urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui...
Submission: On October 26 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 10 countries across 81 domains to perform 434 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 643495.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
1 49 142.251.10.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.42 20446 (STACKPATH...)
22 104.26.2.91 13335 (CLOUDFLAR...)
1 61 142.251.10.155 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
11 142.251.12.154 15169 (GOOGLE)
2 74.125.200.97 15169 (GOOGLE)
4 142.251.12.157 15169 (GOOGLE)
7 142.250.4.155 15169 (GOOGLE)
2 142.251.10.101 15169 (GOOGLE)
3 104.211.156.162 8075 (MICROSOFT...)
6 13.76.45.37 8075 (MICROSOFT...)
4 142.251.10.94 15169 (GOOGLE)
2 74.125.24.154 15169 (GOOGLE)
1 13.33.33.91 16509 (AMAZON-02)
2 103.229.10.171 16509 (AMAZON-02)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 11 35.244.159.8 15169 (GOOGLE)
1 104.83.197.63 16625 (AKAMAI-AS)
5 104.18.18.126 13335 (CLOUDFLAR...)
4 54.249.121.116 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 13.228.121.143 16509 (AMAZON-02)
3 51.79.234.100 16276 (OVH)
2 54.171.114.234 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
5 11 104.254.151.60 29990 (ASN-APPNEX)
1 35.213.117.18 15169 (GOOGLE)
6 145.40.89.200 54825 (PACKET)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
10 142.251.12.147 15169 (GOOGLE)
5 74.125.200.156 15169 (GOOGLE)
1 6 104.18.25.173 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
11 41 74.125.24.157 15169 (GOOGLE)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 202.233.84.1 131957 (MICROAD M...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.82 16276 (OVH)
1 13.33.88.41 16509 (AMAZON-02)
11 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.24.14 13335 (CLOUDFLAR...)
4 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
2 74.125.200.95 15169 (GOOGLE)
8 23.36.252.26 16625 (AKAMAI-AS)
1 42.99.140.216 4637 (ASN-TELST...)
8 104.83.196.24 16625 (AKAMAI-AS)
1 142.251.12.94 15169 (GOOGLE)
6 13 139.5.84.243 27381 (CASALE-MEDIA)
11 142.250.4.149 15169 (GOOGLE)
11 12 15.197.193.217 16509 (AMAZON-02)
8 8 185.84.60.20 198622 (ADFORM)
8 8 50.31.142.191 23352 (SERVERCEN...)
4 4 52.2.255.108 14618 (AMAZON-AES)
3 182.161.73.136 55569 (CRITEO-AS...)
4 9 52.223.2.229 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
1 18.161.111.72 ()
2 184.31.5.52 ()
1 104.18.12.76 13335 (CLOUDFLAR...)
1 1 50.116.239.135 ()
1 1 124.146.215.44 ()
2 2 13.33.88.98 ()
1 104.19.159.19 13335 (CLOUDFLAR...)
3 23.72.44.196 ()
2 2 103.229.206.241 ()
2 2 175.41.187.173 ()
1 182.161.73.146 ()
1 54.80.43.227 ()
1 172.67.154.71 ()
1 1 23.106.127.38 ()
1 1 104.18.19.126 ()
1 35.213.12.39 ()
1 2 52.74.172.143 ()
1 13.107.21.200 ()
1 104.18.13.76 ()
1 67.199.150.81 ()
434 73
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
49    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
bd434c13192b0ba3801f7c67ab0b5479.safeframe.googlesyndication.com
ad6d7095e9b3fbb668a951e5b126aafb.safeframe.googlesyndication.com
tpc.googlesyndication.com
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
22    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
61    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.com.au
googleads4.g.doubleclick.net
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
11    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
securepubads.g.doubleclick.net
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
4    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
adservice.google.com.au
7    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
adservice.google.com
2    142.251.10.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f101.1e100.net
www.google-analytics.com
3    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
d-20671926272823164609.ampproject.net
fonts.gstatic.com
2    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
partner.googleadservices.com
1    13.33.33.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-91.sin2.r.cloudfront.net
adx.holmesmind.com
2    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    104.16.85.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
11    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
5    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
4    54.249.121.116 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    13.228.121.143 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-121-143.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
2    54.171.114.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-114-234.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
11    104.254.151.60 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
6    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
10    142.251.12.147 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f147.1e100.net
www.google.com
5    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
www.googletagservices.com
6    104.18.25.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
41    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
cm.g.doubleclick.net
1    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    13.33.88.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-41.sin2.r.cloudfront.net
rules.quantcount.com
11    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.24.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
2    74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net
fonts.googleapis.com
8    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    42.99.140.216 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-216.pacnet.net
qsearch-a.akamaihd.net
8    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
www.gstatic.com
13    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
11    142.250.4.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f149.1e100.net
s0.2mdn.net
12    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    50.31.142.191 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    52.2.255.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-255-108.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
9    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    18.161.111.72 (None, )

ASN- ()
public.servenobid.com
2    184.31.5.52 (None, )

ASN- ()
eus.rubiconproject.com
1    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
1    124.146.215.44 (None, )

ASN- ()
tg.socdm.com
2    13.33.88.98 (None, )

ASN- ()
cr-p3.ladsp.com
1    104.19.159.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
3    23.72.44.196 (None, )

ASN- ()
ads.pubmatic.com
2    103.229.206.241 (None, )

ASN- ()
sync.mathtag.com
2    175.41.187.173 (None, )

ASN- ()
pm.w55c.net
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    54.80.43.227 (None, )

