F57 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
f9524d8f1807bf488171ae337a05fd08898c2acfab1408df2e33b700f80ed9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 23:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168754
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8700
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:11:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Sep 2023 23:25:32 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 1D4B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
generate_204
tpc.googlesyndication.com/ Frame 52B5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IEsEaA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 37FA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
PO_BrandCampaign_728x90.html
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
dca9f1c29fb7080284b951045c01136e07981ae1898342bade54fa07863d0e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
531856
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3176
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 18:33:50 GMT
expires
Mon, 18 Sep 2023 18:33:50 GMT
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9B7A 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv23kncDsjN_xwF0xtwou61VkuQi-Ry5iHAE8T_AAU--8pN3jjfJLAUXX2N7cHExWbgh_ZFYYU49lFF9mT1jQy6dXJvAZWwkZitSvkQuo1TyDVOPj1I-9cmVJp2psTonEaZNjPoM0YH3la_mv-E6QtDesZeiiOf1IHgoSmipGOplm0YrNeWDM9tueRxV-1k45YlmsJMs_Zz1d4uJYta2zwcxP_WsMF_lGmFi4746-yKFMNBi5nJIkWEezLtHtsBuC-WAa8qMb4fvqsFYCRgUVCuc5X60XX-tVxfILxmh7qXwQ869MSAbRYE0641xVljXFu6Fq7xjHJjVuRAAGpcMqwPbPq3iTMxpsER2rwLiYjEBcnlY1U0BU63qNFEH9GhW2H8_oBDsq9OqZr-favGwKrIPi9tWgHorg0WBL7p90PJGCXNxkrk6LpzxtiApSiOrxWYoaH79JgLRZfQbsKlGlNQS4HMzcfXUUQYU-NK0jpJUrUTUZcadYKeSAWo52egDLI6li3eV5RqD0kCVlPn8tQKyyYW7SIokqoR08GKm5xm6Hnn8_1-q7aFF72KooSa7KGb53DtLW3KSfn-m2SZcAkMI_qCesHVpWGytEeFvvzxgSf90re7Wu7Rhxs4KXUIqnNsPrMuwovZa0vjBDIa88Hr2zwryJVn6FfnIkT2BY34zt-XyRQp7R9reTqQ5JUmJznH9VNkzyI4EOPoRlsKE4lH49yqZZ514ll3KUlNGzzK35Nc1vt4m6_DeS70ZPYPa2cnftFxpOAW77BnEmG-dpSfP6hqyTBtdf9-FlU1brjTY4OVm9Gs3koE3O-L_kV1HgA4zYxVkxBxb0QbOY48cWgDgrSXMro__poDy6tPjDZNKW5gW_QJx3dN3S6ubQEaVAX1-sVK3at8H6RVVa5zCZ25uotqt2rtSFZ9JzB_UESzVRwnQ-zeA0EBX6EN6L3AKJKeBP3zolHDOu5DEecswigpYGwYQWaAjuLayqMdlbFOOrAJ4zOAtR5VUdUOVxCP2PXrKMOxSrReX58S2jj4_bPwF2VI3BUnYoGw598KsIaN31Ldcj4sBcJL5lLUGxdQw9p026GSiBGUb0GMTUIMmGx08L9CRWxfWiq-N77np-eUHzSoJugw7LZCQ75hjFriJm9ye50t9UA5rVUaWNV-o56N381vX0E-A65eWkbcVlaE8it1UbA5RlQ0WvIguP2H4Nch0BO9-dAN_sdGyB3UUN-F_R1tI87iS9OStNLKB3UkL3pLQm1fsbYVcakr72KoTwGvj62RMMic5nS2Ad4LoB5c-qtq4MRvp5_X077b0zT3LxiBqr2lBEcJ32vYP1aH_fsbwZLNw1NZ4PTgoQ&sai=AMfl-YQGgEJ2FXVV_qfrfjm62eLhbe3_JxDFFoMU9ev_p45emtSH9bWLQTUHZ0Tqp9oMc-By2DOC-J_WyX5Fmw0lzhagEIJz4O6N5rF-M9nmogbxtkz-F1ZESjcpXoglRHh6dZIVJDcVOsjpcroo3J492v11V0yNv11pEkaNsIS3rLrzAlTwyImthwLGqpnU7MW5GmmGWlsODT5YcrLO-z728g&sig=Cg0ArKJSzHVFbuPnYWruEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=824&cbvp=1&cstd=822&cisv=r20220921.78807&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 24 Sep 2022 22:18:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame B899 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QqyEZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8B7C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ywBZ8g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gwdpage_style.css
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
custom.css
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		180 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/custom.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
d719cfb2ab3ddd57045184671c38180083a26f4b5d16b4bee68bd64f4faf6f06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7331
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
css
fonts.googleapis.com/ Frame 6DA4 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Sep 2022 22:03:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 24 Sep 2022 22:18:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Sep 2022 22:18:06 GMT
googbase_min.js
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 6DA4 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 14:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Sep 2022 14:10:19 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
97f021d21f4c6ecb256ef53df152984ad47d4fa5d9b013223454abaccb92814a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1287
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:48 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame ADCE 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 22:18:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E798 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7ORyHIIvY-rQK8KMmsMPk6yf4AcAAAAAOAHgBAI&bg=!4OOl46fNAAYIxsuQKMY7ACkAdvg8WnNHH3Wmu5AwFdzZ8MHI_zuwTDKu-d2ucDcVtHfgTV3KYRknAwIAAADLUgAAAANoAQeZAvLnDFY7MTjMsvqxIdN77nxFeW3unFgE_p_wHC2Jgf6ZpDD907RTd4NnzWmktoMJ3fiLCCUUWMlxElPTWwUJ7e_Ok1k5Gfq6nfVyfXBCrDG3b3_kVQL4rfBsn15O9psefMZjok2zMmSMnX0Sn0jIPHdlf9rMS5vK3PKYijtfvXCEyJlVkeh6D5RgBu9p8yX3i1iEX__LNmMS02unIeEcWCrbOqfbsRxsxpkUAuX48kVw4Zpom-3Pln6B-brzHW0UotfnUFxdSk2_RGamNjz_IbQWndzUhzyIiY4fgtjMD8QZ22bB_vTYb1RUPMQQ4Q9oo-vZXrIb6LeLiSazdWBAQCQ7kkQuNa2CObqb4_s6diPO2-7BSueYf9SPBpM4qNfY9vzKcpsotGVCkaO--vBY1w-zjndxVed_2mLXlzd7W3C2i8HdQJrdKSHp5y2YmF7eNirrVsgV_B7XsmpcNFqnwiCK4O8dhTc_dbYTQBFhdKwYPfM26ZgBf2HlTtWSTWKzP0rOLssAd9kFjURpZIe7hFJtniB5wolca_cStBYTCWQJPPYTdZ6WWr8_8YBZfIeTACdVRXIuHwvpmr7-TmqQxmbnhMDlkKOx_wJfHGzy7jQXNv7B7i-6yfAXEreywo9Rb38g_DNjwJl6ERDqWOaa3bZQrhn-2ztFbGCon7jQKE_OfHWtu6VESIvyYKaT9gLrmmdkIOd3KwSWWU3pIIMUXLpvsBs54U71hQNvh5l2j2_NzuCp_Pk-A2dXS34MleJoC7k3T_9-Ligt-6ZIisjwm2Px1z1Lpl4_fdMxAVzS6hlONEDimhlrsV-HF6Uef7nfbnl4C2yXVbAytqGC8_olNXkczNjnjBAG3Yyh0DNjoLPB_66JPSlSQG9Kkn5gBzmwvBPc6PFbh4i3TT3qlpm0osbmD2UIBk8VnQSP08YUHDaO0ZjhZMilwK1u5yVM4rrg0CcXWZRZnSAX44AHJPfTNinTzA0sANpZN62R7qbxX62vTrX2
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D306 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujwQ3kX3r-7Fhk6SSxlyonFJF3u7Owq5r-MEOLkqAv2ZD6MI0PNyvRP0s9uNz25-WkxZgkkhG3HO7l1MaZfc5PSEgwfzS9N9tmhqXEfZDtxeOsP2uqVGlvQTaohT7jh_qnI-E&sai=AMfl-YRxRyPlmtU9RaJclsOema_mz2AJAYPr86VxLFJgeNetdQRrvDY0ouAq1uIwW0OG4aT-Bsf1LYhrV5v75L6fvTDiqK6rd4GIHXZrgNFF8O8hQbeRMQZUK7rQYY8&sig=Cg0ArKJSzHz58NhkggU2EAE&cid=CAASJORodi0FUrQQ_uv-ZUXcsKLvXGWPPem0nPYqNP7han_gnAxSpg&id=lidar2&mcvt=1002&p=60,450,310,750&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664057884366&rpt=1104&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D4B 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9Xx4HIIvY6f3KeupmsMP066I-A8AAAAAOAHgBAI&bg=!X1ylXBjNAAYIxsuQKMY7ACkAdvg8WmXiB7XwMsdX5RtnxNwJJ1eBKlEYZa-s0D-_FT3Kxf9AhHKxpAIAAADnUgAAAAFoAQcKAAUhsbf-SJkC5JZcIonLVGMMucp1So_WkNyfiYt7f3X_zlBmGrvqYA2NA2NO7Wcj1nqrxwmackiwbuGqWBlpT4GNzM7zo3sjBPH_CKYtTKuAHLijmg9Z_ertlbEt-xatwPsSFAfDtxyeWPb-vHMMv6V-7uif-CGrQWCe4Uea1BEGHmfHa3n1zhmDamNHHAk2vIwjZ5YZg-CwmXh7-ZHtZV_B-jKPVq8adabBGajuoxZuIFD93xLzoMmUSo16KzVaIhRMmnP_PJqqK02X-4u5yvwwTy04KMmBwWWpFPLJJZ056hf02jZRoDrfcepDmE2ZaD1M5pLJWR8VzzRt8R9-Acyo3voc-hVL407UY2boTTo3MjutOwjo7EenRB4KXmgkf78bxl60oLKdjEfYeneUUH4g6a8Mze3wlX0ZNe-Eong_qHojj_UowEyrmfq_hQbCXSroB_Ad4iOahHrIFaBeQZs7NLrkk1eIMgaRHQ06BgSmONVgy0kM-LHML4749lasCg6m7lZ8LzArRJPi0vmUx_yvkeKDiZrb21Xn0-pExuD1cOnTdORE-QmIug0TRE-C1LHlHrkunoC39OwvfBJRJuiHcDJu-qqcLYEAD1PYZhP-4bzbg9aMxOYPgj_IKEyyRUDy6q-JOGUV3ng3NM7pVcSkK-vbWrU8WLYbQ-ZxUHhab0gAY0QP10LnxZuNn4d33C026lDe-n9UqidSPCfeTV7OcE70HxARxsDUhN04bQHnNOYgkK1KWkJ6_EwYkb9xnwZdohZZnyvCskLWixlUSEe7mqA0Ho3b8xsPofI-yRTkBND4Ktsa78Q4J5DuERpaOzuRjCWp8utX_WLLyH4nBKgwLXcZ8FDTLvIA_pFfddmdZS0QIqi7LahtLCU22RlozvGXfrRmCjK_xU0O1gWHZfsLA-E7i1Kww-yX9h_8X8P_RtUOfTLjmtdgAGi-9Y80qXKL5jXFjTWB6CeL8VYFjMBG6WvM5BqvE5YKuL1s
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37FA 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgNtwHIIvY82QK4CemsMPq5KR-AoAAAAAOAHgBAI&bg=!Q0ClQATNAAYIxsuQKMY7ACkAdvg8WqvRhOoIMllVbmDvdOIytLgwc5r-1nxpd6mrFvexYQyq7seGeAIAAADUUgAAAAJoAQeZAt8b4471N6MfgRK29Av9KHyMJqyIHkxzLjTIkv0Xd-fNAtSJpwnhcMK8eQ9Zu2_i6a47Gh2zpkvbhbjhTQJ7lShZpaxvOqQaNpG5NSPlDMpo95QcTwZ-jQG9xgT2zPGn79IWNIxRyt9emiV_6cMJCyuVaa8OASQJ905CysPmwpwGI7s_mrh91c31cwRP2QjMg-VhsFJodSpvzZyeLYWVOJp6aUVwcRJ8cw5s9NGVwYAmbGSBkbfG83jFc7sigJGDpP6AIVX16mUcrC2JXSeGZL1gFsW78pfYXnzNCNfs51M_M8R-WDHnCQFW6m9Y6_-UP2nIbpUVa-xMfqHT1pOAa_W5CfPT7DzEsxs6Xai0ms50QG0wA_37BOZQ6ac2IzNBa7848HN3bC14frVCYFlfB9AZQU--5yFOKx4c-hnxZN_KWyzUALfGwxedU3PL5lbxBhjAXmHp-OSAfnHXP2iKQBW2VdBV5zQlYDzWeGRuAhRcLI5IgMBrJSpvcIx1Zrqr_R-aDJmCkyi1_rzkCX-kcIiEBKScFxIKIZVNMY4GIdaTmDbm-T5FBmP8azHr1dAhFf4hp-RxM1MHNO6-YXQ3j6MZPpmqSj7H5SzulG9A4xQtA6KrkOMW6dFWhOvvZAkP1OivcRSszzOrl3_4Opsq2IuSVUmpyckRmmyLeMnoU4JKe32HnTBAXz5v27zNon5eiD_0r3d7yWaSmpy3qlFS1FilpumTMfbc8rr0_q2yswGfnbjGm_HTnO-keN8jdg38pabGcm1Pqu5xoj2H1_d1X62qmA8Neb3TCbiGeTGgHrID2LGfvM1BHyX0QT3okwO4c2IBSqMz5BPtIkYFh9VKUXYzgRlcNymo_dshg-I3z1Woz3VTNJUJwd_bW3mGobKM-0t4pGzH1BlDcngaw6KhVmYKY19sNE6kZOGuvY65Gzq2-8EpepF8wtvXzeG1i-XVIF4pAnPW1geD0oIGeHBPfIk
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B7A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXKA1pN7KdOITKgopbf5Vlsypvdr221qECdT0N55s0F4MnCNMwDn35y_1Hdg2KTImQ_c1ISVAG477zhk2X9KwGYFT7js8L0OcHpawmj9O4EPVwQRlPYif8AHunoZkFhmCd8e8&sai=AMfl-YR9DA6PbFLsdFg0cz71JF4-O0gOswoRgTxTfv8wMXnXSIlMsrlxIL2D98tPMeeSK9hEGdKHpv457rE6GNNiU5c_152-B-xN6aYfVy5k5fsubduEYJUGvOY16-c&sig=Cg0ArKJSzHHxg1Sis_EqEAE&cid=CAASJORoSB5T4QWBCTEw23tgczCr3WmAKgAYSKdzsDAPrrDGV5_Hsw&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664057884370&rpt=1127&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B603 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj5AnS-as2TcEGXKzg9R2-go1A1CQV-uYxC_fR7UqPba9MrisTlFxfn9QooqjPBrF5IYapVkkvOCTnTuWzTFhfoer-hDVt6ZzjBDc6Zr8e07XRO2woyGacEwPnqucC0t0IqJQ&sai=AMfl-YQdNR0v9rFhXYxrZQOTI56rt2Opkfcz4n9ayeZeoIy0VU0Q96l4W0-rIo9cCDIqVXBSVXYDo61Nq8RpegbkqoI1CEsl0LEAcsU&sig=Cg0ArKJSzJBm-V-FdFCsEAE&cid=CAASEuRoJCj8i_Mq0CC3sVah6dmVaA&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664057883594&rpt=1967&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2ED0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=353028665979832&bg=!GBulG1_NAAYIxsuQKMY7ACkAdvg8WrBL1FcB0daWLKsZAPQSPieza88LyM3VT-Smc8yPJZuLGJ5VZwIAAAESUgAAAAJoAQcKAAnDEl2kpq6mCHiZAqavCKWhttQaQHQxevNJdIVFUlvnMWVH0fmG6UaohoSrywrrCqs7g2z5bWXOSL7-knxrlZFuK0Y5pHzw7Ohn4Acgy3UQwYJPF10y6gACiSHeZVoSVriQhCpc4ar99hX6DG45XgEh1hq4c0x_38piy7XBPliGE2cyhsNvgFdCqhPS0BTZsh0zvLwI6jLNpTd3Frk_tMLYYFfIa6Gk_6TXkOpMf7wDFxPmqA9oxw5Uc2PPDymgYqfDlWMHKUuGSQEgKsCeh6Cp0zC9InNottUPhspdakD7snNDYxiOKI_IGR4P-UdSwAo4eAthQ5ChuEBq4swopaSdW8ei60mzJdHxLE6qlCKcja66pbupfbBmUe3IqaB2vnLftgGterCyAHfGMaksFaOkJgek5AEKt_yXbp10DkELE5NBlYpIyy9jO5ExhJ5zCqjIJ8fWmksibDMly_92Na5nO_nGGufQrh-O84GbMHhECnr_-IIr-R4kOHN_XlM-JApzcp7mlrBoCJSeEFxwlruK2_GFSwTqtC9FN09u-tADr3ESs63xU0l2MXbVKNI7RihpNkJxYDln_wfGOt5AeOaawiUY55kMT2e5wKdtg0HvtGAAr12tk28U5Ga5s5pnv4SWElkJzzvyU-AZ7wKQsxITQtQNay5g-K1oLX0es5xSvrlydwodO087AIrd3PErXG4-sQqKXEHrCvZ0D7LZZvI3erRb1PoM0ijG3MwcqE0uCwHiG2Z28n3Cy5h4WmLgW7muFuAdgK1YFbgNiVxgwAKdImAmotjWcYBXrK_DOavfPFmjmqY0ho6cCtQXsgbmbQ7wSdsUCgFwvr0trtC9f7NZXyKw6F3VCQ8dTziXqVFmfc7bJzzlaJiglsTS6QD6y6BkkAtiID_Ou7tpbybAe94k82I
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E5F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092101&jk=3805720087221014&bg=!39yl3JjNAAYIxsuQKMY7ACkAdvg8WkcZhDRcMavV8HdJHTrs_YDwCAIvhitSRI2WcgYLln_5cHy_WwIAAAELUgAAAAJoAQeZAq-DJEzspwksl7g04XORWi-U0KQ2M_JqU7qDRjhKHrjDLUNWg33mRq52IgRLjr6V-giOwbqfQBbXrqOCBlkelowfBG7MHlzTcwxrKXc0OIuo1omlsUTCEPLHjpmxkab0Sily9QaneUOysGErrnC5wMlLtz9_jYbKGlSDmlPci0NBFkV8tzf8-6IspDH5GFan5finoCKn9CS5k_i6sWHhS7Gg5vxYOttxfNWe0RRNsoPSpG1e80iPHBN1QUeLKqcQjZlAxaw4kzqNEUHhd1d_uRIt4f5Ba5P50Y6mPArl3HabYWpflSi7LqTOFiCyALcEIQSrl0eeurQ7o00xASGEXMT4-fWpQReuMFg5jSdKybMrrpHjnXfSFXeAec4CKucSC4amkNX358eYBr4zUr-Eq2x_HK9Ji3jivUokisr_C57R90NpOlZR9RC5h1l7nB6Wd8djiPLgzEjmEYVpBIoIe8bInkhjx_a7vvhZQL5M4Y793AuLr1oGSL0mT1FJIywdZrzkwCgFUVZpiuaslirRxpKkb4zIQjMmHkhUrFpJ0EkJuEZRxbERWzY30WJtPwDpqGna3OQO_uYvn3F0ey_H8oVDKhiY47jLjy1XmANWuHOu_Se0mgD7bdM87PgDsfZOkf7oDP0DEE66lqcPjj5OU_V7GrWrkhsUEwCxmVfVPxmmedvlQxS5ArkTQlSZqU8DRzzO9GP2HC3_KO17p3M-8W25slkegHuAnVGw0ui8MG4LTEwFxiuQt7-BxPVG7a8EcX6QIPjQlNDwJp8hhXy4lc1BVKRLfLQaEYAXag-lAQ3pkSIHrVhPKxZNTZ4EHKyamUmVZO9QVP8cSLDvxabYQypxfHmcvSx4oouf4s7Wlt2VBvNtXxv8eJA01ntrXRVziSV4Z9mnBalI2CJ3ZTmPmys
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 16E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=871172703584013&bg=!w8ClwITNAAYIxsuQKMY7ACkAdvg8WtGk0ysR3_lxIDTMfTwsvVKMQC8HZ3ec_y8w_-47rb_EMMnp2AIAAADyUgAAAAJoAQeZAqwiEGJUe_H8u7b9ccCkQuzgYgieF38eHmVssYgzzwjWxQjxyqjeKhoHgmAE4moRBjjEspLEgahw44SHX_K0XSUe0b_UAre5LO60h4tGvoWXsXOiaBL05NGrdk2CcaBY0guVYqQaCodFFyEKn4-Sz9ZhLdQLAGZrdIR4coAzvu9mIgxA4P52WAlBoFMZww7HfSKgeeSB859UT4EQLMy8-u0BIQPkQkYBBlbyqPQ6XncYwa40puKedzxmSqmXx-GKctqJtV2hKWqAe4hbGdD3J075a5TrVDVKqpW-mzsZUTa7hg4HYk1AF7jq8bNXEHAPqnMyXJZdXspIvmBXK1XAjVaKhZg4QnK2LFEOV9VEp-G_Qeb0zwTdqOrGc0kMlpUYiKin30G2_8kTm2JMa4YaevbHDccsp9iMqC2HKWtyykQv0NlKXZcXKy5GhEcvIiHgKmyeo9b-BNjgF5aLJ3lEhcJbnws7LUAed8P1JbaA2lWLQ8TNSzoeFBYmalJwSMin2eHXoW4yZVBKWK7KwWA0q84TudwYKE8Qk-XBERPHxu9tvkqtGhYHUB_J_HiH42sbVW_k9RRGegaKg9GizmWTB_41-K89DVGTq7atz2KN0W1EyPAyW6EUbhW2nTvEJNFEiyx853EHNY66K5N6DxmY6an_ExOzJ26QNtPFHjevVLd_miQq5Q-0sN3sgnNCd4anYLBzS0A6mBMDZe0bphPmb3NbTph9kdX1t8lskH1lF2GTna3_-1UT-o6x6l4GBgLwRtyJHRYYs4YJ4R8E1x4TB0qkvcnZqTs9pezv26rzGiFoTY4YOiDY0D55qj9FkOHDtzLP1VjKOSzZQgP1DhIGTlC1pwe51FUex0zXO0CWq9g-hEhl1T1zvo-NStQZ9s7B3-5Rj8dddbLM_I_S0Zo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Sep 2022 22:18:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
245529
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		338 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
ce11ccc974e685f2dab3b5531abf5ba2f05884c2a8b4365b38670b25017a4801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1125608
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		108 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8494e2e29f5c83f1ab49ba41e8de5185b3654cd30294e7d4d5666fa194c441f2