ASN- ()
cs.emxdgt.com
1    172.67.154.71 (None, )

ASN- ()
id.a-mx.com
1    23.106.127.38 (None, )

ASN- ()
ssbsync-global.smartadserver.com
1    104.18.19.126 (None, )

ASN- ()
ssum.casalemedia.com
1    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
2    52.74.172.143 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    13.107.21.200 (None, )

ASN- ()
c.bing.com
1    104.18.13.76 (None, )

ASN- ()
cdn.indexww.com
1    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
84 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
bd434c13192b0ba3801f7c67ab0b5479.safeframe.googlesyndication.com
ad6d7095e9b3fbb668a951e5b126aafb.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
863 KB
66 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
610 KB
23 bg3.co
www.bg3.co — Cisco Umbrella Rank: 643495
static.bg3.co
730 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
14 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
pix.as.criteo.net — Cisco Umbrella Rank: 16753
csm.as.criteo.net — Cisco Umbrella Rank: 17352
143 KB
17 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
hblg.media.net — Cisco Umbrella Rank: 1621
contextual.media.net — Cisco Umbrella Rank: 570
warp.media.net — Cisco Umbrella Rank: 2378
lg3.media.net — Cisco Umbrella Rank: 4108
cs.media.net — Cisco Umbrella Rank: 1392
177 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
5 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15799
aplogger.adpushup.com — Cisco Umbrella Rank: 16696
e3.adpushup.com — Cisco Umbrella Rank: 17189
217 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
7 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 618
39 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
213 KB
11 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13910
u.openx.net — Cisco Umbrella Rank: 664
us-u.openx.net — Cisco Umbrella Rank: 409
jp-u.openx.net
5 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
8 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
217 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
5 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
cm.adform.net Failed
5 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22845
ads.as.criteo.com — Cisco Umbrella Rank: 17079
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17724
gum.criteo.com — Cisco Umbrella Rank: 425
dis.criteo.com
51 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
assets.a-mo.net — Cisco Umbrella Rank: 3188
6 KB
7 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1042
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com
token.rubiconproject.com Failed
pixel.rubiconproject.com Failed
14 KB
6 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 828
s.tribalfusion.com — Cisco Umbrella Rank: 2234
4 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 109731
1 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28151
sync.aralego.com — Cisco Umbrella Rank: 2910
4 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
233 KB
4 pubmatic.com
ads.pubmatic.com
image2.pubmatic.com Failed
ow.pubmatic.com Failed
image6.pubmatic.com
23 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
3 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
46 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8566
45 KB
3 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3667
sync.inmobi.com — Cisco Umbrella Rank: 2083
2 KB
3 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1663
public.servenobid.com
5 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
2 KB
2 yahoo.com
pr-bh.ybp.yahoo.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 ladsp.com
cr-p3.ladsp.com
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
3 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5415
1 KB
2 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1004
x.bidswitch.net Failed
596 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 948
pixel.quantserve.com — Cisco Umbrella Rank: 516
11 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
1006 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
493 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 15630
10 KB
1 bing.com
c.bing.com
670 B
1 smartadserver.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com Failed
352 B
1 a-mx.com
id.a-mx.com
509 B
1 emxdgt.com
cs.emxdgt.com
67 B
1 socdm.com
tg.socdm.com
855 B
1 turn.com
ad.turn.com
441 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1608
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
5 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 876
616 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6970
541 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 3920
641 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 58454
716 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 19902
655 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
520 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
1 KB
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 499515
1 KB
1 ampproject.net
d-20671926272823164609.ampproject.net
0 ambientdsp.com Failed
cm.ambientdsp.com Failed
0 adroll.com Failed
d.adroll.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 yieldlift.com Failed
x.yieldlift.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
0 dyntrk.com Failed
gu.dyntrk.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 adsymptotic.com Failed
p.adsymptotic.com Failed
0 nextmillmedia.com Failed
pbs.nextmillmedia.com Failed
0 vuukle.com Failed
pb.vuukle.com Failed
0 lijit.com Failed
ap.lijit.com Failed
ce.lijit.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
434 81
Domain Requested by
45 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
adx.holmesmind.com
www.bg3.co
www.googletagservices.com
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
41 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
www.bg3.co
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
33 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
22 static.bg3.co www.bg3.co
12 match.adsrvr.org 11 redirects cdn.adpushup.com
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 s0.2mdn.net www.bg3.co
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
s0.2mdn.net
11 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
11 ib.adnxs.com 5 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
prebid.a-mo.net
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
8 b1sync.zemanta.com 8 redirects ssum-sec.casalemedia.com
8 c1.adform.net 8 redirects ads.pubmatic.com
8 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
7 adservice.google.com securepubads.g.doubleclick.net
cdn.ampproject.org
pagead2.googlesyndication.com
6 prebid.a-mo.net cdn.adpushup.com
prebid.a-mo.net
public.servenobid.com
6 e3.adpushup.com www.bg3.co
6 adservice.google.com.au securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 a.tribalfusion.com 1 redirects f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 us-u.openx.net 1 redirects u.openx.net
4 sync.srv.stackadapt.com 4 redirects
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.bg3.co
4 f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 pix.as.criteo.net ads.as.criteo.com
4 prebid-server.rubiconproject.com cdn.adpushup.com
prebid.a-mo.net
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ads.pubmatic.com contextual.media.net
public.servenobid.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
3 fonts.gstatic.com fonts.googleapis.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 aplogger.adpushup.com www.bg3.co
cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 sync.mathtag.com 2 redirects contextual.media.net
ads.pubmatic.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
2 cs.media.net contextual.media.net
2 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
2 fonts.googleapis.com cdnjs.cloudflare.com
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
2 csm.as.criteo.net ads.as.criteo.com
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 rtb2-useast.e-volution.ai 2 redirects
2 ads.servenobid.com cdn.adpushup.com
prebid.a-mo.net
public.servenobid.com
ssum-sec.casalemedia.com
2 htlb.casalemedia.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 image6.pubmatic.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 ssum.casalemedia.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 x.bidswitch.net prebid.a-mo.net
eb2.3lift.com
1 id.a-mx.com prebid.a-mo.net
1 cs.emxdgt.com contextual.media.net
1 dis.criteo.com contextual.media.net
1 assets.a-mo.net prebid.a-mo.net
1 tg.socdm.com 1 redirects
1 ad.turn.com 1 redirects
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 www.gstatic.com f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
1 warp.media.net googleads.g.doubleclick.net
1 qsearch-a.akamaihd.net www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 rules.quantcount.com secure.quantserve.com
1 dsp.adkernel.com 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 mweb.ck.inmobi.com 1 redirects
1 sync.fout.jp 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 ads.as.criteo.com googleads.g.doubleclick.net
1 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
1 grid.bidswitch.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 d-20671926272823164609.ampproject.net cdn.ampproject.org
1 ad6d7095e9b3fbb668a951e5b126aafb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bd434c13192b0ba3801f7c67ab0b5479.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.bg3.co
0 cm.ambientdsp.com Failed ads.pubmatic.com
0 d.adroll.com Failed ssum-sec.casalemedia.com
0 um.simpli.fi Failed ssum-sec.casalemedia.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 sync-tm.everesttech.net Failed ssum-sec.casalemedia.com
ads.pubmatic.com
0 pixel.rubiconproject.com Failed www.bg3.co
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 token.rubiconproject.com Failed www.bg3.co
0 sync.go.sonobi.com Failed public.servenobid.com
0 p.rfihub.com Failed public.servenobid.com
0 ce.lijit.com Failed public.servenobid.com
0 x.yieldlift.com Failed public.servenobid.com
0 ssbsync.smartadserver.com Failed public.servenobid.com
0 g2.gumgum.com Failed public.servenobid.com
0 gu.dyntrk.com Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed eb2.3lift.com
ssum-sec.casalemedia.com
www.bg3.co
0 p.adsymptotic.com Failed eb2.3lift.com
0 pbs.nextmillmedia.com Failed prebid.a-mo.net
0 pb.vuukle.com Failed prebid.a-mo.net
0 ow.pubmatic.com Failed prebid.a-mo.net
0 ap.lijit.com Failed prebid.a-mo.net
public.servenobid.com
0 image2.pubmatic.com Failed prebid.a-mo.net
0 cm.adform.net Failed prebid.a-mo.net
0 rtb.mfadsrvr.com Failed contextual.media.net
0 stags.bluekai.com Failed contextual.media.net
eb2.3lift.com
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
434 133

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 64 frames:

Primary Page: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Frame ID: 0E1DC2E9CA1565927564D3481A9AD4A3
Requests: 99 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: BF6A651DF1EFFAC869B73AA4A09741AA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 8DD5D8B5FBF7A50313B8B9F56E9F08C0
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 067893A940C2886243FF38F56F294031
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 3812B9992CCF7D8EBD571EBEBC761A4E
Requests: 9 HTTP requests in this frame

Frame: https://bd434c13192b0ba3801f7c67ab0b5479.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 042963DB0E5B16D36D5403BD05A6D8A9
Requests: 1 HTTP requests in this frame

Frame: https://ad6d7095e9b3fbb668a951e5b126aafb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CDF4024473F9E05C48F01B1EAE262347
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 88B554272963C97C1BFB975C00B91D87
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Frame ID: 9EC75BC4DB8A91E2A0462073382B27A8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3150269307335175326&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3288&oid=2&is_amp=5&amp_v=2210010655000&d_imp=1&c=226000705&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&ga_hid=705&dt=1666756461283&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&bdt=4947&dtd=370&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 434D4557DD5E8B86D748B3436406E817
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 0ACC515CB4822CAA7433AFDC6A928E29
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A6FC971F5761CC16CE76C78A230A940B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0499EF63A8252E0F98EAB3076F31B1BE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B43A6181A9551D5D5735A227E6A3AEE3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8838164A2CB53710B3168CAC1E59562
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B480A24AB6877101A3E62272082E8563
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Frame ID: 074CA7F68CCF1EEDB7846D65EB66E7E9
Requests: 1 HTTP requests in this frame

Frame: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6483EB648B793D40EE6B01D2F294FD54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjlYQb69YY5rnKYuqoQPUvbe4AazX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLIBT9D10HIA0szjMYCQ4ElnwcWM8h0qAs2tkcNT1IMEDkf6NBEoxQzqYP0sknDsEcOnO8MDArfBU1-OOFhMp5_qA3MyMGkNVfKdyvTWRD_MJ9rATGiA0jgza1YrQk5uL3Du_3MvyR4ORe0M2jEl1voCL-wbPfEZckun-Fq3bIx6ezz6V-qJX37YfG2Dg5ODkeeq2u9ET8hXcPk6YwaLC6BlYJUqY5ERVBNwE_Z-lpe8GNK_8IAGw8Xfm8qtzZjpAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=wjJts0nA8Es&uach_m=[UACH]&cid=CAQSKQDq26N9tX3QJe1iHBYPFYWa0FLxzUv1Ov8B7i2aMApvyR30tb2Sxyx5GAEgEw
Frame ID: 8C5E46C33A56F0326A49CCEB29CDA410
Requests: 14 HTTP requests in this frame