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Sep 2022 22:18:06 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 24 Oct 2022 22:18:07 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 29B4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.108.182 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Sep 2022 22:18:08 GMT
ETag
"623de86a-cf34"
Expires
Sun, 25 Sep 2022 22:18:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D4AF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.108.238 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Sep 2022 22:18:08 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 6049 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-100.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
54525
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 24 Sep 2022 07:09:23 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 48f7e6e0c69d96f4e263d50b2c4a6906.cloudfront.net (CloudFront)
x-amz-cf-id
hIu70VHTQJg_R9mftyyGxpVv_NPrVI7eiU5ejSFqJp2U8cB9PBDh9A==
x-amz-cf-pop
MRS52-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 2426 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
71c327f79dc6cd6a94e68de04c402b982e9133d87047f543f313463933d190b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Sat, 24 Sep 2022 22:18:07 GMT
expires
Mon, 26 Sep 2022 22:18:07 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 7697 		533 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a279e14f2bd555bf18379d187e7f5e3da9d718156d740bb8b12ac16381301ea0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Sat, 24 Sep 2022 22:18:06 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame 47A1 		2 KB
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
08a170f8c697918f7a642557a51d8cd8cee3ac96d8c8b401f91b5e0b489d222d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
673
content-type
text/html; charset=utf-8
date
Sat, 24 Sep 2022 22:18:06 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame 42D6 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664057882443
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 0B46
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
2ce00830645246827f6b5e614b202db0da202a3d70d8a90999e1887f8674047d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
459
content-type
text/html; charset=utf-8
date
Sat, 24 Sep 2022 22:18:07 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 24 Sep 2022 22:18:07 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 9351 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Sep 2022 22:18:07 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
main.19.8.352.js
static.adsafeprotected.com/ Frame D306 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=923402&advId=6786803&campId=28582653&pubId=7010008&chanId=177932324&placementId=346150698&adsafe_par&bidurl=&bidPr=&uId=AMsySZYLwZFM7RwVftIU2OO1nXZ6&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.61 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
710790
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 7c67d002cb723179087e7a16d8fc7bae.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P2
content-type
application/javascript
x-amz-cf-id
-LKQwEmNpJdkogQ2G5ePbwR-PRq6u1sew_y3S7-DVfBBQe_g6l_JnA==
activeview
pagead2.googlesyndication.com/pcs/ Frame 9EDC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9eaaUQbM6LTF9d1w8xHdR0YesQy3OD2ZRkHe2VavpWVXQxOyOu_Ol2Th3MIsbwhoi8yowN4lrm1W0qfCHdVM2y-iPCaewFOISSP2cYcXkd0R3VORek67KuRKi-83FG_RMK5k&sai=AMfl-YSroJHJS8YEyYh3oG6Wy9bYvTp8-RG9HmKdNiGaphpGaX3Z-Gy4hlaM4UPEfNgKbiAvN3gG_lhqauizYkJ9ERyWR7-3AUziGLXxQibBA0GzmpSQIOXE5Ast2d4&sig=Cg0ArKJSzLbqgt-VO7EWEAE&cid=CAASJORos5HRMIrDu8GSOq2b3Y0IlDMho0MegA3KFIVCSXAgFZfP0Q&id=lidar2&mcvt=1011&p=300,84,340,125&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664057884377&rpt=1033&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index_120x600_google_atlas_P_1.png
s0.2mdn.net/sadbundle/4942068020373019979/images/ Frame 2F57 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4942068020373019979/images/index_120x600_google_atlas_P_1.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 23:25:32 GMT
x-content-type-options
nosniff
age
168754
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63681
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:11:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Sep 2023 23:25:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9EDC 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4VjRoAeTet3qyy-uAzbkcjpFqRdNcjJefDikRXKT5Y8ZjJx90pzMQ9HNhTWVveS-fcS6xcuB1Zw5n-jMSyi2XXaHFXAb6QtLT5g6zMfe-fLIPuXXey2kmzGbpWLkO-GIYtjsl4jMha0j657-f_YeOeu1l9LS-7NZPdblxmmsxeVcIKUMNy0c7lsIZqh97rXMkM4he151adiMKQx6i826aIbMHSiF1XqyXsdt8diBlRwFGKM-c7ZxuayBBJZIs-K1-2tN0okrQvoupsYICpOahT5t2xzSD3wmWq8qnQI57iNV9q5DWzDW04ELGvvGN0fNBWMSrnYnXyhw-T8hgeWanyDXYjnn1_84IhuS28bkC54QQ29R11mbq-6JddNTZS-Cc1ZZWS38Xov7FtcEgx_Uq1ly-p9CprTY3ydARiitZo05G-Ejw30R-iuXzRuxPwfOh0pg_Vxfe2e93JS37WOHO_zJ4Z_8uxMnieHCpc7Y7GojOH83MB6cS03FGhFHX3TeTHPYKDn7rqsahS8ZT_zC-6N83hR2pmU2N7fBsGlaI84xc4NbojAk9_MSQ6JL1yn5P6dQ2Z4vOHHWEmvzpRthE357bTPXqmM7mDWFNwoUxJBbspkY1p2ialwll1YoHqxaREXeNvVE0ZW0wzuTyBibMUj-j_N0FmCceUVoBzskoEkqqVD5cVaBnwfZR8fJr_wiT5Li6EV33WwuKpDw-4-4XgrMNmBt07cCgKL4IK9_rwuTrW5pn5TNoUUTgTODXaB7X3cv3uiwI7u9VC6Z0CQf9yzqouHvlhN4XU4EhjcVYTJHPBjUjVhZUfrq5GvLy5p-O-5Ha0S_Tp3A3pxUxz-SG8yhn1rF9mtlm1FFWpgcCwQyBeMCKOePF1uzPeCg_l-vlN-IrEn0ndmrwMejYR3R5_qyCv671dSDLUYN7Vb8-k-tlIJhoKCZEu9OvrOaJ3GKCV_Z43n5iM2gxVcxePHQi85uG1vVKtdkqMQj7xXb1Ne7axqLnyH9ms77eB3ssgGYcuCuRJnitfBQuJfOl9Q1aMcwbYqA_HTZy-Cd2i6RajZGSUUxjZKyMvrMD7eMnUM9jnfj-tjZBbH7oCW1JuPhxdbn7VMlu302YvydBQAy5RJe1iNKQHTR0jyDBc0GYgT01ZJfcmyBLrl4N0ARddEzucO4VjPT23X9HoyxfpGwR05Jfr8bP2ryzKih-tmnhWDgfrYHduN3BZEMhuxWdZbkU1gXITTnXYcQvEeGuV85mF_k1KoU7SRMxZVR9ypJvBHGR3vkbsLmNfWLRGmcqAL4&sai=AMfl-YRJee_xWJt49P40IyQjTe8aAMXdi0Fn3sc4oB0D4DNdeze5l-ZzVHQINOzf2IK_kuQbJz1hQIz_eJUFjpGQsixu220teCnx0-dR9Sp-O7dvZeEAKZOFzfzOVCEiRC1qEHq6H-iVRukJ9bOnHQjFry-mtHgz6whDdNTqtVIDG2GI-QGfEQ7BV6FZMHkdqSDEcGpGq355q3d3hjEjqr7Sjg&sig=Cg0ArKJSzKlrVVaHxxuhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1680&vt=11&dtpt=1092&dett=3&cstd=586&cisv=r20220921.91843&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index_336x280_google_atlas_P_1.png
s0.2mdn.net/sadbundle/12129862044491927380/images/ Frame A9CC 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/images/index_336x280_google_atlas_P_1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057883289&bpp=12&bdt=232&idt=290&shv=r20220921&mjsv=m202209220101&ptt=5&saldr=sa&correlator=2033874124386&frm=8&ife=1&pv=2&ga_vid=738013203.1664057884&ga_sid=1664057884&ga_hid=2113377417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069819%2C44773167%2C31067825&oid=2&pvsid=1514276030893664&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jdugg7ln9n3a&fsb=1&dtd=304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:57:03 GMT
x-content-type-options
nosniff
age
213663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63681
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Sep 2023 10:57:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B603 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8e-bzjP-rZ1SO8hCKqUKVy6-ecnlLfWh6kXQ790QBDOCNu0DkXlY0s4AxVgKH6pVj_911gHom2GS1GOsHfkRBAS5nn5sS38UAnQ3NgAhrVCYoYDw5mr2WJ9Lr7xt5xf1UplT6gDSMptu-uP6pTcfFgyRefL8NbwLfs7Wi0bzfCH5wmKfDLM6GThKTL9glZ2YuzpWER7e2Tiaz4OpWKmxbLRKFEMWwe-zWj-BeYYKDWmsPQcPQ_v3oyVbZBgRiFwSCJ6hNes1Rv37WganmkAhyHVAuHwRBtrrbhQ2hKgk7RvWHCMzMN4nqJvWuc6Y6RD1P-eGwPKc4PR3lkLNIb77RqgOFicYpS9kzIuF9fF3SmBkBAxieZAVrvxu23kfvZZn9AHqQQKYGAFSb09IGjx4QsODmi57fkLnxyrwWNpnZl5Wc--KpnKn1VYELsp-6rZkx1rdNq0uM3V7fd11VIbaiz4IFATNCXWccNrvGE1Z8VHYx6N1o5y8Chs7PIy-W1CvZFBHCcXUXFtFO2NVj0XpKpoNYaLnjEt0yU97wCnyrzruSdHMkqNgh4DNe9br2_RExXYestOgFfhL1xrBvrAnMPW4kpdtFb3FUOJ_UGmnr2rpprD3p3gO25QbEBxV_j-E91F5vhYJn1KdxEZZ8FKdZyXXYU31d0QjaxcJuXYs7pNaM4E53_ehqSLmYWGgjKexxYcWSEWkowk59DihAEktjnYQPo9fwhSq9kdhesm-FW0ZshIqhUSOtpA0l3K4rj_25dbiUbS8r_PcNwiHPp_5WWSSGV2SJ7Rx8oj45Am7tJgkKauNJoFOg3BwzWplJMq_KbtsgCMxsGOiwFkUuAhqKz3YmLRWPD0rqyxR-PIxtAISILmM-3-cMqjDtsY6KrHoKKjsu3fJRPcwl6EzvlHusFd_KQ0iSsEF71Qy4M-7vAPZTjzFNYq36PIptagN2TZirONbFfoKL1RadoRprcmDLlRdezntsoXIiZm9P5nIM6MeuOxcO1hKUdcNBieTIcadpZRmTVJr4xMmWZVEfQu0N80Rw0pR_hsoc51SsBz6eVZPEtCJaE4q8UgPamOn5HVGNzg4ayT9H1t9kKc4J23V7aj9QQrss0TILlkAXmWHkiEIqMyXWDoNqB8LvVK5vYYUhOK99UnhbfJbsVjXMtIhRZg&sai=AMfl-YTM06hbYYLyQZACHdVN3wvIR5fMj-vo2Z6kzvVlIIORpn2veYqlMJqh6YY0g2JWo8zFegvHkL5gDgfwyfHFD7KVLBbhzNqlO5ar41P9UHmAYXJ788vbcvbkJGiN9fCMa7QrhjdMEcsnCNsmUPlVkC4PBGwLfw&sig=Cg0ArKJSzIK1f6_YaJT4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2406&vt=11&dtpt=1577&dett=3&cstd=826&cisv=r20220921.00891&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame D7B7 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js?bust=31069819
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
21cba96ecbefe788d752222bd252b3b9a5dbebe28dd0705919ddfea89dc0665e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11309
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7A20 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
fcff339f3f677b9a150899915cfa787bb26e5b1218cf1f900c2057e067017105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11245
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D306 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLtml7J0MivO1iTyHZ-FESvhx24SZkvhEKvi2i4B_SmwOjsQ-nw03JvUiaGQRdFaUCDbeCz2CqnKpIS7aESWZlpBf6ma0WSH1cA1rx611t4dXLHMqtDOLTGxnZ7LjNq4JErtEtKTz9TMhT6JYReNhxCN3JlUCK8d_C55hHbua7Dp93GYCR4vCc8nXjHoypNfKvBuE_DAt1yEuZzAHwHC8Iv4NhDtbngQHIMyHcoVkmK_t3cvEpgDzRMrJmyF4Kgzy13uwQeMOoAoL_1DI-snfV2hLWNNcuZhHS1nQI2ChRvhoMXnhfgQLtIMgQQD0trGAuT9-3QXP1CXDFGQTdErg1RdUsma3CZDk5eW-SeqhSwtZJmBBxGHEEFfjdRXU4yBOhdE7hCNLXoBuvjxxS-g5Aqy4ZcUBtGRLMfwo-CoNmG2GLw-_ixwBeYzwa7LgqNARoz9BJeQFZUnIUoBC_n-WMbQOBsjdSxVSAnr07mejSFQrotYr1SQf3uKpiq74p1rwt_Oo1YYtnAOrsaeAQCPYXZGU2_t2539E_t9bJ1f4eQi2PGfDNKIibp35MNKnKJR5g8jIdwlxKgmf6I3hM7Q1rzgoHnpYheOnqmRgSFzMFcnoyYbKdYApRM5TunJBwzTZGdZf_CIwOTBElPwJjkLo8p7__nEPG1ZjWfsANrqbRRou3I98xR0Xmq9c9LISulVUGFt08KPi4OqkhnuKwgADtyzIUZbpTU4FJtf2Ly_0gN3h8_zA--M24bFyNGhHnRtFozCI40ynZYg_Fswclvi9dmnnWpjnPD0hOXzUiWUR2s081hGq-hS5iToINoep1su36lxty4u6UXjOyxzGii4NzOWTvtJ6svVlN2QuQgzkMzgmvx42TufXGNtYFLl4P8TcZu6e6lVoqXJisvsAT5ZIMxvL9zwYG93Y_5VfWWVjqZ1j0I6bAsbxB-HAvgXv50D8n0luHsm10B1qkCErEq75ODnQ4mk9OeBoXfdcAIgCnHVVk3-c0GBYLaQ4_UuztHDGUtBj5PGlt2pmX2Wd5FlB1pAW_MIr1EYbHZP7uC_so6TPiQC6JtO9R6AmKp6FS_rH2xzyYrO3Vavfb8_-XGG9FzrGpYy76tlsIkQn5-lwoP38i2vwfgm3PUtC7YykLRg-9wr3MTMTiU3-YPD5XNu4h1pzjwnE8v1i1dIBQ0ctwa_wtylGHBHLmlKubqnDf6a88HWQiCDvIdnD-4YvvoFR3mn8ZgoV5fJN4ie0XgzkauBqZYQTdXzcltXot57LKTAYv30U-YeBhaYLJo32rueZEFo69XQjpS9zDDc7kZBW_bXoA0SaXFOGUZ1fuN4B7jTcfY-CeliM&sai=AMfl-YQjVBhBz9gkP-AbTIyOzzUYafJCillmhb80FyWu_8nH62IdgCEBAOkr2e2I0PLA7xSU9i98Z6y-VGtgSqdCnWepdp10W727rc7ZjlU9qgvR5_GIXPTimvGjS0jm3PJHfJXcQEeQ0safcEdJyv2Db5XUtDYh1JtMEFvH839DEfJTKg7Ogk5I72vQgqYCExaR2-DDrtIIxw4MeU_ktcEVwffq2iHzjE3MVHucKZdiN8RAeX4&sig=Cg0ArKJSzGUEgmpf8aw_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1695&vt=11&dtpt=936&dett=3&cstd=758&cisv=r20220921.34216&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
replay.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		293 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/replay.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
6cbe1becf255779f7223b45f3bf63d8a955edd2e748794480c54f4e5d0b10d10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
293
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
button.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/button.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
32fe80953f5363474f2b1fa10e1f39a0be25809811292e0559290ec54cfa2022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1651
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
ibis.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		1 KB
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ibis.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
628631acd2031ff498aea3db16027ecd6193c6fbeae05ab31e0415ac6996055d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
668
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
mercure.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/mercure.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
61901db0907ff35fad15b7cc4398baa4ad118023423e48dc1f90dcf8a028303b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 05:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
777
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 05:00:36 GMT
novotel.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		1 KB
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/novotel.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
49876af95d2ecd15f323f76069759aff3fc58c43f7d04804288338e46448b5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
662
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
mantra.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/mantra.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
21d449d8601cf996e1d660c8cca69c65c80b823f7d30c29974801962deb7e9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 05:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
811
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 05:00:36 GMT
sebel.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		1 KB
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/sebel.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
3359cabdb8ed10920178b43ef0c989c7201003514821b02c4b33e8f3b3911f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
740
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
peppers.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/peppers.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
3b8af2060eb43ff37722d2a91e664544c197a4ac88bcec1502e185f955f2cc76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1396
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
movenpick.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/movenpick.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
8a83d23afeea324cbe521a0e7996d0c7b7be87fbe18c191d702599bfc623fe4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
944
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
pullman.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/pullman.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
8035eb2c6ed5a187690c1c289022b3dbb516c9f3d82b809666a8e97576f1f01e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1275
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
sofitel.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/sofitel.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e11db8ce8b172b179f07f9ce4affec3a49b6f865fe164038b7bb5b84aa45518e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1151
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
so.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		912 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/so.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
a1bf77c787c49e99231aebc111b790c8e7ffabb9ff8707f9e3cb1cd3213cec45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
540
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
fairmont.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/fairmont.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
0330fa7077990fabed0c3577b11197a01ef45f7407078711c3f3f6268c017d1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2311
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
raffles.svg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/raffles.svg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
df776efbd6bb46ef543add4c0b69eccaafa2b7f151cdf2171a7fcc233c2671dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1248
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:49 GMT
tag.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/tag.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e4de15122faac722fef3a4df64cc08b5d7dd16ccc74115e3e2b41af1ad6e3e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6361
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
stayrewarded.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/stayrewarded.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
a38f1f6c87e996582eefa8edc2c11a044fe26f32fc67df901184c24f34c73345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6525
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
newflavours.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/newflavours.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
5f7017c58742e7145c8d1d73ec5bf3ea7854656710e1ffb4a1888729aea76e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2327
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
dreamstays.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/dreamstays.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
1940690c8fe789a39183590db29ea34d19158f5d309b9e368360b487709243bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2380
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
membersrate.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/membersrate.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
deac5997a8c45e4c8a599b29da3a2c406f229b4300576033f3a987fe77c45726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2241
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
unlock.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		930 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/unlock.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e545710341d6793b04a4fb2e3ccf3227e6cd74a3e186394eb9987e1832b6eea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
930
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
all.png
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/all.png
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
d142e3a1e6b2507d6e1870de66a5bb94c5364733db4316d4159f63fea5ef5f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
img4.jpg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/img4.jpg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
959f62d9438027416de03e03d70afd0fb8f65afcd16691a0d4f331e4d6b43320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22237
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
img3.jpg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/img3.jpg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
2c43fb233e22823e93501d7bb007a81827e4f779da3e3abc37c2ff139782a291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23359
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
img2.jpg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/img2.jpg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
0a01f729a86c571125e8c213f9fe4385ce2f80cd06b92a57d32fd6bc61719a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14730
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
img1.jpg
s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/ Frame 6DA4 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/img1.jpg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
9ad99a5186dbeb3233bffb43d5cf08bfea36177e5417f4298540f773fc7c1c57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17623955114461908714/EN_300x250_ALL-MEMBERRATE_html5_220907/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:01:50 GMT
x-content-type-options
nosniff
age
8177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15604
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 10:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:01:50 GMT
PO_BrandCampaign_728x90.js
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
aba3fa3d2ae82c47e944534c15502451298736b79ed83ec585cc38faf62d0a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9029
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:51 GMT
sd
us-u.openx.net/w/1.0/ Frame 7697
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8143086186408040920&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8143086186408040920&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8143086186408040920&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 7697