Frame: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 38E0D5FB3B8BFF1C2031034481C3B84D
Requests: 15 HTTP requests in this frame

Frame: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 800E6F606824F6F064B36A28F7B138BC
Requests: 15 HTTP requests in this frame

Frame: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8B8A462C458762BA0F44BFAD55446699
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNWdCsSszRXXfuMXP2fNTSTjTQxKMndj6c-NbukkGaKhLuw0lN2LarDNWtMWITw5L4rFVUx63ItimZI9Yh6-Xo5gpdSVCQ
Frame ID: BD5520D9B09C836B027DD0C6F5CD0403
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeh19gCEMa03YwDGJyBidUBMAE&v=APEucNVG1C4kOtPpvb-fcjqfG5Q-xl1eSHTOO68n_NZNBXi4ow8KVgeuVEQRN0NXgkLSmgiW2dE-dbWWiPn6H8ClrXbOpJrVfw
Frame ID: 9A8A88CCE57508F80E547075B03662B4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21077BAE3E6A73A6228FBF326A510FE7
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2C294BF2D59E5E6F3203FB71A343B329
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1ACF40D4E2E3B3E1BC36179A1054611B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 949C2DE7E4D5ADA09FC07344B54A69C7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 48E80AF479D4E7B8737F84467129554E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8CB432D1923C84A572E44DE908E7B1E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52446A69EBD5E583DF47819C3376325D
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 02964D908D548DC38D680B22E182E6FF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4ADB405AC039FB05651C3CCAB1D5D8AD
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Frame ID: B3629C3F33420426F71FDC2B2A925742
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: 0EA07710454883F6AAC543AE94D1E8A0
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 062218ECAF697F63FBC35677244B75E5
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: CEB96EFFAF3D3CFB81D1CA5DDF91FF08
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5154F92167DFDF7DB49AC77E5B4A659E
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 500833E8F4C29D3A7646F35A468551F0
Requests: 13 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: D39A348C460C774420C35DB884D35BBC
Requests: 20 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 70D6FA8C00073276664286CF3D5F60B5
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F1C788BA1410B131B585F0C0E03B1B06
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CEF6DFFDF14555BF4E9D042873E59881
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1666756462638
Frame ID: D23D69B124F84FBACDD904C7DA8AC1A4
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: D6F9ECFAC7F03F929FC4340B6D191066
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CE9338E6960A5F10B75F13BDF1A6B22B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 0A97F7D1ED4E99571BBFA037ED351DB3
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3097580656827308000V10&type=rkt&refUrl=&vid=67564670753097580656827308000V10&ovsid=1972928490758014420
Frame ID: 70B1FC74EBCF2DFBAAE94F6BAEA43919
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dpba%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3DPM_UID
Frame ID: 065DDF32AE28EF614C5BFB83BCF13E2D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8457956222DD65EF15C9EA0D0AEF6A2E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80791C96040795F7F52A64E11EF41B4B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FCD338F6D96D5E076481D51B242EC68
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65976FE39EDFC9AE4C4BF9072E2743CF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: C55F2D6B54B5CE7FD89587EAD335685F
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: D3DCEF0F455595741B41611261A2C178
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: FE611EFEEF48F05FC277847443FD814A
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: AB834320A7C28AFEEA8F9DBACD9E5CB1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 7924BF804AEC7F862E9162FE6A593D94
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: B23E63D710D53B657D006835767DD6A9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 8A21D8B0E15869BC505CDA6201DF0056
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F6E64D17-59CE-4968-82C7-B3F8762F8F61
Frame ID: C682655E61FBDF393FB20CE2BCB12CAE
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 3B548325B2273820737B5CA9F07D1903
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: F2A455F684A9A728ECBDFABAED2FED9E
Requests: 1 HTTP requests in this frame

Frame: https://cm.ambientdsp.com/cm/send?vc=pmj
Frame ID: 8B85D06C82C43C3F25219C6BCEAC9DC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

長澤雅美「睽違4年半」重返小熒幕主演! 搭檔2肌肉男神追冤案 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

434
Requests

73 %
HTTPS

0 %
IPv6

81
Domains

133
Subdomains

73
IPs

10
Countries

3836 kB
Transfer

9394 kB
Size

63
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 83
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459251&bpp=13&bdt=1652&idt=2225&shv=r20221020&mjsv=m202210190101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=2&ga_vid=1943600805.1666756461&ga_sid=1666756461&ga_hid=1666558131&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1602&biw=1600&bih=1200&isw=336&ish=280&ifk=398001461&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31070306%2C42531705%2C31070423%2C31070467%2C44775017&oid=2&pvsid=3618108874669302&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.camno2e3c7sa&btvi=1&fsb=1&dtd=2242 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 127
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoTgjHZAXkV3v0iO2NObywQgR_YrRxwFtWJVFehzEALoRjPL7o5pt8yKw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoTgjHZAXkV3v0iO2NObywQgR_YrRxwFtWJVFehzEALoRjPL7o5pt8yKw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoTgjHZAXkV3v0iO2NObywQgR_YrRxwFtWJVFehzEALoRjPL7o5pt8yKw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoTgjHZAXkV3v0iO2NObywQgR_YrRxwFtWJVFehzEALoRjPL7o5pt8yKw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 128
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEBNZb5JGLmmpMceYQWrZye4&google_cver=1&google_push=AZmPxg9KMPV7mWLebwDvzQlLsJONbVrAuaoUbvodsZ2DF6QJrr2tvr4CGzb0BuCyJzjfQ5tF7WimyzwLa1yvlzq159PoeFybbjTVt3G16ILl2n-FuMKcEVcNvK1o8kgzJ9H_I8xR8qYFVJ0-8ZB0WsYCRTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9KMPV7mWLebwDvzQlLsJONbVrAuaoUbvodsZ2DF6QJrr2tvr4CGzb0BuCyJzjfQ5tF7WimyzwLa1yvlzq159PoeFybbjTVt3G16ILl2n-FuMKcEVcNvK1o8kgzJ9H_I8xR8qYFVJ0-8ZB0WsYCRTA&google_hm=KGnQc_fsSxGsbnqdjX4SRVE
Request Chain 129
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEELtgbVWZ3SMMpFuHBSxRhU&google_cver=1&google_push=AZmPxg_-pviw9oFecsRKhxnWDsYk620UtZ_Me3UhT-NZtvsStBXkkMemsL9hRwc0TWxI75shvNsXh9zFuilgBXDqy4cJahgOiEkIV8MBT-N-QmdiA7mkV01A59Y7jZiYQsX-f1Q004s96wijkgL5Y9Xy5rA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg_-pviw9oFecsRKhxnWDsYk620UtZ_Me3UhT-NZtvsStBXkkMemsL9hRwc0TWxI75shvNsXh9zFuilgBXDqy4cJahgOiEkIV8MBT-N-QmdiA7mkV01A59Y7jZiYQsX-f1Q004s96wijkgL5Y9Xy5rA&google_hm=VkhlREozRkFwN0Qtc3ZLYnJKN1pMUXhRZ2Nr&from_google=sp1
Request Chain 130
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGVfImVb4SLGoRwuKV92vCw&google_cver=1&google_push=AZmPxg8_Wrw1i_PGHnGZc2_JPLuBA_i0mmqA5h6ZSLI9ZCxdvCQ-UzuJB-DAD2fWEnVQE4097wnFKG-r8IZN3hG4QoLj-clA_NOR-Pd4vsYG6iyMK78nn_2Q-19LVu7zLH3RjNVCJFjMd8OarjpnKXdpST4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzI3ZTVlMzQtOGZhZi00ZjRkLWJmOWQtOGJiZTNhN2JmZDI5&google_gid=CAESEGVfImVb4SLGoRwuKV92vCw&google_cver=1&google_push=AZmPxg8_Wrw1i_PGHnGZc2_JPLuBA_i0mmqA5h6ZSLI9ZCxdvCQ-UzuJB-DAD2fWEnVQE4097wnFKG-r8IZN3hG4QoLj-clA_NOR-Pd4vsYG6iyMK78nn_2Q-19LVu7zLH3RjNVCJFjMd8OarjpnKXdpST4
Request Chain 132
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHOZd4GX1SE-WPoTkNVSAfA&google_cver=1&google_push=AZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7knCUzi92YSPCcam3FVSm1Ln_enU-mKehcolK0dhvlGU-FW8S_UDZD2eIIq-EFnaOg2el1vjxzvvoSeAFN8aGNXHKx5wUyYWT2G2vdKNmO HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHOZd4GX1SE-WPoTkNVSAfA%26google_cver%3D1%26google_push%3DAZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7knCUzi92YSPCcam3FVSm1Ln_enU-mKehcolK0dhvlGU-FW8S_UDZD2eIIq-EFnaOg2el1vjxzvvoSeAFN8aGNXHKx5wUyYWT2G2vdKNmO HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A2276093351435623372&exchange=193&google_gid=CAESEHOZd4GX1SE-WPoTkNVSAfA&google_cver=1&google_push=AZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7knCUzi92YSPCcam3FVSm1Ln_enU-mKehcolK0dhvlGU-FW8S_UDZD2eIIq-EFnaOg2el1vjxzvvoSeAFN8aGNXHKx5wUyYWT2G2vdKNmO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIyNzYwOTMzNTE0MzU2MjMzNzI&google_push=AZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7knCUzi92YSPCcam3FVSm1Ln_enU-mKehcolK0dhvlGU-FW8S_UDZD2eIIq-EFnaOg2el1vjxzvvoSeAFN8aGNXHKx5wUyYWT2G2vdKNmO
Request Chain 133