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fe27951f-4aa8-7962-d60b-cf9932a851d0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=eb916940-6383-4e8a-baaa-aa12955c5102&ttd_puid=fe27951f-4aa8-7962-d60b-cf9932a851d0&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=eb916940-6383-4e8a-baaa-aa12955c5102&ttd_puid=fe27951f-4aa8-7962-d60b-cf9932a851d0&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=eb916940-6383-4e8a-baaa-aa12955c5102&ttd_puid=fe27951f-4aa8-7962-d60b-cf9932a851d0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 7697
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yy.CH8Co8YkAAEZtav0AAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yy.CH8Co8YkAAEZtav0AAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
42
Date
Sat, 24 Sep 2022 22:18:07 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":42,"gdpr":false,"ipv4":"173.245.209.46","key":"Yy.CH8Co8YkAAEZtav0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40172"}
X-SO-Ads-Time
3
X-SO-Key
Yy.CH8Co8YkAAEZtav0AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40172
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yy.CH8Co8YkAAEZtav0AAAAA
Cache-Control
private
X-SO-HostName
a-ad40172.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-IP
173.245.209.46
sd
jp-u.openx.net/w/1.0/ Frame 7697
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWwdLttMAZTcks8ADsaW9lfog88AAAGDcZRM4Q
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWwdLttMAZTcks8ADsaW9lfog88AAAGDcZRM4Q
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
via
1.1 40346f3f2e6491f9dd0c511645b5834c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWwdLttMAZTcks8ADsaW9lfog88AAAGDcZRM4Q
cache-control
no-cache
content-length
0
x-amz-cf-id
5TWGQt4xs-SLH6OiwUc4zD6nU0U5UhyUNoMK_jOE2g1KkGo6IEar9A==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 7697 		170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDI0ODQ2ZDUtODNkZi0yN2M2LWMzZWItOTUyMGY4NGE5ZmIw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7697
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECEUP_yjV-pjIzo-_GLmbOM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7A20 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209190101/show_ads_impl_fy2021.js?bust=31069831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:07 GMT
cframe.js
assets.a-mo.net/js/ Frame 47A1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:07 GMT
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
55
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 16 Aug 2022 15:29:37 GMT
server
cloudflare
etag
W/"b5a666dd0f7ba9330dd36461c34df0c8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
SYD62-P2
cf-ray
74fee4e41f4854fd-SYD
x-amz-cf-id
P2nQPgbuPhAa8KZrWgePMZfHRXpWGS2LOlSXIdGVJAlxClPbAAHj_Q==
expires
Sat, 24 Sep 2022 23:18:07 GMT
index_120x600_google_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/4942068020373019979/images/ Frame 2F57 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4942068020373019979/images/index_120x600_google_atlas_NP_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 11:56:45 GMT
x-content-type-options
nosniff
age
382882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69447
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:11:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 11:56:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D7B7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js?bust=31069819
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 22:18:07 GMT
index_336x280_google_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/12129862044491927380/images/ Frame A9CC 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/images/index_336x280_google_atlas_NP_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 17:39:43 GMT
x-content-type-options
nosniff
age
535104
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69447
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 17:39:43 GMT
mr_bg.jpg
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/mr_bg.jpg
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
2c14a4646e21d7a24d28a9d449dd0dafd197333b943b755e57a16d062b51f399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:51 GMT
x-content-type-options
nosniff
age
531856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10802
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9B7A 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv23kncDsjN_xwF0xtwou61VkuQi-Ry5iHAE8T_AAU--8pN3jjfJLAUXX2N7cHExWbgh_ZFYYU49lFF9mT1jQy6dXJvAZWwkZitSvkQuo1TyDVOPj1I-9cmVJp2psTonEaZNjPoM0YH3la_mv-E6QtDesZeiiOf1IHgoSmipGOplm0YrNeWDM9tueRxV-1k45YlmsJMs_Zz1d4uJYta2zwcxP_WsMF_lGmFi4746-yKFMNBi5nJIkWEezLtHtsBuC-WAa8qMb4fvqsFYCRgUVCuc5X60XX-tVxfILxmh7qXwQ869MSAbRYE0641xVljXFu6Fq7xjHJjVuRAAGpcMqwPbPq3iTMxpsER2rwLiYjEBcnlY1U0BU63qNFEH9GhW2H8_oBDsq9OqZr-favGwKrIPi9tWgHorg0WBL7p90PJGCXNxkrk6LpzxtiApSiOrxWYoaH79JgLRZfQbsKlGlNQS4HMzcfXUUQYU-NK0jpJUrUTUZcadYKeSAWo52egDLI6li3eV5RqD0kCVlPn8tQKyyYW7SIokqoR08GKm5xm6Hnn8_1-q7aFF72KooSa7KGb53DtLW3KSfn-m2SZcAkMI_qCesHVpWGytEeFvvzxgSf90re7Wu7Rhxs4KXUIqnNsPrMuwovZa0vjBDIa88Hr2zwryJVn6FfnIkT2BY34zt-XyRQp7R9reTqQ5JUmJznH9VNkzyI4EOPoRlsKE4lH49yqZZ514ll3KUlNGzzK35Nc1vt4m6_DeS70ZPYPa2cnftFxpOAW77BnEmG-dpSfP6hqyTBtdf9-FlU1brjTY4OVm9Gs3koE3O-L_kV1HgA4zYxVkxBxb0QbOY48cWgDgrSXMro__poDy6tPjDZNKW5gW_QJx3dN3S6ubQEaVAX1-sVK3at8H6RVVa5zCZ25uotqt2rtSFZ9JzB_UESzVRwnQ-zeA0EBX6EN6L3AKJKeBP3zolHDOu5DEecswigpYGwYQWaAjuLayqMdlbFOOrAJ4zOAtR5VUdUOVxCP2PXrKMOxSrReX58S2jj4_bPwF2VI3BUnYoGw598KsIaN31Ldcj4sBcJL5lLUGxdQw9p026GSiBGUb0GMTUIMmGx08L9CRWxfWiq-N77np-eUHzSoJugw7LZCQ75hjFriJm9ye50t9UA5rVUaWNV-o56N381vX0E-A65eWkbcVlaE8it1UbA5RlQ0WvIguP2H4Nch0BO9-dAN_sdGyB3UUN-F_R1tI87iS9OStNLKB3UkL3pLQm1fsbYVcakr72KoTwGvj62RMMic5nS2Ad4LoB5c-qtq4MRvp5_X077b0zT3LxiBqr2lBEcJ32vYP1aH_fsbwZLNw1NZ4PTgoQ&sai=AMfl-YQGgEJ2FXVV_qfrfjm62eLhbe3_JxDFFoMU9ev_p45emtSH9bWLQTUHZ0Tqp9oMc-By2DOC-J_WyX5Fmw0lzhagEIJz4O6N5rF-M9nmogbxtkz-F1ZESjcpXoglRHh6dZIVJDcVOsjpcroo3J492v11V0yNv11pEkaNsIS3rLrzAlTwyImthwLGqpnU7MW5GmmGWlsODT5YcrLO-z728g&sig=Cg0ArKJSzHVFbuPnYWruEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1952&vt=11&dtpt=1128&dett=3&cstd=822&cisv=r20220921.78807&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 22:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 984F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
328690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DFB7 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
31ba58f9b1c51e54b022ce34cc3dbdebca476ee5985432075043b9ebabcaafb3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b8_lUNYYMKSQJxJsb28o0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-b8_lUNYYMKSQJxJsb28o0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:07 GMT
expires
Sat, 24 Sep 2022 22:18:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBF1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
328690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E84D 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
4af85dd367a12650bb4a8cd177eea96f17db3f4505ce1f71a7813cc604324e9b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MomG8hNOWNbLgRPP80L0-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-MomG8hNOWNbLgRPP80L0-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:07 GMT
expires
Sat, 24 Sep 2022 22:18:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mr_cta.png
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/mr_cta.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
722ffefad4213c2ed19ce2bcd7547724075f519f3bf831125155f8bccd48cd84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:51 GMT
x-content-type-options
nosniff
age
531856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3847
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:51 GMT
usync
id.a-mx.com/ Frame 47A1 		0
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=1e59f85e-26b7-4209-a993-edd116073ba5&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.154.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
AU
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Far5WCHCaI5yj1J%2BFRN6qjr6cU%2FK8ODmlfOBj%2FN1GcVtDONVXrUD7Syd2AjG4AdeADeyed3jlGJaowe%2B83nmUAldIaKRi8NvgfsqFNKRMTP05sXmMzpGMWwnllzgIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
74fee4e63f23a953-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync
x.bidswitch.net/ Frame 47A1 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=adaptmx&user_id=1e59f85e-26b7-4209-a993-edd116073ba5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
yahoo
prebid.a-mo.net/setuid/ Frame 47A1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=1e59f85e-26b7-4209-a993-edd116073ba5
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=1e59f85e-26b7-4209-a993-edd116073ba5&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A&gdpr=0&gdpr_consent=
date
Sat, 24 Sep 2022 22:18:08 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 47A1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L8GH3JQI-1P-8BEJ&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L8GH3JQI-1P-8BEJ&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L8GH3JQI-1P-8BEJ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
cookie
cm.adform.net/ Frame 47A1 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
server
nginx
content-length
43
content-type
image/gif
partner=adaptmx
ssp.disqus.com/ Frame 47A1 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/partner=adaptmx?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dzeta%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.131.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 47A1
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%...
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=smartadserver&uid=3580251383597455911
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=smartadserver&uid=3580251383597455911
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=smartadserver&uid=3580251383597455911
date
Sat, 24 Sep 2022 22:18:07 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 47A1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTMxM0MyNjctQTg4My00MUJGLTlBQ0ItQTkwMjlBODc4NkM5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dpubmatic%26uid%3D9313C267-A883-41BF-9ACB-A90...
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=pubmatic&uid=9313C267-A883-41BF-9ACB-A9029A8786C9
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=pubmatic&uid=9313C267-A883-41BF-9ACB-A9029A8786C9
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=pubmatic&uid=9313C267-A883-41BF-9ACB-A9029A8786C9
date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 47A1
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=index_rtb&uid=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=index_rtb&uid=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkRd9zMrd6h%2B3%2FI26xhLddRX8UtS%2FGkUnmERlehuDUEFcIla7fUyLMyd%2BQGP0MFZtwrdcPW%2FFteRoU%2BhsSIkQASv%2Bs4GGAOO3ROfWoSTKhvWq3mmsJyzNrIfUTIZ%2FRDQArrx1%2Fsp"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=index_rtb&uid=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
cache-control
no-cache
cf-ray
74fee4e63c80aacb-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 47A1
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=sovrn&uid=FXzaELZHPzVwhDpxQ7qBHsVJ
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=sovrn&uid=FXzaELZHPzVwhDpxQ7qBHsVJ
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sat, 24 Sep 2022 22:18:08 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=sovrn&uid=FXzaELZHPzVwhDpxQ7qBHsVJ
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame 47A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=appnexus&uid=5338544317242805217
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=appnexus&uid=5338544317242805217
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:07 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
99bd3274-4e88-4689-9e29-b76aa5d5e527
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=1e59f85e-26b7-4209-a993-edd116073ba5&bidder=appnexus&uid=5338544317242805217
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 47A1 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=1e59f85e-26b7-4209-a993-edd116073ba5
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:08 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
be69deb4-0f13-4a7a-bf24-24f3b8e1e258
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 47A1 		86 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=1e59f85e-26b7-4209-a993-edd116073ba5
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.77 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:09 GMT
Content-Length
86
Content-Type
image/png
setuid
pbs.aniview.com/ Frame 47A1 		86 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.aniview.com/setuid?bidder=amx&uid=1e59f85e-26b7-4209-a993-edd116073ba5
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0
setuid
prebid-server.rubiconproject.com/ Frame 47A1 		86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=1e59f85e-26b7-4209-a993-edd116073ba5
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0
mr_logo.png
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/mr_logo.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e53a3cb2fa190d0dbab24f0f231cdd1e6506ae798b76db6dd59432b5d0b45a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:51 GMT
x-content-type-options
nosniff
age
531856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1184
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:51 GMT
xuid
eb2.3lift.com/ Frame 0B46
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=eb916940-6383-4e8a-baaa-aa12955c5102&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=eb916940-6383-4e8a-baaa-aa12955c5102&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=eb916940-6383-4e8a-baaa-aa12955c5102&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 0B46
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQyNTA5NDA3MDIwNTg2MjI3NzMzNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0B46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKWjcaPZgVvwDyTHW_41axU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKWjcaPZgVvwDyTHW_41axU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKWjcaPZgVvwDyTHW_41axU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0B46
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQyNTA5NDA3MDIwNTg2MjI3NzMzNg%3D%3D
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQyNTA5NDA3MDIwNTg2MjI3NzMzNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQyNTA5NDA3MDIwNTg2MjI3NzMzNg%3D%3D
date
Sat, 24 Sep 2022 22:18:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 0B46
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3425094070205862277336&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3425094070205862277336&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=da546726-74bb-4352-80c8-79a96d51cba8&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=da546726-74bb-4352-80c8-79a96d51cba8&_noobservation=1&_expected_cookie=a3d29d5...
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=da546726-74bb-4352-80c8-79a96d51cba8&_noobservation=1&_expected_cookie=a3d29d50dc09fa362610b4a273dbd857
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.98.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74fee4edfbf2a7f9-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=da546726-74bb-4352-80c8-79a96d51cba8&_noobservation=1&_expected_cookie=a3d29d50dc09fa362610b4a273dbd857
date
Sat, 24 Sep 2022 22:18:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74fee4ecaabfa7f9-SYD
content-length
0
xuid
eb2.3lift.com/ Frame 0B46
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3425094070205862277336&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3425094070205862277336&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1cc597ff1a754b29859ffaf9bda87f03&ssp=triplelift&bsw_param=1ed2408a-d337-48ca-9629-4e75246a865d&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 0B46
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3425094070205862277336?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ky.hn.JE2oRKaI8LPccQ462hrnZCvq7Kp8BVU3vsHQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ky.hn.JE2oRKaI8LPccQ462hrnZCvq7Kp8BVU3vsHQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 24 Sep 2022 22:18:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ky.hn.JE2oRKaI8LPccQ462hrnZCvq7Kp8BVU3vsHQ--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 0B46
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3425094070205862277336
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3425094070205862277336&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3425094070205862277336&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:08 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
7J6Y39NP6MF61C9QBQ79
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3425094070205862277336&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 0B46 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3425094070205862277336&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
etag
"8766f3fc1fc7d81:0"
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0407AD062C2E4CBC8612EEBE5C6D5E06 Ref B: SYD03EDGE1517 Ref C: 2022-09-24T22:18:07Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 0B46
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=zAF_d51qukHjywHPMLwT&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PJAUMX3EGUYXC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=zAF_d51qukHjywHPMLwT
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=zAF_d51qukHjywHPMLwT
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=zAF_d51qukHjywHPMLwT
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 9351 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dbc1ea09d3e196d4d5f94c3e83f266a6503cc217f154fb55ddde1ba1662e87ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19969
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9420
Expires
Sun, 25 Sep 2022 03:50:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DFB7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=4150507189820689&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E84D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=1514276030893664&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 984F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame BBF1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
mr_t1a.png
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/mr_t1a.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
c5247524ce593d29a2baf48d5feb5d80e0f5670060ca6b871af7edb502eee32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:51 GMT
x-content-type-options
nosniff
age
531856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:51 GMT
generate_204
tpc.googlesyndication.com/ Frame 984F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0O-hbA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
mr_t1b.png
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/mr_t1b.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
49aeaafa4c12e4301a72f13b945303a55c4a33a723eed5257b8d193f807c804a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:51 GMT
x-content-type-options
nosniff
age
531857
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1586
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:51 GMT
generate_204
tpc.googlesyndication.com/ Frame BBF1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JGIfqg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 9351
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6ty0-OTGRNu4cLCTsES5zA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=6ty0-OTGRNu4cLCTsES5zA
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=6ty0-OTGRNu4cLCTsES5zA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
0M5XCGXV2QQDAZA7RG9X
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=6ty0-OTGRNu4cLCTsES5zA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9351
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iRInuQui0CJK8k2J0QG91Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3676712035981263786
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3676712035981263786
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Content-Type
image/gif