  • https://sync.inmobi.com/gob?google_gid=CAESEKTFrIJQWXruEhRPV_CkNaw&google_cver=1&google_push=AZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNlFlWNKPljRbitg_1ujXWtxKEagHA4nyMS9iXrM9hBSQgBa95QtWGIMLfLDvHakVy1 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNlFlWNKPljRbitg_1ujXWtxKEagHA4nyMS9iXrM9hBSQgBa95QtWGIMLfLDvHakVy1 HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOXSDZhD-KgH1QtPuy60YBqtsW9_TvNY49nIqKkw&google_push=AZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNlFlWNKPljRbitg_1ujXWtxKEagHA4nyMS9iXrM9hBSQgBa95QtWGIMLfLDvHakVy1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=B3K6EVelTIOga-jfndKF&google_push=AZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNlFlWNKPljRbitg_1ujXWtxKEagHA4nyMS9iXrM9hBSQgBa95QtWGIMLfLDvHakVy1&google_nid=inmobi_new_eb
Request Chain 203
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr6bKiUhCACBiACDIIJYu_i1lmA0E HTTP 301
  • https://tpc.googlesyndication.com/simgad/562616355818907787
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1&C=1
Request Chain 220
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1ivcZUelniUzxuEDS6XKQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1z4l5tYtod049T5okoLFA&google_cver=1
Request Chain 222
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1MTEzNDcxODk2NTk3ODQzOQ%3D%3D
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1&C=1
Request Chain 224
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1ivcZUelniUzxuEDS6XKQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1z4l5tYtod049T5okoLFA&google_cver=1
Request Chain 226
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1MTEzNDcxODk2NTk3ODQzOQ%3D%3D
Request Chain 238
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg_ZlAXnkS-m4tEeanRziYWiVb_BozMRAMNBIXFtN5bYjFfCG0ZaUYtVoYM6eyleAXr23VkBWy8S2t0CipH2P5m8CGBbv4OL HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg_ZlAXnkS-m4tEeanRziYWiVb_BozMRAMNBIXFtN5bYjFfCG0ZaUYtVoYM6eyleAXr23VkBWy8S2t0CipH2P5m8CGBbv4OL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzJmNzY2ODctZDFiOS00ZDhmLTlmMGUtZTQ0YzkzNTZiOTg2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=32f76687-d1b9-4d8f-9f0e-e44c9356b986
Request Chain 239
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg9lZxjgrAqeTnjzzdexFVTgr-Lr--_8CCxht6w_tcY0gkZukxI0mrTkzZCXPh1cV2gCR8lZNK26T8oQ4YCPcvJpbzGC9wKi HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg9lZxjgrAqeTnjzzdexFVTgr-Lr--_8CCxht6w_tcY0gkZukxI0mrTkzZCXPh1cV2gCR8lZNK26T8oQ4YCPcvJpbzGC9wKi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzI3MzgwMjUxMjk3NzUwMTU2&google_push=AZmPxg9lZxjgrAqeTnjzzdexFVTgr-Lr--_8CCxht6w_tcY0gkZukxI0mrTkzZCXPh1cV2gCR8lZNK26T8oQ4YCPcvJpbzGC9wKi
Request Chain 240
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_cver=1&google_push=AZmPxg8Defk9yPt9H2hyKSMGFaMECRLfq7bXUe0b1iCFo68ooF0fAq_4AlVYEF2KgIuoFOUJvRWH9eRiMMuWZ9s_pKAdsOxNcrbH HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_push=AZmPxg8Defk9yPt9H2hyKSMGFaMECRLfq7bXUe0b1iCFo68ooF0fAq_4AlVYEF2KgIuoFOUJvRWH9eRiMMuWZ9s_pKAdsOxNcrbH&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8Defk9yPt9H2hyKSMGFaMECRLfq7bXUe0b1iCFo68ooF0fAq_4AlVYEF2KgIuoFOUJvRWH9eRiMMuWZ9s_pKAdsOxNcrbH&google_hm=U3FIMHRnVFhDcGkzZHZ3aUxsam4=
Request Chain 241
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE0kdM3XL_vmz85GWrWJnJY&google_cver=1&google_push=AZmPxg-JzcBl7aLQ7bxS2rkiRcFzQ37cjmHqJFNQhUEzMvRSWSsFK36WwmuljdVpFD9hVGnasB3DLiiK59f-di1whbBCfwVmfaHK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=EiyIerUgQWVo3xMsSqzyUq310VE&google_push=AZmPxg-JzcBl7aLQ7bxS2rkiRcFzQ37cjmHqJFNQhUEzMvRSWSsFK36WwmuljdVpFD9hVGnasB3DLiiK59f-di1whbBCfwVmfaHK
Request Chain 253
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg9-jpxsFYLwWrjluu9gpjBX2L7x8jXLZjWhcpWvClkOeDOiCr4kFskeyKMKncG3DHSbf9UuZy7q8aHMq_kTbNb5WOeqU5hSHyGFZ0eaVRmyHvYgP_x_g11cJ0uKMwGLM53t5ETrcfGESMTu4CY86Q HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg9-jpxsFYLwWrjluu9gpjBX2L7x8jXLZjWhcpWvClkOeDOiCr4kFskeyKMKncG3DHSbf9UuZy7q8aHMq_kTbNb5WOeqU5hSHyGFZ0eaVRmyHvYgP_x_g11cJ0uKMwGLM53t5ETrcfGESMTu4CY86Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTZkMzQwZjgtZjI1Mi00MzgyLWFhNzAtZTk0YzhmMjUwZjg1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e6d340f8-f252-4382-aa70-e94c8f250f85
Request Chain 254
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg-_5-zVyvAxFs9M4dnsQBdOdrJjMGVZ0T5CiSTwRjKXHLQvqFlQKedgUhukGfyeUAjqoPOxqZI67y6gaWgqbyCEDr1ruIlRTpvcKARfHUL-CmAfwLzhL0vluRZLQ5fO3TDhXdT6ffwN4VAGCWIkoA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg-_5-zVyvAxFs9M4dnsQBdOdrJjMGVZ0T5CiSTwRjKXHLQvqFlQKedgUhukGfyeUAjqoPOxqZI67y6gaWgqbyCEDr1ruIlRTpvcKARfHUL-CmAfwLzhL0vluRZLQ5fO3TDhXdT6ffwN4VAGCWIkoA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwMTIxMTA2ODI4OTAxNjk2NQ&google_push=AZmPxg-_5-zVyvAxFs9M4dnsQBdOdrJjMGVZ0T5CiSTwRjKXHLQvqFlQKedgUhukGfyeUAjqoPOxqZI67y6gaWgqbyCEDr1ruIlRTpvcKARfHUL-CmAfwLzhL0vluRZLQ5fO3TDhXdT6ffwN4VAGCWIkoA
Request Chain 255
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_cver=1&google_push=AZmPxg9wdw8PAR6OgTcIjgntAvQXovqmzEBX___3nx6iCRiJOpSDHgVVi-mtvAe-5Vjee3DX-Kh8hpEMRGC3jSr9spaKaJiaFd7BKZprQi-kjHSytppLIvlLtSS4APCz2ZtdzpkEvnN-Yz_QM_peiwyX-2U HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_push=AZmPxg9wdw8PAR6OgTcIjgntAvQXovqmzEBX___3nx6iCRiJOpSDHgVVi-mtvAe-5Vjee3DX-Kh8hpEMRGC3jSr9spaKaJiaFd7BKZprQi-kjHSytppLIvlLtSS4APCz2ZtdzpkEvnN-Yz_QM_peiwyX-2U&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9wdw8PAR6OgTcIjgntAvQXovqmzEBX___3nx6iCRiJOpSDHgVVi-mtvAe-5Vjee3DX-Kh8hpEMRGC3jSr9spaKaJiaFd7BKZprQi-kjHSytppLIvlLtSS4APCz2ZtdzpkEvnN-Yz_QM_peiwyX-2U&google_hm=bDlMcGVpR1kzdFJMT05aU1dBTk8=
Request Chain 256
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE0kdM3XL_vmz85GWrWJnJY&google_cver=1&google_push=AZmPxg8gsEtTQvLHAq96zdi5nu9nC8i5M9Mg7gBPCYLwii4mXfWDHKy1iSVYUvFGnHt19fB1AsiTRA0fXJ3dPYuPaFTbRup88Is-Sskk0S_b3HbKM1Uoc1p5pqh31hxI6F4r12x5FgFJwJBzXbk9_nbQ4tI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=c_-h8Y4dTIJlxSFIQTYaYa310VE&google_push=AZmPxg8gsEtTQvLHAq96zdi5nu9nC8i5M9Mg7gBPCYLwii4mXfWDHKy1iSVYUvFGnHt19fB1AsiTRA0fXJ3dPYuPaFTbRup88Is-Sskk0S_b3HbKM1Uoc1p5pqh31hxI6F4r12x5FgFJwJBzXbk9_nbQ4tI
Request Chain 259
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg8Bj34SMufyjkeLX8ozM3JvZN5Mxu8SndwNvtm4akG_McsyR5ILDlwZwJEWc_DobN4MAf_Emz0Nh1AIbed_rGt9EUyPpgJ2tA HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg8Bj34SMufyjkeLX8ozM3JvZN5Mxu8SndwNvtm4akG_McsyR5ILDlwZwJEWc_DobN4MAf_Emz0Nh1AIbed_rGt9EUyPpgJ2tA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YmE0NDlkY2YtZTkyZi00YjRmLWJmOWYtZDIwMzNmODNiMTM2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ba449dcf-e92f-4b4f-bf9f-d2033f83b136
Request Chain 260
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg--qQNPhcgOEP7BQwVXklc__uRn77YuFHLKWmeHgCWu1eUhKqHIvI2ssaTe8cTmutPsgad3Mv9teZ3clYZ0IGjRxWCx2BbriQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg--qQNPhcgOEP7BQwVXklc__uRn77YuFHLKWmeHgCWu1eUhKqHIvI2ssaTe8cTmutPsgad3Mv9teZ3clYZ0IGjRxWCx2BbriQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzY4NzQzNDk0MTQxNjc2MjYwNg&google_push=AZmPxg--qQNPhcgOEP7BQwVXklc__uRn77YuFHLKWmeHgCWu1eUhKqHIvI2ssaTe8cTmutPsgad3Mv9teZ3clYZ0IGjRxWCx2BbriQ
Request Chain 261
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_cver=1&google_push=AZmPxg9zbfoVrPoa4Mppj6wZeNzNXuSSRsTm8AGb0uLICwp4xATcwYCMWPEHtlSFdLBkIF6pMdk4cyZDoU2unXBVhSJkgFc0PpiN HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_push=AZmPxg9zbfoVrPoa4Mppj6wZeNzNXuSSRsTm8AGb0uLICwp4xATcwYCMWPEHtlSFdLBkIF6pMdk4cyZDoU2unXBVhSJkgFc0PpiN&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9zbfoVrPoa4Mppj6wZeNzNXuSSRsTm8AGb0uLICwp4xATcwYCMWPEHtlSFdLBkIF6pMdk4cyZDoU2unXBVhSJkgFc0PpiN&google_hm=MnRkUWh3eE1iaFR0cWtLaXc1RzI=
Request Chain 262
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE0kdM3XL_vmz85GWrWJnJY&google_cver=1&google_push=AZmPxg97ZHa5Us92qqiOIttcGzKmUYtsMTWcppmmFnK_xzHnb3gGGhNqtaXHWJU7wiBBxX1-PBp_weEkwwG924dR8PvZNy-OLUVBOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ia4L_ahUTuldYwnoBG6bG6310VE&google_push=AZmPxg97ZHa5Us92qqiOIttcGzKmUYtsMTWcppmmFnK_xzHnb3gGGhNqtaXHWJU7wiBBxX1-PBp_weEkwwG924dR8PvZNy-OLUVBOw
Request Chain 285
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg9Sao2soP2VjXNEiwhiTt8lGdZzfafH83Hbm2Z9uC6CmJajyM-QkGQLIbJDUB8fY9w-cqhIv_PY9RbNq2DIhrHQ8hSxB0vpUMkInA44pfI8bMr4fAfU7__KywFTi-3zoSyp4qfQQhI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTZkMzQwZjgtZjI1Mi00MzgyLWFhNzAtZTk0YzhmMjUwZjg1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e6d340f8-f252-4382-aa70-e94c8f250f85
Request Chain 286