Redirect headers

date
Sat, 24 Sep 2022 22:18:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3676712035981263786
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame 9351
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8GH3JQI-1P-8BEJ
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8GH3JQI-1P-8BEJ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FDAAA6B61C714AEE8ED727D2B58A70BE Ref B: SYD03EDGE1514 Ref C: 2022-09-24T22:18:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpc6tbzTllvxb3d1CIOw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8GH3JQI-1P-8BEJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9351
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBeauxshP1FlQV1IzwXe8j0&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBeauxshP1FlQV1IzwXe8j0&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBeauxshP1FlQV1IzwXe8j0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9351
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb916940-6383-4e8a-baaa-aa12955c5102&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb916940-6383-4e8a-baaa-aa12955c5102&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb916940-6383-4e8a-baaa-aa12955c5102&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
token
token.rubiconproject.com/ Frame 9351 		0
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9351
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhHSDNKUUktMVAtOEJFSg==
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhHSDNKUUktMVAtOEJFSg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhHSDNKUUktMVAtOEJFSg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9351
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
HTTP/1.1
Server
52.95.115.255 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9T5QPZ0306ARJB65TV4Y
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
8H2MMXHX4WCMD7A3W0QS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 639B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.108.195 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=78415
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 24 Sep 2022 22:18:09 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 25 Sep 2022 20:05:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame B66D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.43.253 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d08e99485a73d7ffac4099a8c91b595c85856001c9bb340bf78147caf5706ed3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 24 Sep 2022 22:18:08 GMT
etag
W/"092ae660074a75ac83dc599647f1e430d"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame E86E 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 0E89 		625 B
727 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
d1eae272720bdd83c1db20f05dcb6ec9c9d7041c950b9d076df302c48f93e560

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
625
content-type
text/html
date
Sat, 24 Sep 2022 22:18:08 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B8C4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3750e49418f24d2be3054cd9687da2f79a6737d0f2b01b034a162d2a2068faa4

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74fee4eae886aaf0-SYD
content-encoding
br
content-type
text/html
date
Sat, 24 Sep 2022 22:18:08 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZq5cyuPH1rSkXdtjtGFa1GbFfKcpbRT6XrQaqtyVuGPy6YL1p2n5KMA2freEd%2FevDOJjVUri0Znja%2FuaqktJAMpCe37R%2BVo3P5XSvSgU4wuVUf3kdNJqVsm6e7hI9vpBlvYFWjj0uyMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7A71
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Sep 2022 22:18:09 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 24 Sep 2022 22:18:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame 6049
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8GH3JQI-1P-8BEJ&gdpr=0&us_privacy=1YN-
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8GH3JQI-1P-8BEJ&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
3.230.47.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:09 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8GH3JQI-1P-8BEJ&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5338544317242805217
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5338544317242805217
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:08 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e6b188cc-3cb8-4d9d-93dd-6c4e449e96e3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=5338544317242805217
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FXzaCRZHECsDJOjCTOqQnMka
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FXzaCRZHECsDJOjCTOqQnMka
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FXzaCRZHECsDJOjCTOqQnMka
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FXzaELZHTgZ9pCxOTaetLQBd
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FXzaELZHTgZ9pCxOTaetLQBd
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 24 Sep 2022 22:18:08 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FXzaELZHTgZ9pCxOTaetLQBd
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=5d554f15-1dd0-4fa9-a9a9-e6a17fe0c12d
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=5d554f15-1dd0-4fa9-a9a9-e6a17fe0c12d
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=5d554f15-1dd0-4fa9-a9a9-e6a17fe0c12d
Date
Sat, 24 Sep 2022 22:18:09 GMT
Connection
keep-alive
Content-Length
119
Vary
Origin
Content-Type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1664057888592
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4648303109
  • https://sync.1rx.io/usersync/tradedesk/eb916940-6383-4e8a-baaa-aa12955c5102
  • https://sync.targeting.unrulymedia.com/csync/RX-11fefaa0-4627-490a-a3c6-1c976b871567-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-11fefaa0-4627-490a-a3c6-1c976b871567-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
date
Sat, 24 Sep 2022 22:18:09 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX11fefaa04627490aa3c61c976b871567004
content-type
text/html
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1974054389828404610
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1974054389828404610
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1974054389828404610
Date
Sat, 24 Sep 2022 22:18:08 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=af867dcb-92a5-4909-9073-a9934b9d971c
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=af867dcb-92a5-4909-9073-a9934b9d971c
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-13
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=af867dcb-92a5-4909-9073-a9934b9d971c
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 6049
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F2725%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D1e59f85e-26b7-4209-a993-edd116073ba5%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F2725%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D1e59f85e-26b7-4209-a993-edd116073ba5%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A
date
Sat, 24 Sep 2022 22:18:08 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner=adaptmx
ssp.disqus.com/ Frame 6049
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1lZGI2NzI4MC0yNjU0LTMyMzctYmVkYi1iNjNmMzdmNT...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=94f46a18-f30e-4e71-96e7-985d82a16989&r=Cid1YS1lZGI2NzI4MC0yNjU0LTMyMzctYmVkYi1iNjNmMzdmNTEwMmMqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0Ni...
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1lZGI2NzI4MC0yNjU0LTMyMzctYmVkYi1iNjNmMzdmNTEwMmMqU2h0dHBzOi8vYWRz...
  • https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3651%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D1e59f85e-26b7-4209-a99...
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3651%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFsWkdJMk56STRNQzB5TmpVMExUTXlNemN0WW1Wa1lpMWlOak5tTXpkbU5URXdNbU1xVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFpXUmlOamN5T0RBdE1qWTFOQzB6TWpNM0xXSmxaR0l0WWpZelpqTTNaalV4TURKak1nSVNCamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.227.131.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
content-length
0

Redirect headers

location
https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3651%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFsWkdJMk56STRNQzB5TmpVMExUTXlNemN0WW1Wa1lpMWlOak5tTXpkbU5URXdNbU1xVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFpXUmlOamN5T0RBdE1qWTFOQzB6TWpNM0xXSmxaR0l0WWpZelpqTTNaalV4TURKak1nSVNCamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
date
Sat, 24 Sep 2022 22:18:09 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 6049
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-hO6fP39E2uF8aUqdXPW_ax6bE9o17C46T0CvaD8-~A
date
Sat, 24 Sep 2022 22:18:08 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
gum.criteo.com/ Frame 2426 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
285704
strict-transport-security
max-age=31536000; preload;
expires
60
usync.html
eus.rubiconproject.com/ Frame 64BF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Sep 2022 22:18:09 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 24 Sep 2022 22:18:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame D8F6
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Drkt%26refUrl%3D%26vid%3D405788811530705948768238720...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=rkt&refUrl=&vid=40578881153070594876823872000V10&ovsid=1974054389828404608
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=rkt&refUrl=&vid=40578881153070594876823872000V10&ovsid=1974054389828404608
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sat, 24 Sep 2022 22:18:09 GMT
expires
Sat, 24 Sep 2022 22:18:09 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sat, 24 Sep 2022 22:18:08 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=rkt&refUrl=&vid=40578881153070594876823872000V10&ovsid=1974054389828404608
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1169 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dpba%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.108.195 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=78415
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 24 Sep 2022 22:18:09 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 25 Sep 2022 20:05:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 2426
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dapx%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3070594876823872000V10&type=apx&refUrl=&vid=40578881153070594876823872000V10&ovsid=5338544317242805217
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3070594876823872000V10&type=apx&refUrl=&vid=40578881153070594876823872000V10&ovsid=5338544317242805217
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 24 Sep 2022 22:18:08 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 24 Sep 2022 22:18:08 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:08 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6a267d12-1a5e-459b-b659-6fc87fdba158
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3070594876823872000V10&type=apx&refUrl=&vid=40578881153070594876823872000V10&ovsid=5338544317242805217
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 2426
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3070594876823872...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=opx&refUrl=&vid=40578881153070594876823872000V10&ovsid=360bfc80-e1a8-4382-b544-b1f78047c30c
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=opx&refUrl=&vid=40578881153070594876823872000V10&ovsid=360bfc80-e1a8-4382-b544-b1f78047c30c
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 24 Sep 2022 22:18:08 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Sat, 24 Sep 2022 22:18:08 GMT

Redirect headers

date
Sat, 24 Sep 2022 22:18:08 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3070594876823872000V10&type=opx&refUrl=&vid=40578881153070594876823872000V10&ovsid=360bfc80-e1a8-4382-b544-b1f78047c30c
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sync
ads.servenobid.com/ Frame 2426
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dr1%26refUrl%3D%26vid%3D40578881153070594876...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dr1%26refUrl%3D%26vid%3D40578881153070...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5641728533
  • https://sync.1rx.io/usersync/tradedesk/eb916940-6383-4e8a-baaa-aa12955c5102
  • https://sync.targeting.unrulymedia.com/csync/RX-11fefaa0-4627-490a-a3c6-1c976b871567-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-11fefaa0-4627-490a-a3c6-1c976b871567-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
date
Sat, 24 Sep 2022 22:18:09 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX11fefaa04627490aa3c61c976b871567004
content-type
text/html
cksync
cs.media.net/ Frame 2426
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA3MDU5NDg3NjgyMzg3MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEPNQriZbHlTweqTycRUpUPA&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEPNQriZbHlTweqTycRUpUPA&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 24 Sep 2022 22:18:08 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEPNQriZbHlTweqTycRUpUPA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 2426
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Ddxu%26refUrl%3D%26vid%3D40578881153070594876823...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Ddxu%26refUrl%3D%26vid%3D40578881153070594...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3070594876823872000V10&type=dxu&refUrl=&vid=40578881153070594876823872000V10&ovsid=PjTCLJNF1OCdtm5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3070594876823872000V10&type=dxu&refUrl=&vid=40578881153070594876823872000V10&ovsid=PjTCLJNF1OCdtm5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 24 Sep 2022 22:18:09 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 24 Sep 2022 22:18:09 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:08 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0c66a101650797f5a@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3070594876823872000V10&type=dxu&refUrl=&vid=40578881153070594876823872000V10&ovsid=PjTCLJNF1OCdtm5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 2426 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:07 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
150092
content-type
image/gif
expires
Sat, 24 Sep 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame 2426
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525475281123400026&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525475281123400026&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=97331c6c-1f74-452e-9cac-f074b3638d4e&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525475281123400026&ssp=medianet&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=231943304284012347780&ssp=medianet&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525475281123400026&ssp=medianet&gdpr=0&gdpr_consent=
0
0
cksync.php
contextual.media.net/ Frame 2426
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Dzem%26refUrl%3D%26vid%3D40578881153070594876823872...
  • https://stags.bluekai.com/site/23178?id=zAF_d51qukHjywHPMLwT&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPL2IFDF6ZBVGFYXK22INJ4XOSCQJVGHO...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=zAF_d51qukHjywHPMLwT&refUrl=&type=zem&vid=40578881153070594876823872000V10&vsid=3070594876823872000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=zAF_d51qukHjywHPMLwT&refUrl=&type=zem&vid=40578881153070594876823872000V10&vsid=3070594876823872000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 24 Sep 2022 22:18:10 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 24 Sep 2022 22:18:10 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=zAF_d51qukHjywHPMLwT&refUrl=&type=zem&vid=40578881153070594876823872000V10&vsid=3070594876823872000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 2426
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3070594876823872000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3070594876823872000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=b19b4510-7472-4a62-9ad1-3f257b6cbfb2&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=b19b4510-7472-4a62-9ad1-3f257b6cbfb2&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 24 Sep 2022 22:18:10 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 24 Sep 2022 22:18:10 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=b19b4510-7472-4a62-9ad1-3f257b6cbfb2&cs=1
Date
Sat, 24 Sep 2022 22:18:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 2426 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3070594876823872000V10%26type%3Demx%26refUrl%3D%26vid%3D40578881153070594876823872000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.195.161 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 2426
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eb916940-6383-4e8a-baaa-aa12955c5102
45 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eb916940-6383-4e8a-baaa-aa12955c5102
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 24 Sep 2022 22:18:08 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eb916940-6383-4e8a-baaa-aa12955c5102
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
mr_t1c.png
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/mr_t1c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
104e5578719bc85edee4970b07d8b75542553054a978218bf8c2a3772853f2c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:52 GMT
x-content-type-options
nosniff
age
531856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1651
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:52 GMT
mr_t2.png
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/mr_t2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
d97e298a44dea6707737d6dae6f622863e8d27c3714eddee1491531794837130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:52 GMT
x-content-type-options
nosniff
age
531856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3931
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:52 GMT
sync
ads.servenobid.com/ Frame 0E89 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3580251383597455911&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 0E89
Redirect Chain
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=4d423f7b-7a7b-4413-8c59-7e445273360e
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=4d423f7b-7a7b-4413-8c59-7e445273360e
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=4d423f7b-7a7b-4413-8c59-7e445273360e
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
264.gif
id5-sync.com/k/ Frame 0E89
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMO91hTwJYQg1Vq23oPxLoBFnkQhEIzOp0keCzQ7Q&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=3580251383597455911&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/7/3.gif?puid=5338544317242805217&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO91hTwJYQg1Vq23oPxLoBFnkQhEIzOp0keCzQ7Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/102/3/6/4.gif?puid=46fd632f-8221-4500-a339-f954cb2ea90e&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=eb916940-6383-4e8a-baaa-aa12955c5102&ttl=%%TTL%%
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 0E89
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f4f3a4f2-a791-4f87-b139-35007e64bbf1&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f4f3a4f2-a791-4f87-b139-35007e64bbf1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f4f3a4f2-a791-4f87-b139-35007e64bbf1&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1044876
content-length
0
expires
Sat, 24 Sep 2022 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 0E89
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=38e99ae3-468e-4a79-9709-096be10f8812&gdpr=0&gdpr_consent=
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=38e99ae3-468e-4a79-9709-096be10f8812&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=38e99ae3-468e-4a79-9709-096be10f8812&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame 74CC 		2 KB
909 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f4503164ef5656fb17c24fd0e4ab285e6ea619f317712c5a78478fa2033b85a9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74fee4eb18a5aaf0-SYD
content-encoding
br
content-type
text/html
date
Sat, 24 Sep 2022 22:18:08 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPLkgZ%2Fcds%2FBBAL%2Bzhx%2F5AqtZSXJ34Jlba55ePrtDgaSKOqTORD1hMvg0mbI1jGxm7MJfg%2B2YDBjo3UnvGGJWY18a0eItjBHV2eDy8w8yUpl9NErmqerimCs7KEhW8zZ18dAoFnjGHQjlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 29B4 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:08 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
95d37f4a-49cb-40d4-9225-2dd3e6e3034f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5E3B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
URL: https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.61 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
283312
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 7c67d002cb723179087e7a16d8fc7bae.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P2
content-type
application/javascript
x-amz-cf-id
xl5hvHix16qTYRo8vrVEVHm6aGWdroFOvmXPDMNnOhoI3ffWgtGgCw==
mon
pixel.adsafeprotected.com/ Frame D306 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=923402&advId=6786803&campId=28582653&pubId=7010008&chanId=177932324&placementId=346150698&adsafe_par&bidurl=&bidPr=&uId=AMsySZYLwZFM7RwVftIU2OO1nXZ6&impId=&adsafe_url=https%3A%2F%2Fwww.bg3.co%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e1c350b4-1452-d05b-9002-9ede2dbd5055,c:paMGPd,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5b8fc68f79-jfrl7,rg:sg,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1711,mot:0,app:0,maw:0,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1743,oid:c396b079-3c56-11ed-ac8c-0a3928384dac,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.146.150 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-146-150.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMGPL,pingTime:-3,time:1776,type:v,im:%7BpBlk:1759%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:1742%7D,%7Bpiv:0,vs:o,r:l,t:1775%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1776,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMGPW,pingTime:-6,time:1787,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1787,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744%7D&tpiLookup=ao:www.bg3.co*&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMGQ6,pingTime:0,time:1797,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:1742%7D,%7Bpiv:0,vs:o,r:l,t:1775%7D,%7Bpiv:100,vs:i,r:,t:1797%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1797,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~300.250%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMGQ8,pingTime:-2,time:1799,type:a,im:%7Bpom:1,prf:%7BbeA:2420,beZ:2421,mfA:4131,cmA:4132,inA:4132,inZ:4136,prA:4136,prZ:4156,si:4162,poA:4163,bl:4178,poZ:4178,cmZ:4178,mfZ:4178,loA:4206,loZ:4209,ltA:4218,ltZ:4218,mdA:2422,mdZ:4115%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:1742%7D,%7Bpiv:0,vs:o,r:l,t:1775%7D,%7Bpiv:100,vs:i,r:,t:1797%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2,o:1797,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~300.250%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744,sinceFw:55,readyFired:true%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
mr_t3.png
s0.2mdn.net/sadbundle/4627767823043510726/ Frame ADCE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4627767823043510726/mr_t3.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
7b6374f15d38fbbda5ba7ac5c77b61ca177f68ee87e84f8116af5ea0adda7b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4627767823043510726/PO_BrandCampaign_728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:33:52 GMT
x-content-type-options
nosniff
age
531856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3856
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 03:12:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:33:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7A20 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=4150507189820689&bg=!2dql2p7NAAYIxsuQKMY7ACkAdvg8WjI6LVefIkgHvtMzAiARkmpSu04oXkvuBwHCBwu0aD0qwgNEtAIAAAC9UgAAAAJoAQcKAI2nUm6XQdVLHZHR9-LMI_fa9kJdCM_1kKppKvVMC8zhmYpEQ1gc1QXWxFhb1W6FsYYo2YKsKqeHkxtL9ZCLxKcVZ0-sfOv72ySFX3WtE0qlhF0YRZ5ZdJ3aWAXCzTfkpofOhCGICzreTkdu_PtH-tnkqSdZu54FbXiFzGXQKzDfSuPph2cLbqAiLjEk3ICZArm8hdokrw8X4KHgT3KrRNDcUnaTCutHDNjho2rOQY7wQGo6D1PH_illDtxsD4DLkgK2DgYyG2lrfcHdevLlxGQL9PBaafi1tfj-YLANr7cpCIDZkZMocL6W402QiXuPyPkjAVuYiFf4HPrz_ZhPWPWnESUw4rtrWW4JRcBMkP6s2fZsgP4xADm1hdBuzN2dTPWaNWCebSHAtTzK8wsB46GNB-pPU66kGCVLiq0lIhNiZ_ddS8hEOiRosduQPsfeSYTTBYjoX5Up9rFVlXZ3hwKyZJqFC22rf_UoKr9lVO1YtOzyrstOrpNk1KJK7rRNwVcxV4fBDQ0XoMS2luuKpm919WxiFBfEGVBptNDwsjU8f5ZMdPrmxJRahPJN7hbEr02puMwBiVUGeCvulvaQS4hDvZH3rmoPDICGBo1BuKlfjvmo2NBZEe5U-iWflBcciPA36tjX6Ccd3xPqsXvVhKzufDqT96ad_DM1JoXt9_wbf-4RIW-EruxyoxwBse6yPFp0YePJ4CwpLo9QT-yhU9vsPToc7C1VcFt27mTLGN0IIPdp-vV1wO05NFXycHva1v03Iwfnn1IwelCBw-eF3A7IUnamNGcU6IEeA_JLLLMIBoUCwtebip5-dbbYztj5dYFohOYTWO1SsM_zEO3-sExSHt2lXtxUrtzI1CHUeCaxsJ6ijPIt7FDpG3s7O5ZrLZrzPQs8l_BG-S6ppvlzcoUYXOHMlg0rzMMs_CBWT716AFBtS-G4m-50gb8uB7Vncueip8Qf5-PDYnA6hk6vATQF5U9r-yEkOC4SvSttZRa8JkGYdCRAjLKVD4Tu4bAgUaGo9CezZD2yah2cj88K6qBKxTI77AhFPo8DMFpCnkOKXL5o6lu6PidED_1K_1m1ir5PFYvFaIeSbZrm6gomAJO4YKZ17o4d1JRw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame D306 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMGR7,time:1860,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:64,o:1797,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~300.250%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B64~100%5D,as:%5B64~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame D7B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=1514276030893664&bg=!t7SltPDNAAYIxsuQKMY7ACkAdvg8WuIUpOTs3V9ako7V4uqNZuZUdUi8OzW23zAIjybV5LU_S2KGtQIAAADHUgAAAAJoAQcKABUiO1-dVuK16Oc0dk2_uRpG8ZZji9KZAsQ0yQvyUSHLHILtsTnQqYpzAHPUQcIKLvslquOZ9UNTfBjHYlosz7nT88ob_NdKPkm4Dk08s-cD0P6iA65gu0Ge0sotMGCU6oTClJ_ioaTCxMW5zM7TPuQG1Nip7D6QnLXhvvUQBTSm_2etgRmZUFV4aJmxA30rDxXqOEBc_B0MtvkFUoQHWe8y38gBcycJXKdOPcSCEMSvQEfiIA9XtNeeLgUiRy2FwLJAtR6WhwpgRmkh8Cv9BUVUW2bkp3SQNoQDnBRYeHtAcTocw_DM-F-rM4whmamhozMQuJvGExh7_1Kj2yQz4rseptrWObG0s1eAJdjSKtlJ9eC0JsCS5Nl_3CTW1YWCiITGPbFjdH7rRQKq707aCHfOwfoM1YSKUd-zit7WCqv-7wz7TnbRxY5aQVI_X-WRosypNnb0MF16LT8V3gUci7kyQSXxdZYm3Vn8rG4yVAULqCVrlwAEm-3gU995OG-iwYSXcH1jUTXYS2HvwUg1UpfI4aooTnZrgalNvbQdu14PdnrB1fZeWCryiqh0IcreuP0twUgePVtjAAuB65lD53fEKBQX4s9t0u2ERqIoC-bz3Yd0h4qahO8TwTiJZf5sx4BosYM4DrOy_2HG7b1wj44g9jX1xubG0um6nCUX8lsGEWqmLRak4DH4zppurvUiKMno3kN3fnb77p9eChDuIUHd3QWaIo-yupaRMRrjo4t3uF98mayxtaVZy32pWWZJN68dMeThT7zQfJBIxc4UXW33M7toNObLg7WWrwhpvnRqEjXL1tUzQnVW2jQAQzXh7R14LRy_fh6awguCc5YRVEvBruax_yIWAbILIegT6flHyddaWmCOD167T4HTPSrsm4Zi9y2d7XIjsfIJ_zekYxdep-6ENlS75VgQtJ-G9jjZh87yJtFghY-wdQYWrSd5CDuh5HYZgwDBnHQ3700
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame B8C4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
GPG7MJE5Q7W9NQJDQBH8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
599ZXFGBZ3SVKX3PFT8B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B8C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDOqlVWunlRYa7IeNELkCa8&google_cver=1
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDOqlVWunlRYa7IeNELkCa8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4ee6bfaaade-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRrlvWTnXFx6Anreqog8y%2BkJUNbYRuGLHWu1k6BEc2OF8swOXNQMKgL2XZPqoZ6FVo0b65PsJuaPFVk7CdtvIdyM7YH0W53XpPvGl1eFXBdGDeixOBenLQ76m0diRhHcSkUrTD0ufi3Lfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDOqlVWunlRYa7IeNELkCa8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B8C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=eb916940-6383-4e8a-baaa-aa12955c5102&expiration=1666649889&gdpr=0&gdpr_consent=
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=eb916940-6383-4e8a-baaa-aa12955c5102&expiration=1666649889&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4edadb8a89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyt4k4U5e6%2BvH9yV7eWJezLKhSFWmlNINktI9dI3Er2NIyB6fVjmwm1Tgo9AL3cO0iFAn0umFf2KBkDGqeTD4A6kF7mKfryGVluyW6okNUi0hl%2F5mIFqKgI6KcCIWCgU8WHVBB36B7%2Bxvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=eb916940-6383-4e8a-baaa-aa12955c5102&expiration=1666649889&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B8C4 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.109.4 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
user-registering
ads.stickyadstv.com/ Frame B8C4 		43 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Yy.CHKuYL2cjhEGEVD1B6AAA%264700&gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.177 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1664057889626021-85
Expires
Sat, 24 Sep 2022 22:18:09 GMT
/
csync.loopme.me/ Frame B8C4 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74fee4ee49a5a965-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crum
dsum-sec.casalemedia.com/ Frame B8C4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=46fd632f-8221-4500-a339-f954cb2ea90e
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=46fd632f-8221-4500-a339-f954cb2ea90e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4f248d1a89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pff5X0Ztm3QVXZFGCA8eTPyaLSrZL%2BmNoRop81694uxnM4fGQZE4d6GyVPJGHo06Sr7ZgXSxavVcTX9BMhR4pverTM8HfdHWWqPpRJHqh4llEKqDdsWjM8MxLINaR8lk9VE3XDVaAZGTBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Sep 2022 22:18:09 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=46fd632f-8221-4500-a339-f954cb2ea90e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Sep 2022 22:18:08 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame B8C4 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664057889.004018,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-syd10135-SYD
sync
ads.servenobid.com/ Frame B8C4 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 74CC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5338544317242805217
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5338544317242805217
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4f1a85ca89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FrwRkTIYCs4FeHemJjI468UphLVZUUOAH8uLJkGLjp6PT4QHF5kp4RVt7PpC07KV%2FKlQcHJyoHxC2h8sjQJr2kzKDxSOVZJoO5kXG5np6ovLpbv2FNJLZkf1xhTnf2pRIjIEz6Vg5BK4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0fb81b0a-7e92-4640-8fbc-59d67f62bfbb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5338544317242805217
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 74CC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.169.109.4 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Yy-CHKuYL2cjhEGEVD1B6AAAElwAAAAB
date
Sat, 24 Sep 2022 22:18:08 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 74CC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdetk7GXwQAACD8jDf7ZA&expiration=1665267490
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdetk7GXwQAACD8jDf7ZA&expiration=1665267490
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4f5caffa89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn1t2jIJ%2FaV6o%2BGSraBXvPaik%2FdIPz4vKzO7JQcm52aCa4iw6O6upNc2JK5p4%2Fs2UVe71yY4bkJGUK4uFqOVvDm%2FswulRGwDkZXAMr6izv3bgd%2FOb7YJvtzuCkvzoJ8QH4QupB61GnaI4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdetk7GXwQAACD8jDf7ZA&expiration=1665267490
Date
Sat, 24 Sep 2022 22:18:10 GMT
Server
gunicorn
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 74CC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8143086186408040920
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8143086186408040920
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4eeee8fa89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvvdLjKmARjZrQSyJfygNCSkfbYXYaRE15NEeQOdXyMth%2FjKY2sc976gATVYRMHPI7qnV1u2EX7j%2BPi48HilAdJF%2BOBLDBvBCoVxcIBtpPifylc42w7MJ%2F%2BOE7Rw0pKkRu4IoE3w5wRQnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8143086186408040920
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
csync.loopme.me/ Frame 74CC 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74fee4ee49a6a965-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rum
dsum-sec.casalemedia.com/ Frame 74CC
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=6fc3d89b-a7e7-ca15-ba211283
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=6fc3d89b-a7e7-ca15-ba211283
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4f03f78a89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOMFBfatQZC8NWRy3J652H7fkcmEaRPyVpKVAKf2QChfPN%2Bmq4adx5L2KtoiAzcnJcPHVawWIIB0qzNMZVnB%2BX%2FcL0fVVfgOi9rjxaCijGZib5RqJen1aTRrJir57bwJVSdYgtgZqR%2Flvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Sep 2022 22:18:09 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=6fc3d89b-a7e7-ca15-ba211283
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame 74CC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=2tek8ocK1OCdtn5
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=2tek8ocK1OCdtn5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4f0efdda89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ap85Wr0%2BzamQT6eRiAPvlDNrTjZxgzACZwZmRhgjSg8DBLShBxODvA72202ylk0uYoaboeisqcGO9nItBG0AnnWRRLRjOWDFygY5bxDGr3RtIqMk8SJ0DZVjpGiBfNMQlgJ%2FIRzEj62hEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-061340171d1604405@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=2tek8ocK1OCdtn5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 74CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=fCEBStbHSOpOjicQfw2tQK310S4
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=fCEBStbHSOpOjicQfw2tQK310S4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4f46a23a89b-SYD
pragma
no-cache
date
Sat, 24 Sep 2022 22:18:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BN9HeE1nBPZ08dXO7dLSyZJt5O7boFlAEdUab26C24dVQUyXUNXVuU98dKwsdyMTbH%2BiNS%2BgnPaQ3aY5oVfFV5ThJV6CKzrGGjO1RhLSL1FD53k9BU3T0ZvaMLUTiHlqBvrEGfhhIArM4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=fCEBStbHSOpOjicQfw2tQK310S4
Date
Sat, 24 Sep 2022 22:18:09 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 74CC 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yy.CHKuYL2cjhEGEVD1B6AAA%264700
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74fee4ee688fa974-SYD
date
Sat, 24 Sep 2022 22:18:09 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
12
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Sun, 25 Sep 2022 02:18:09 GMT
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5338544317242805217
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5338544317242805217
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e8d21a84-840e-4887-bed7-0ac17a87a1a2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=5338544317242805217
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame B66D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_d06cc318-feec-4de5-bcab-b911c35d2a9a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523786431629980367&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523786431629980367&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=97331c6c-1f74-452e-9cac-f074b3638d4e&ssp=gumgum2&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525475281123400026&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232743304284012347215&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525475281123400026&ssp=gumgum2&gdpr=0&gdpr_consent=
0
0
cookie-sync
sync.outbrain.com/ Frame B66D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%285FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_d06cc318-feec-4de5-bcab-b911c35d2a9a&obuid=ENC(5FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_priv...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=5FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF&uid=4e36bc18-354...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=5FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF&uid=4e36bc18-3546-449e-b564-9d348a1396fb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
38.133.127.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:11 GMT
Cache-Control
no-cache
X-TraceId
44de56335f8cc29c4e4064216d70ab83
Content-Length
0

Redirect headers

date
Sat, 24 Sep 2022 22:18:11 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=5FNWvrSg31AsZy-TrBtJZHRz_Kph8vPc6jOTt0Wwuo2Jz8eVDvuuwmiihOeODrpF&uid=4e36bc18-3546-449e-b564-9d348a1396fb
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=091a316f-62bd-4134-b170-df74faf85096
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=091a316f-62bd-4134-b170-df74faf85096
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 24 Sep 2022 22:18:08 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=091a316f-62bd-4134-b170-df74faf85096
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-91c7e8d1-d625-4240-4b50-7c3d4e43af8e$ip$173.245.209.46
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-91c7e8d1-d625-4240-4b50-7c3d4e43af8e$ip$173.245.209.46
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-91c7e8d1-d625-4240-4b50-7c3d4e43af8e$ip$173.245.209.46
Date
Sat, 24 Sep 2022 22:18:09 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-LbsUM2dE2pem5C8qvj6UfY8A06TyzTizCh4a~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-LbsUM2dE2pem5C8qvj6UfY8A06TyzTizCh4a~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 24 Sep 2022 22:18:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-LbsUM2dE2pem5C8qvj6UfY8A06TyzTizCh4a~A
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=bb63729b-bc27-45a6-b8f2-9ae02f3dd780
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=bb63729b-bc27-45a6-b8f2-9ae02f3dd780
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=bb63729b-bc27-45a6-b8f2-9ae02f3dd780
Date
Sat, 24 Sep 2022 22:18:09 GMT
X-CI-RTID
a09da409-1dea-4d42-9122-40f1bf3dd47d
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame B66D 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.41.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
153122643
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame B66D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:08 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_d06cc318-feec-4de5-bcab-b911c35d2a9a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=zAF_d51qukHjywHPMLwT&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26SBIZPWINJROF2WWSDKPF3UQUCNJR3VI...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zAF_d51qukHjywHPMLwT&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zAF_d51qukHjywHPMLwT&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zAF_d51qukHjywHPMLwT&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f274a197-dc40-40e6-ad08-673dbefe52d6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f274a197-dc40-40e6-ad08-673dbefe52d6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f274a197-dc40-40e6-ad08-673dbefe52d6
date
Sat, 24 Sep 2022 22:18:09 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4604432038
  • https://sync.1rx.io/usersync/tradedesk/eb916940-6383-4e8a-baaa-aa12955c5102
  • https://sync.targeting.unrulymedia.com/csync/RX-11fefaa0-4627-490a-a3c6-1c976b871567-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-11fefaa0-4627-490a-a3c6-1c976b871567-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-11fefaa0-4627-490a-a3c6-1c976b871567-004
date
Sat, 24 Sep 2022 22:18:09 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX11fefaa04627490aa3c61c976b871567004
content-type
text/html
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=NgQJoDSABUC4&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=NgQJoDSABUC4&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://usersync.gumgum.com/usersync?b=pln&i=NgQJoDSABUC4&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6db8fcb759-znpcr
expires
-1
usersync
usersync.gumgum.com/ Frame B66D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3580251383597455911
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3580251383597455911
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3580251383597455911
date
Sat, 24 Sep 2022 22:18:09 GMT
content-length
0
sync
ads.servenobid.com/ Frame B66D 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_d06cc318-feec-4de5-bcab-b911c35d2a9a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:09 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 84C7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=7647632f-8221-4e00-94e8-2f88844c39ab&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=7647632f-8221-4e00-94e8-2f88844c39ab&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 24 Sep 2022 22:18:10 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 24 Sep 2022 22:18:09 GMT
Expires
Sat, 24 Sep 2022 22:18:08 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master nrt-pixel-x6 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=7647632f-8221-4e00-94e8-2f88844c39ab&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 52B8 		0
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 24 Sep 2022 22:18:09 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10135-SYD
x-timer
S1664057889.004026,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame D78B 		170 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9kMDZjYzMxOC1mZWVjLTRkZTUtYmNhYi1iOTExYzM1ZDJhOWE=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 22:18:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6833 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.108.195 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=78415
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 24 Sep 2022 22:18:09 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 25 Sep 2022 20:05:04 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 3C98
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=eb916940-6383-4e8a-baaa-aa12955c5102
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=eb916940-6383-4e8a-baaa-aa12955c5102
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 24 Sep 2022 22:18:09 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sat, 24 Sep 2022 22:18:08 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=eb916940-6383-4e8a-baaa-aa12955c5102
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame 84F2 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.195.161 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 24 Sep 2022 22:18:09 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame B408
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Yy.CIMCo8YkAAEZta-AAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Yy.CIMCo8YkAAEZta-AAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 24 Sep 2022 22:18:09 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 24 Sep 2022 22:18:08 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Yy.CIMCo8YkAAEZta-AAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
34
X-SO-HostName
m-ad129.dc4p.scaleout.jp
X-SO-IP
173.245.209.46
X-SO-Key
Yy.CIMCo8YkAAEZta-AAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":34,"gdpr":false,"ipv4":"173.245.209.46","key":"Yy.CIMCo8YkAAEZta-AAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad129"}
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad129
usersync
usersync.gumgum.com/ Frame 1508
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 24 Sep 2022 22:18:10 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74fee4ee6bf8aade-SYD
content-length
0
date
Sat, 24 Sep 2022 22:18:09 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Yy.CHKuYL2cjhEGEVD1B6AAA%264700
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc%2Fv3t9WIDxDrKdRB7OsQ6j7vlqnwZFe0gd6CckAzW226WYMwc1l%2FXatlU2B7fyMbynz%2FllfdPvx8nZ8ztPk7ElSnuk6GsMkh9PNDf2M16cczKfaZBSslOTFBJ57Aq%2BWnVOgRPYmjMqY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0C7D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=zUpZWvbj86L7zsKIAhhe&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=zUpZWvbj86L7zsKIAhhe&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 24 Sep 2022 22:18:10 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 24 Sep 2022 22:18:10 GMT Sat, 24 Sep 2022 22:18:10 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=zUpZWvbj86L7zsKIAhhe&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 8378
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Sep 2022 22:18:09 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 24 Sep 2022 22:18:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 7A71 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dbc1ea09d3e196d4d5f94c3e83f266a6503cc217f154fb55ddde1ba1662e87ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19967
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9420
Expires
Sun, 25 Sep 2022 03:50:56 GMT
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMH21,pingTime:-10,time:2536,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1664057889321%7C%7C2494078a91df0fd9296a625107a64606%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cab4aa2df66f20650dd5350bbd67119be%7C%7C48bb6b01cba00483e47d531ff37cf880%7C%7Cf1d14892f3a5ab68df6aa60c0989002e%7C%7Cfe19520a560b930beca3e5717bf91f4c%7C%7Cbd44d3716cca9ddb5cc8232cbfb723f2%7C%7C1663701684%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usync.js
eus.rubiconproject.com/ Frame 64BF 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dbc1ea09d3e196d4d5f94c3e83f266a6503cc217f154fb55ddde1ba1662e87ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19967
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9420
Expires
Sun, 25 Sep 2022 03:50:56 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 639B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56990067&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
59d3b4e2fa857c6951c3ec9b3d1f91a6280ecb961d61e05025df7230c0dc0271

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 29B4 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:09 GMT
X-Proxy-Origin
173.245.209.46; 173.245.209.46; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
20a6352a-17be-4aa1-9df3-ddf25e996606
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8378 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dbc1ea09d3e196d4d5f94c3e83f266a6503cc217f154fb55ddde1ba1662e87ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Sep 2022 22:18:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19967
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9420
Expires
Sun, 25 Sep 2022 03:50:56 GMT
sync
ads.servenobid.com/ Frame 7A71
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8GH3JQI-1P-8BEJ
  • https://ads.servenobid.com/sync?pid=323&uid=L8GH3JQI-1P-8BEJ
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L8GH3JQI-1P-8BEJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.servenobid.com/sync?pid=323&uid=L8GH3JQI-1P-8BEJ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMH6j,pingTime:1,time:2802,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:1742%7D,%7Bpiv:0,vs:o,r:l,t:1775%7D,%7Bpiv:100,vs:i,r:,t:1797%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1005,o:1797,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~300.250%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:905,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744,sis:1965%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMH6k,pingTime:1,time:2803,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:1742%7D,%7Bpiv:0,vs:o,r:l,t:1775%7D,%7Bpiv:100,vs:i,r:,t:1797%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1006,o:1797,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~300.250%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:905,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744,sis:1965%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMH6k,pingTime:1,time:2803,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:1742%7D,%7Bpiv:0,vs:o,r:l,t:1775%7D,%7Bpiv:100,vs:i,r:,t:1797%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1006,o:1797,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~300.250%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:905,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744,sis:1965,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D306 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=923402&asId=e1c350b4-1452-d05b-9002-9ede2dbd5055&tv=%7Bc:paMH6k,pingTime:1,time:2804,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:1742%7D,%7Bpiv:0,vs:o,r:l,t:1775%7D,%7Bpiv:100,vs:i,r:,t:1797%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1007,o:1797,n:1775,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1742,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:1775,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~300.250%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:905,fm:tiopj9f+11111%7C11112%7C11113%7C11114%7C1112%7C1113%7C112%7C113%7C1211%7C122%7C131%7C132%7C141%7C142%7C15%7C16*.923402%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1744,sis:1965,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.10.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
cksync.php
contextual.media.net/ Frame 64BF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8GH3JQI-1P-8BEJ
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8GH3JQI-1P-8BEJ
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8GH3JQI-1P-8BEJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.193.108.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 24 Sep 2022 22:18:10 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 24 Sep 2022 22:18:10 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8GH3JQI-1P-8BEJ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
usersync
usersync.gumgum.com/ Frame 8378
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L8GH3JQI-1P-8BEJ
  • https://usersync.gumgum.com/usersync?b=mag&i=L8GH3JQI-1P-8BEJ
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L8GH3JQI-1P-8BEJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Sep 2022 22:18:10 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L8GH3JQI-1P-8BEJ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9l0&_p=9665&cid=216763939.1664057884&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664057884&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&dt=%E6%B5%99%E6%B1%9F%E6%9D%AD%E5%B7%9E%E8%95%AD%E5%B1%B1%E5%9C%8B%E9%9A%9B%E6%A9%9F%E5%A0%B4%E4%B8%89%E6%9C%9F%E9%A0%85%E7%9B%AE%E6%AD%A3%E5%BC%8F%E6%8A%95%E9%81%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 1C45
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=9313C267-A883-41BF-9ACB-A9029A8786C9
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9313C267-A883-41BF-9ACB-A9029A8786C9
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9313C267-A883-41BF-9ACB-A9029A8786C9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 24 Sep 2022 22:18:11 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 24 Sep 2022 22:18:11 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9313C267-A883-41BF-9ACB-A9029A8786C9
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 990B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:46fd632f-8221-4500-a339-f954cb2ea90e&gdpr=0&gdpr_consent=
42 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:46fd632f-8221-4500-a339-f954cb2ea90e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Sep 2022 22:18:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 24 Sep 2022 22:18:10 GMT
Expires
Sat, 24 Sep 2022 22:18:09 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master nrt-pixel-x9 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:46fd632f-8221-4500-a339-f954cb2ea90e&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 3883 		0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 24 Sep 2022 22:18:10 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10135-SYD
x-timer
S1664057890.304335,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame 645A
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cCTQpeAjBWmhGlTDIoIvYw
42 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cCTQpeAjBWmhGlTDIoIvYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Sep 2022 22:18:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 24 Sep 2022 22:18:10 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cCTQpeAjBWmhGlTDIoIvYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
setuid
x.yieldlift.com/ Frame 9AE2 		0
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=9313C267-A883-41BF-9ACB-A9029A8786C9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.47.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 24 Sep 2022 22:18:10 GMT
Vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 639B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kxPCZ6iDQb-ay6kCmoeGyQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
23.193.108.195 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=78414
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sun, 25 Sep 2022 20:05:04 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ddp
pippio.com/api/sync/ Frame 639B
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=9313C267-A883-41BF-9ACB-A9029A8786C9
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDkzMTNDMjY3LUE4ODMtNDFCRi05QUNCLUE5MDI5QTg3ODZDORAAGg0IooS-mQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=de76e69daa8158d882ebe779573f4a35e010762ed0fe45094eda2fda84442875791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkZTc2ZTY5ZGFhODE1OGQ4ODJlYmU3Nzk1NzNmNGEzNWUwMTA3NjJlZDBmZTQ1MDk0ZWRhMmZkYTg0NDQyODc1NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkZTc2ZTY5ZGFhODE1OGQ4ODJlYmU3Nzk1NzNmNGEzNWUwMTA3NjJlZDBmZTQ1MDk0ZWRhMmZkYTg0NDQyODc1NzkxNDI2YjU0MTdkY2UyMRAAGgwIo4S-mQYSBAgCEABCAEoA&goog...
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 639B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=46fd632f-8221-4500-a339-f954cb2ea90e
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=46fd632f-8221-4500-a339-f954cb2ea90e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 24 Sep 2022 22:18:10 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=46fd632f-8221-4500-a339-f954cb2ea90e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Sep 2022 22:18:09 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 639B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBYPCf8sKHp4YzIhMG5GCvg&google_cver=1
42 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBYPCf8sKHp4YzIhMG5GCvg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBYPCf8sKHp4YzIhMG5GCvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 639B
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE8D5B091D614E7BB25A31D7D38CD4DA
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE8D5B091D614E7BB25A31D7D38CD4DA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 24 Sep 2022 22:18:10 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CE8D5B091D614E7BB25A31D7D38CD4DA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Sep 2022 22:18:10 GMT
9313C267-A883-41BF-9ACB-A9029A8786C9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 639B 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9313C267-A883-41BF-9ACB-A9029A8786C9?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.109.4 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 639B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=eb916940-6383-4e8a-baaa-aa12955c5102
42 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=eb916940-6383-4e8a-baaa-aa12955c5102
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=eb916940-6383-4e8a-baaa-aa12955c5102
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
sync
x.bidswitch.net/ Frame 639B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=9b296ec1-65fa-4412-85e2-498cab6c5e5c&expires=1&user_group=5&ssp=pubmatic&bsw_param=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 639B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9313C267-A883-41BF-9ACB-A9029A8786C9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oU0lHAVE2uWq_KO0sJTg6Ac7wPvfq3Q-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oU0lHAVE2uWq_KO0sJTg6Ac7wPvfq3Q-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oU0lHAVE2uWq_KO0sJTg6Ac7wPvfq3Q-~A&gdpr=0&gdpr_consent=
date
Sat, 24 Sep 2022 22:18:10 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 639B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_uvYzPDq28jl64_O_OnHzq68jMnl6Y_I_L7xAEac
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_uvYzPDq28jl64_O_OnHzq68jMnl6Y_I_L7xAEac
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 22:18:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 22:18:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_uvYzPDq28jl64_O_OnHzq68jMnl6Y_I_L7xAEac
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
all
csm.as.criteo.net/ Frame 9C4E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=IxtB2kKZyxG_Xkpz_zQJOUuNLIMrF7dSAbNJAHQvkEbVSwqDLhpRV5rDXvmZBL65pYIdnCyMgFsR9ejS5_OsVCkZr3WOoSago8NMb93v9AGtNPy-SaZrztASyt1TAPP32Yi5BxcBAHifp9Kqq40q-JHvCT8BI1PqzmFqCnMMGjKw3na5Bh8UnrLmG2MFBbyCv3kqbNuXOR2ptpZoGIcLed4D0024Oc20AHXW3QFN0LSMAjaN_8B7qgliTj53z_TcHlHBNA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Yy-CGgABI30KcJCTAAdKKo6nicNu7rMK1GoIhA&u=%7CGMb1U%2Bt0D%2Fl89s8kVg36Zn2%2BeAv9tZY2mA9kIbRBnXg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQuVyK9TQ79aT0lAALvXYaMylqZ1-ZoYoB3jQ2tSN-KPaZNI1XDEAgCLCJMHv3SyfmuvJJS5QLA_91iCRKdKUAROVMP_ZVeDsXtvfyVmzn5OU-PigxIbT9pCE3TfCEtYa_aAeF-EGeJ9IA5RR4xNC9-HmvzUYTXgTEPF3FrLuhQUyW4dRr-QhUgEyWDYNZSay3OYEEYVM4gMlJbGwok4jt7S9OLu05BB9JoTnfPd_5KEFVjS_gtA_-8lJJ-N4M7-XDFk1aRWGScqoJ4L418O1Y7VouV4XG7LsxaN6OQyKUi18yYF7fFrKzSz_SHqU-MErtgkL_s5s4FaZzPwaKzqG3BWeZzwuALDn5Aq6Z4vZBnbPRaLUR8oDRloqJnLei9ColjC5ZUNI2o6hfHBa4Fo3E0cMcMbKo4JvUZmXrfSsFQ2VFiJGi8kDqObqoH4FPfo3srKAXKB1B0uMzFPs8bWqq9PhSKjFBcAGucGTjgCzCpUrhIEgJta3C2BiLAzz8D8YkvPaKJ8tKuVQ4m8osEKDwRNNX9Ai_ysaOkJNPLKCQ1acxXlaPazbJq6K_HTyqgUwyp1FaDGiqhpHHq7TQB1RbVMpTjgxGy5okV0aAecwcAYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDh4PGoIvY_3GBJOhwgOqlJ2wD5j80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAbbZo9ADyAEJqQLKyVeeMOelPqgDAaoErQJP0FHoK7z5w2mZvYyWVbOzwwEmN1h_2OolWSv82McJOWI8Xfs9TO7imtZL2d3B-GXzVcAbJNdf2C8QBgx88B6D0ZhvInrZCrpDtC7yEjq4txsV3F_L9OgihfDqvkI2jibQJeLwcjLhZ2iX7Az-OvwGr5BBiJs09LLKisKiar_RN51mBAeMkhbGmkCMCT6Tt9JUdgr7WEllA2KwQzJWlFET6jwvxBM59K1ZIFhyH6S6rzHzxqLLSipbFQ5Xi7AHLRPzR9IP_EI3pHCOtnw8opsvgAPVOFPjuCLksdWUZvd-acJ3yn_zOZefBvpHxmmdaoag99vhv91Vhx9QVOPc8XnT3ki5WkszsV3eHPwQj6uEcAZrK7E6uIbCentvrzmwYTGqaT0eo-2KPi-tvdqcgAbf0KCx7Yiqx0-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0UMqV6GhXECOT5a23Lf_omHKsGnw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Sep 2022 22:18:11 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=4103336389;
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1919223098;
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10525475281123400026&ssp=medianet&gdpr=0&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/k/264.gif?puid=eb916940-6383-4e8a-baaa-aa12955c5102&ttl=%%TTL%%
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10525475281123400026&ssp=gumgum2&gdpr=0&gdpr_consent=
Domain
pippio.com
URL
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkZTc2ZTY5ZGFhODE1OGQ4ODJlYmU3Nzk1NzNmNGEzNWUwMTA3NjJlZDBmZTQ1MDk0ZWRhMmZkYTg0NDQyODc1NzkxNDI2YjU0MTdkY2UyMRAAGgwIo4S-mQYSBAgCEABCAEoA&google_gid=CAESEKCxJH45hyb_TG5qbWjJPaY&google_cver=1
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=283&user_id=9b296ec1-65fa-4412-85e2-498cab6c5e5c&expires=1&user_group=5&ssp=pubmatic&bsw_param=3af011a5-c3f5-4e9a-ad18-a3557e11dd6b

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString object| adRecover number| ampAdSlotIdCounter undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter function| jqAlias object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing boolean| noPreviewPage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

59 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQjJXRjLcwCgoIgQIQjJXRjLcwCgoI4gEQjJXRjLcwCgoI5gEQjJXRjLcwCgoIhwIQjJXRjLcwCgkICRCMldGMtzAKCQg6EIyV0Yy3MAoJCAsQjJXRjLcwCgoIjAIQjJXRjLcwCgkIXxCMldGMtzA=
.aralego.com/ Name: sspid
Value: a9857720-6378-3333-8799-ea48415a0545
www.bg3.co/ Name: __AP_SESSION__
Value: 838ad8fe-3c81-4af8-8b26-b47100400a07
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: c07fac00-3c56-11ed-829d-000d3aa18564
.adpushup.com/ Name: ap_usid
Value: c07fac01-3c56-11ed-829d-000d3aa18564
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 2d8baa46-e32f-4695-8cdd-0771568f622d
.openx.net/ Name: i
Value: 2d8baa46-e32f-4695-8cdd-0771568f622d|1664057882
.bg3.co/ Name: __gpi
Value: UID=000009dc5d47fed3:T=1664057882:RT=1664057882:S=ALNI_MbR8Wc6AAqFlRkj5tg0jMkOCLF_gQ
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwmoS-mQY4AUABSAEQmoS-mQYYAA..
.adnxs.com/ Name: uuid2
Value: 5338544317242805217
.rubiconproject.com/ Name: khaos
Value: L8GH3JQI-1P-8BEJ
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIgRZs+Zm1soLUyebV3a1st9AJmMJqltf2hNjO9mFiOIy5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.omnitagjs.com/ Name: ayl_visitor
Value: d15de92e390a70387c6219a3fad996cd
.prebid.a-mo.net/ Name: __amc
Value: 1_1664057882_1664057882
.a-mo.net/ Name: amuid2
Value: 1e59f85e-26b7-4209-a993-edd116073ba5
.prebid.a-mo.net/ Name: sd_amuid2
Value: 1e59f85e-26b7-4209-a993-edd116073ba5
.doubleclick.net/ Name: IDE
Value: AHWqTUn0InbVzj-9sSjzydQkz2e1s5RE8pxa-YCZAQcY3vSFMkT1ICYcrCF11cS-Z_c
www.bg3.co/ Name: qcSxc
Value: 1664057883155
.quantserve.com/ Name: mc
Value: 632f821b-3ed41-dfdfc-1eb4f
.bg3.co/ Name: __qca
Value: P0-1001619683-1664057883151
.teads.tv/ Name: tt_viewer
Value: 53489db5-c151-4392-8c4c-7311036ba1d5
.bg3.co/ Name: __gads
Value: ID=1f8db0321a0a3203:T=1664057882:S=ALNI_Ma-CZK-pDmSPmIEWFR6x7kCkv22aw
.casalemedia.com/ Name: CMID
Value: Yy.CHKuYL2cjhEGEVD1B6AAA
.casalemedia.com/ Name: CMPS
Value: 4700
.casalemedia.com/ Name: CMPRO
Value: 4700
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1664057884.1.0.1664057884.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.216763939.1664057884
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GUho6O's!@wnfH8K6pQK`!5=E<*L5?%K9i)*Y@2$cFNideCAkCwE20siD!@JFckc9wiQ%nugO%v4VB%nn%V)u<Sx
.yieldmo.com/ Name: yieldmo_id
Value: gf52f500fb8fcf9d1e02%7C1664057885401%7C0%7C
.fout.jp/ Name: uid
Value: rGZuaveNGGamCKelCdx4a2i7570
.smartadserver.com/ Name: pid
Value: 3580251383597455911
.adsrvr.org/ Name: TDID
Value: eb916940-6383-4e8a-baaa-aa12955c5102
.ad-m.asia/ Name: uid
Value: BspbVFmJEc
.yandex.ru/ Name: yuidss
Value: 3300214551664057885
.yandex.ru/ Name: yandexuid
Value: 3300214551664057885
.simpli.fi/ Name: suid
Value: CE8D5B091D614E7BB25A31D7D38CD4DA
.tribalfusion.com/ Name: ANON_ID
Value: ajnseFOleq8PZabprMjqijy8pnATJLWhm5wZcDMh2FV5SQbNY86gph0L9kJ1x44gJr4s3BZaGSYZd7QfFQoj1wQs
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22eb916940-6383-4e8a-baaa-aa12955c5102%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-24T22%3A18%3A07%22%7D
.openx.net/ Name: pd
Value: v2|1664057886|jElYiuvOiahI
.3lift.com/ Name: tluid
Value: 3425094070205862277336
.zemanta.com/ Name: zuid
Value: zAF_d51qukHjywHPMLwT
.openx.net/ Name: univ_id
Value: 537072971|eb916940-6383-4e8a-baaa-aa12955c5102|1664057887196812
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjFlNTlmODVlLTI2YjctNDIwOS1hOTkzLWVkZDExNjA3M2JhNSIsImV4cGlyZXMiOiIyMDIyLTEwLTA4VDIyOjE4OjA3LjU5NTM2OTk1NVoifSwicnViaWNvbiI6eyJ1aWQiOiJMOEdIM0pRSS0xUC04QkVKIiwiZXhwaXJlcyI6IjIwMjItMTAtMDhUMjI6MTg6MDcuNTk0Mjk1NjI0WiJ9fSwiYmRheSI6IjIwMjItMDktMjRUMjI6MTg6MDcuNTk0Mjk0NDM3WiJ9
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIypf9_5WhjzsQBRIWCgdzdng5dDUwEgsIiruvjJahjzsQBRgBIAEoAjILCIqzsrmsoY87EAU4AVoHc3Z4OXQ1MGAC
.a-mx.com/ Name: amuid2
Value: 1e59f85e-26b7-4209-a993-edd116073ba5
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY0MDU3ODg3fQ
.turn.com/ Name: uid
Value: 8143086186408040920
.casalemedia.com/ Name: CMTS
Value: 4687
.bg3.co/ Name: cto_bundle
Value: oZZ0yF91TkZGJTJCamxUV2Z5dHBrb0QlMkZBQmJuWmEzUGN5cmRvNGslMkJSSjMzJTJGdW5uV3JmNVNjTDluYmd2Y3BTeEo4RWpwRE92Z3c5NmwzVHlidWxuZnZEZkYlMkZaUVVncWYzSFBrSE5NRXZzRndSaXZQb2slM0Q
.bg3.co/ Name: cto_bidid
Value: aSXgrV9wMkJYRWk5aHUzZDRBZkVEcTNhbXRqR3hlMGR6MDR5azVPbk8xZGd2TWZ0enE5OEVSc1NlZHNKckZzMTNjWSUyQmRFUjUyejdXV0V0amZQdDdXViUyQk5sS2clM0QlM0Q
.media.net/ Name: visitor-id
Value: 3070594876823872000V10
.yahoo.com/ Name: A3
Value: d=AQABBB-CL2MCEMwW4ndHh1Txa08eppvAKmMFEgEBAQHTMGM5YwAAAAAA_eMAAA&S=AQAAAiWpnWMDOcx7fSfuq0O60pY
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.bing.com/ Name: MUID
Value: 07D63AE788A760F83B2828CE899561D6
.c.bing.com/ Name: MR
Value: 0

9 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664057881&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhe-jiang-hang-zhou-xiao-shan-guo-ji-ji-chang-san-qi-xiang-mu-zheng-shi-tou-yun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664057881363&bpp=12&bdt=1663&idt=571&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=4095095268603&frm=23&ife=1&pv=1&ga_vid=1560567575.1664057882&ga_sid=1664057882&ga_hid=83928309&ga_fc=0&ga_cid=amp-U2auWBjfNcY_-QlB3YrIGA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=982&biw=1600&bih=1200&isw=336&ish=280&ifk=3367613081&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44770766%2C44771547%2C44772928&oid=2&pvsid=871172703584013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hxcy2x80to3i&fsb=1&dtd=586
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvemhlLWppYW5nLWhhbmctemhvdS14aWFvLXNoYW4tZ3VvLWppLWppLWNoYW5nLXNhbi1xaS14aWFuZy1tdS16aGVuZy1zaGktdG91LXl1bi5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=4103336389;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1919223098;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://ssp.disqus.com/partner=adaptmx?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dzeta%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3651%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D1e59f85e-26b7-4209-a993-edd116073ba5%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFsWkdJMk56STRNQzB5TmpVMExUTXlNemN0WW1Wa1lpMWlOak5tTXpkbU5URXdNbU1xVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFpXUmlOamN5T0RBdE1qWTFOQzB6TWpNM0xXSmxaR0l0WWpZelpqTTNaalV4TURKak1nSVNCamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e05286dc60c925b98acf33de1816ec0.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.atdmt.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
assets.a-mo.net
b17dab3d81c701e1d26896a1d75dbbd7.safeframe.googlesyndication.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-26736635652493433395.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e3.adpushup.com
e778d620ea5432f0c4488e8fa9e4bab9.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.aniview.com
pippio.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.fout.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
ad.atdmt.com
id5-sync.com
pippio.com
x.bidswitch.net
103.229.10.192
103.229.205.243
103.231.98.194
103.231.98.195
103.231.98.196
103.254.153.160
103.3.63.48
104.16.88.20
104.17.24.14
104.18.12.76
104.18.18.126
104.18.19.126
104.18.98.194
104.19.158.19
104.19.172.108
104.211.156.162
104.254.151.36
104.254.151.68
124.146.215.49
13.107.42.14
13.112.54.241
13.229.175.239
13.33.33.127
13.33.33.86
13.33.33.91
13.76.45.37
132.226.41.106
139.99.49.250
142.250.4.157
142.251.10.157
142.251.10.99
142.251.12.132
142.251.12.149
142.251.12.157
142.251.12.94
142.251.12.95
145.40.88.5
15.197.193.217
151.101.194.49
172.217.194.113
172.217.194.155
172.217.194.156
172.217.194.157
172.64.152.245
172.67.154.71
172.67.71.254
172.67.72.16
18.136.34.121
18.161.111.100
18.176.15.61
18.176.162.247
18.233.195.161
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.184.8.90
185.84.60.29
198.8.71.129
202.131.200.84
202.232.238.37
204.79.197.200
209.191.163.208
209.191.163.210
23.106.127.39
23.106.127.52
23.108.103.8
23.193.108.182
23.193.108.195
23.193.108.22
23.193.108.238
23.193.109.46
23.207.37.206
23.41.65.80
23.50.119.72
23.75.85.227
3.0.121.150
3.0.222.252
3.113.43.253
3.230.47.190
3.92.109.79
34.107.148.139
34.111.151.213
34.227.131.62
34.83.125.63
34.98.64.218
35.156.204.15
35.213.117.18
35.213.12.39
35.244.159.8
37.157.4.41
38.133.127.31
38.91.45.7
42.99.140.161
42.99.140.177
42.99.140.201
50.116.239.135
52.192.218.173
52.210.128.24
52.223.2.229
52.45.175.185
52.46.155.104
52.74.162.2
52.95.115.255
54.160.175.117
54.169.109.4
54.174.10.80
54.192.111.61
54.192.150.48
54.203.144.13
54.225.201.180
54.251.29.91
54.254.146.150
67.199.150.77
67.199.150.82
67.199.150.86
69.16.175.42
69.173.151.100
69.173.158.64
69.173.158.65
70.42.32.127
72.34.250.75
74.118.186.45
74.125.130.97
74.125.200.157
74.125.24.155
74.214.196.131
80.77.87.161
84.17.37.44
87.250.250.90
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0204e46bc07b43b273527df58d0abda3dffc04f627a26568e03bc743bf96a86e
0330fa7077990fabed0c3577b11197a01ef45f7407078711c3f3f6268c017d1d
04993c17ff4057d75d7aba1bf1733814aca0c42636a7c0d5f79f726083adb585
0514d1490ac592bdcfb894292cc77109da77330d8e207c1c62ac1ba0df5eab8b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3
08379c3364d6ea4f8be74f25d7b05d807aca4a9c7984f1fe0d1d5cf45b2c72b7
0844e1148e163ac56ee4cc04214506d2e6ea50b39f5794a78ef1fefa82f60b0e
08a170f8c697918f7a642557a51d8cd8cee3ac96d8c8b401f91b5e0b489d222d
095361d3ea56d8aab97f4854b45c075874b91d80eb8aad1d49fe32d308cb0416
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
0a01f729a86c571125e8c213f9fe4385ce2f80cd06b92a57d32fd6bc61719a18
0b7d2c516413c81f2ca5e7b1457ebc762ac5fb8889dd29f2cb0edcce88f309d6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
104e5578719bc85edee4970b07d8b75542553054a978218bf8c2a3772853f2c9
11ef5a7f3c08bdfa755a8819f31d4502c838f0ca5381014ca5c2735051bb2b48
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
15fa1b7e6f0d2a575dd72e03903b37f563430d1bde293650abd09bdc55d2b1b1
168d0280d34425ecf7257f03bf084e2976eb698f80d1531cb12df80a2fcbd801
18502022d95968d70e278e02a2bb3f63deefdd1eff3d6fcc2fc255e5a48ceb15
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1940690c8fe789a39183590db29ea34d19158f5d309b9e368360b487709243bf
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
20c256eecdf8b1b883dacc8f248e34f6fa81e24d795b98ac9aa17490fa5df3cb
218b429993fde8f24de8c267969ef375efd81d26421ecd719360f632d5a887f5
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
21cba96ecbefe788d752222bd252b3b9a5dbebe28dd0705919ddfea89dc0665e
21d449d8601cf996e1d660c8cca69c65c80b823f7d30c29974801962deb7e9cf
2417c71c9e9b7576d676949d0850b33a69360295bb91bbe0a38d0e875af5ba47
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
261d63f4f0af14f42323f23c908e5d188a824c0f20f682329f1c5ed97b740141
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b1d7e3eebf0c7c6374bd296d2da50b01498c7cc6744806cb4b6d0d679d33099
2c14a4646e21d7a24d28a9d449dd0dafd197333b943b755e57a16d062b51f399
2c43fb233e22823e93501d7bb007a81827e4f779da3e3abc37c2ff139782a291
2ce00830645246827f6b5e614b202db0da202a3d70d8a90999e1887f8674047d
2f034c79d9f2b3d6988613c7a3d95ca03b7b14a9efe4e131fd470bb5c02fa506
2fb96936c3c77ec3e1efc5c04222a68d3a69089ed23674af1815c5140492f185
3029d96eaa4ad152f8ee64108f63968668343dfadd2e25367fbb202bc811d111
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
3184e99df2027844778dcb7825ac3902a5f1525453e4da6651f3dcf26f850487
31ba58f9b1c51e54b022ce34cc3dbdebca476ee5985432075043b9ebabcaafb3
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
32fe80953f5363474f2b1fa10e1f39a0be25809811292e0559290ec54cfa2022
3359cabdb8ed10920178b43ef0c989c7201003514821b02c4b33e8f3b3911f99
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
35c011fd8348a0278ba3b047d3f96ccdda86a00297f5718aea87ad806d9c885f
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3750e49418f24d2be3054cd9687da2f79a6737d0f2b01b034a162d2a2068faa4
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b025343c1ee76873504aaad4a8da8fca8dc2c15b9be1156949cdb625113f6a6
3b8af2060eb43ff37722d2a91e664544c197a4ac88bcec1502e185f955f2cc76
3c739ccbfad2a264757c1608cb342f9829a077fad87b0cc079540ab03aeb2412
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41583f28d093e855af469de0f42fd9f94bf3ed93baa9eb90192aed14074071e7
43deaf3f3eddab4ba599b5a9450b2bc10b190bc16001587aecca79571035044c
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47049ed2e8ae9a68deca5cb9452287ff5272edba1d7b7380f30f1047ed58599c
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a7d4e90449311d990c5d7ad6669211dd384f7d1884494702413e07efd494d8
490b21d4efeb2011c5fae34addfaed282b0dd353266c5c30945fd4acd4924783
49876af95d2ecd15f323f76069759aff3fc58c43f7d04804288338e46448b5f7
49aeaafa4c12e4301a72f13b945303a55c4a33a723eed5257b8d193f807c804a
4af85dd367a12650bb4a8cd177eea96f17db3f4505ce1f71a7813cc604324e9b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4fc9a4c19d0e969c25bb4e693c016cd31d1f0d94280210e3ec88ef0acac75ef1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51d4399364031aebd31c98ccbc3731183e2f9d214176a1fd8518486b556aea88
54857a8846b3da2e8a8ff84ea6e24ef533ac97993019ad345f84f24cb33552c2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b2a3356bc97f3ce7e2f7aa1b3ae03a608c1a2ca21ce9dabfffba11c7200665
55cac748efeeda12732991fa76a2b46df940059817ab34ddcd6918002f986ad0
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5881d819dab046f24c39319df13560a5f3698c32f49fa05bba7eb3dd1856e6c9
58a9541412dfd714da895852ff3c16a0ab006f07e4f1c02525c216aec661d07e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
591ae5ff07e3d01d41627b296ea5c64d76dc93cb212cb80921bea5a322295aaa
59d3b4e2fa857c6951c3ec9b3d1f91a6280ecb961d61e05025df7230c0dc0271
5f7017c58742e7145c8d1d73ec5bf3ea7854656710e1ffb4a1888729aea76e49
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61901db0907ff35fad15b7cc4398baa4ad118023423e48dc1f90dcf8a028303b
61afe043f7462b97e6328b41b170d5f44b48e0bc81627e845d400767d776e20f
61b1b324266b4035c6a2f83f9e99bdbb5d3126756a1789cb5362ea7e5cbc5c40
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628631acd2031ff498aea3db16027ecd6193c6fbeae05ab31e0415ac6996055d
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68f801024b70cfdb04c8854c6e137333cab900397adafc4238d5aa654d7083c9
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a8d9f6f7eb67ed9a28db7ec6741b814074cadfd2e8f89970ff2be1d39ec8818
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ade79fcdd055c0e2a365df04bc137ed2a9226ab9e5249c9fe78ccd021a847f8
6cbe1becf255779f7223b45f3bf63d8a955edd2e748794480c54f4e5d0b10d10
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d84ce32aab094ded8a130b45f71d5a04514ba7e3b7c8b00e533c7edf1c1f62b
71c327f79dc6cd6a94e68de04c402b982e9133d87047f543f313463933d190b0
722ffefad4213c2ed19ce2bcd7547724075f519f3bf831125155f8bccd48cd84
72463f87634517b05024dd9154ab1484bdb0e1043571dc9621e537cef771346a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
78cc90ad6edbab01ff82512f4a689c035dd3310e281f38e3dcecf50e1dd6f7b3
7a5b7b799c12828a1fa27c02ec89565b5a1edf79ea5e0176693d907b6e28f8ac
7b6374f15d38fbbda5ba7ac5c77b61ca177f68ee87e84f8116af5ea0adda7b5b
7b9ef9db5284651ca64901bb7369cce5ffd2c65d404cc2abf82f7bb90a473dae
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
8035eb2c6ed5a187690c1c289022b3dbb516c9f3d82b809666a8e97576f1f01e
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8494e2e29f5c83f1ab49ba41e8de5185b3654cd30294e7d4d5666fa194c441f2
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
883edd7d9f5be975b37299b38b18af6c6f91e70ada835ff16a1d3c0fa7a981f0
89f222ad7c5854616216688870456445264b0fa3baf0422ada6e3768a91e72a6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a83d23afeea324cbe521a0e7996d0c7b7be87fbe18c191d702599bfc623fe4a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b03d04d1497d9a0ad6cfd6ef1e6b267a635a7165d184a85fc3703bf0ca54592
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910f11d21f7ef307134e01b6c624e7b6393a368ab4a7df76d873f5914c89468f
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
937ff754f0746352fa0f59774b69e653c98196c02995cc00ee916056f09784ef
959f62d9438027416de03e03d70afd0fb8f65afcd16691a0d4f331e4d6b43320
95bd103bd7fdf3a6e6558a95d46598c3ba47bfe2dd83c67cf7bd767b8d130d30
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
97f021d21f4c6ecb256ef53df152984ad47d4fa5d9b013223454abaccb92814a
9800aa3fe3d7cbade404baf412b095dbc248c97cafd6193204b87f3ff85d7962
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad99a5186dbeb3233bffb43d5cf08bfea36177e5417f4298540f773fc7c1c57
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9e372afd4baa34eb853174c2c49591e142061ae38c7cac6ec79f6d3f7e1517af
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01a98358705a79c8ff37aac302c533d0d53f971fece8aa145dfa2495499df99
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1bf77c787c49e99231aebc111b790c8e7ffabb9ff8707f9e3cb1cd3213cec45
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a279e14f2bd555bf18379d187e7f5e3da9d718156d740bb8b12ac16381301ea0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a38f1f6c87e996582eefa8edc2c11a044fe26f32fc67df901184c24f34c73345
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e27aa09cea6ce52e34fcc18eefadc59ee7e3db0a7347edc6eb2ac487ce3ddd
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a9439055c4be9973ac171103ce4e63357e0fcfb62169eacb2f57750cc64c5f65
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aba3fa3d2ae82c47e944534c15502451298736b79ed83ec585cc38faf62d0a68
ac4e3f87157b395670401df670b8db6c8062d14fe108d188c3fab355068c0a24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b44a5ad66d957f70b82757f096d690f4879c464629ed02590dffe58cdf8460bc
b4b85a32853bc5e25905dbc29f82f79a6c6ac8f2f8c24a9a08a9940b7178d6de
b4fb75b29b9bdba6b10574cadb5adec9b558cab7f5199346eaf6f93775933130
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b8495f96bf23b93cee2ad9dd1ebe81e84cac8fc9e8d247546ae2b5d64e6d0b40
b90e2a5e26de4d61f8fcf641d229971a713b986a18323f6e93cf93bd35d926de
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5b8374afc57391fda2b5c18633e74299030844ed77dfb27b90c07413e99854
bba28f6f736d5d3bacaf6d76c9c622c2e399bf2ea5b4221cfb076602a6d37f5d
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd439b7bb78653b33674b9c08663b12cb5052ca5c8a1d540f1176b5f2914af1e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25c9e3c616eedc0faf3413391008fe3bbfe27747b530ffbe7c5921aa869521b
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c4d59a51a8eecd9642d5bb8a6f92a91864b19a58015d3d3968f9a54278e97ce6
c5247524ce593d29a2baf48d5feb5d80e0f5670060ca6b871af7edb502eee32d
cb2a0e216e04a4ae684fbfc080a0134fa914aefcb0522b9fa424ef69fb5b07cd
cdf37653a73d1ae3d18f647975c8b382382c147affa39284bd2914f10d22572a
ce11ccc974e685f2dab3b5531abf5ba2f05884c2a8b4365b38670b25017a4801
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff80c4f1b69a054563ac49abcdb7e292d5cda2e3ea20ce5736e48001ba3b2ef
d08e99485a73d7ffac4099a8c91b595c85856001c9bb340bf78147caf5706ed3
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d138c334c5c1946941109374bb34e6b841930ba3c43523cc7ed46afc19317016
d142e3a1e6b2507d6e1870de66a5bb94c5364733db4316d4159f63fea5ef5f9b
d1eae272720bdd83c1db20f05dcb6ec9c9d7041c950b9d076df302c48f93e560
d23dbe892d589a8ddbaf1547e2a62752e7bb7bb266a117baccbc0969d9e0f5c1
d2fec1902f7516cbce19dc7e100962df3be7df8f1ea63312d1eeffecde9f21d6
d3308cf5269867aeae391274f60dcac2a1f0cb25eb0f18a13c14d17805396585
d719cfb2ab3ddd57045184671c38180083a26f4b5d16b4bee68bd64f4faf6f06
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
d97e298a44dea6707737d6dae6f622863e8d27c3714eddee1491531794837130
da4837635fe26d32d3e8f0a645c78ce8c09e490b9a7152b321f3eefc924e5cc5
dab748fc34c67043e2583d6474141dd8a8084119a0243f66297100cb976c84b9
db7c29b19add6fa30dc1eb39de49cf25f8fcce5a9cbfad595e2dadc06fd9cc25
dbc1ea09d3e196d4d5f94c3e83f266a6503cc217f154fb55ddde1ba1662e87ed
dca9f1c29fb7080284b951045c01136e07981ae1898342bade54fa07863d0e8f
deac5997a8c45e4c8a599b29da3a2c406f229b4300576033f3a987fe77c45726
df776efbd6bb46ef543add4c0b69eccaafa2b7f151cdf2171a7fcc233c2671dc
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e11db8ce8b172b179f07f9ce4affec3a49b6f865fe164038b7bb5b84aa45518e
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4de15122faac722fef3a4df64cc08b5d7dd16ccc74115e3e2b41af1ad6e3e33
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e53a3cb2fa190d0dbab24f0f231cdd1e6506ae798b76db6dd59432b5d0b45a80
e545710341d6793b04a4fb2e3ccf3227e6cd74a3e186394eb9987e1832b6eea8
e57895230447d0ccc825af5bbaa8f35646ae1765921119d2ef6ded706b9da352
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e86ddbbfd70c408f7abb52abba9cb9d7cc86a88b975d8cdb5d04eea3287950d0
ebac134017eb048dd6c24637cf2ad36fd7f6b9e2b880aec4594968007868ae5e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee3b8782a38d82780c812b54167626758b6e4052a5a4b8f183385b2b54d7c840
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00c1893364426fd8e64c20a93784fa2c2ef43dab57fd0e8c088052925991a3a
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
f13d0ba70d5f3dfa2deaa8fe6f2e616ac6b4d647f1b8faa216d48ab54f9d3210
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f4503164ef5656fb17c24fd0e4ab285e6ea619f317712c5a78478fa2033b85a9
f604fa2268c5d9306027cedf7e0bf0cddd807d9f62e9a79274c7ffef03e6d773
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8520433764cb1b56dfb4bd4199055e86506a4228e1a1eddcd4c4e0f2b99291e
f855a67f3d33f360c684af4a7e163596c5dbb141afcc423873990f896e05d2b8
f9524d8f1807bf488171ae337a05fd08898c2acfab1408df2e33b700f80ed9f6
f9bdc98f4c1189097b17d2c80dafac47333048eccdb0443cb6f19aac8c7dd85d
fb780746eb7e2fc6976d96a59e65ad84b141827b00bcce980f9db5a8aed04006
fcff339f3f677b9a150899915cfa787bb26e5b1218cf1f900c2057e067017105
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e