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg8oAMPV2Dt2tIB2du6UT57MpWFe31jLWEzTjfLNhkF4zLFj75QrFf1yAQKUZFUSe72BJcGxxrhZlh_xyvAdljZp7XR4WYuSggL6lIsMAN_zLWWzOQLuTbDXcq5D3Y7uvD2PHb1OxA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg8oAMPV2Dt2tIB2du6UT57MpWFe31jLWEzTjfLNhkF4zLFj75QrFf1yAQKUZFUSe72BJcGxxrhZlh_xyvAdljZp7XR4WYuSggL6lIsMAN_zLWWzOQLuTbDXcq5D3Y7uvD2PHb1OxA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMjkwMjczNjY4NzMzNzA4Ng&google_push=AZmPxg8oAMPV2Dt2tIB2du6UT57MpWFe31jLWEzTjfLNhkF4zLFj75QrFf1yAQKUZFUSe72BJcGxxrhZlh_xyvAdljZp7XR4WYuSggL6lIsMAN_zLWWzOQLuTbDXcq5D3Y7uvD2PHb1OxA
Request Chain 287
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_cver=1&google_push=AZmPxg9BnsddJRUhBo4Z5EQbaPZGx1GhVlaETZJjXUsYQxEaeK15LMQTXaGBd1GUSb5Sc2Xc2FZRfndKFBLBJoRyI0lwznLFfl6NLHZToA4ubq_0Alp0Ip9--At3hJUZrji6oHbXo2i7W0Q HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_push=AZmPxg9BnsddJRUhBo4Z5EQbaPZGx1GhVlaETZJjXUsYQxEaeK15LMQTXaGBd1GUSb5Sc2Xc2FZRfndKFBLBJoRyI0lwznLFfl6NLHZToA4ubq_0Alp0Ip9--At3hJUZrji6oHbXo2i7W0Q&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9BnsddJRUhBo4Z5EQbaPZGx1GhVlaETZJjXUsYQxEaeK15LMQTXaGBd1GUSb5Sc2Xc2FZRfndKFBLBJoRyI0lwznLFfl6NLHZToA4ubq_0Alp0Ip9--At3hJUZrji6oHbXo2i7W0Q&google_hm=Q29fWjVyWUp5b1JRR2ZiUU9KcE4=
Request Chain 288
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE0kdM3XL_vmz85GWrWJnJY&google_cver=1&google_push=AZmPxg_Lj6UHkNHpvCY2icbMZJ1CVnWWZvuWQ_56xERNdjbLI4bVzFmbc5ZLcpToHq73HXhVzdw3TpBfYjQzKgB0OB_NxOnCY-Mn9BxQfLk2C3nrAmsLtMXfxQPVMGXCQDKcUgavnocKpnE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Bl63L--BRQ1LG5GJ-xeZnq310VE&google_push=AZmPxg_Lj6UHkNHpvCY2icbMZJ1CVnWWZvuWQ_56xERNdjbLI4bVzFmbc5ZLcpToHq73HXhVzdw3TpBfYjQzKgB0OB_NxOnCY-Mn9BxQfLk2C3nrAmsLtMXfxQPVMGXCQDKcUgavnocKpnE
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA5NzU4MDY1NjgyNzMxMjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEEqeaSjf6zhRg-jbbG7TVpE&google_cver=1
Request Chain 292
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e6d340f8-f252-4382-aa70-e94c8f250f85
Request Chain 312
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 324
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8865220097830755215&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 325
  • https://match.adsrvr.org/track/cmf/openx?oxid=f7bcc2b4-9e79-7d10-e25d-17db10d63042&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e6d340f8-f252-4382-aa70-e94c8f250f85&ttd_puid=f7bcc2b4-9e79-7d10-e25d-17db10d63042&gdpr=0&gdpr_consent=
Request Chain 326
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1ivc8Co8YEAAIhGlnoAAAAA
Request Chain 327
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AaIdodanVDvcks8ADv_jCjsLEs8AAAGEEm1b4Q
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKtucYpv3HlfFDL0WYMqwSc&google_cver=1
Request Chain 337
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 338
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Drkt%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3097580656827308000V10&type=rkt&refUrl=&vid=67564670753097580656827308000V10&ovsid=1972928490758014420
Request Chain 340
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dapx%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=apx&refUrl=&vid=67564670753097580656827308000V10&ovsid=4251134718965978439
Request Chain 341
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dopx%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3097580656827308000V10&type=opx&refUrl=&vid=67564670753097580656827308000V10&ovsid=3f90ab2b-3579-47f0-8112-69b5a239a29e
Request Chain 342
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dmma%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=mma&refUrl=&vid=67564670753097580656827308000V10&ovsid=c1156358-af73-4f00-a2c4-b465787f34e4
Request Chain 343
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D%5BRX_UUID%5D&cb=1666756467581 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2761916041 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e6d340f8-f252-4382-aa70-e94c8f250f85 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9d536ec9-5e82-4aa8-920d-5845863682bd-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3DRX-9d536ec9-5e82-4aa8-920d-5845863682bd-004
Request Chain 344
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Ddxu%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Ddxu%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=dxu&refUrl=&vid=67564670753097580656827308000V10&ovsid=hxBWbXHw1ONxuP5
Request Chain 346
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D0a108aa2-95c5-4b82-a319-50c903275a37&gdpr=0&gdpr_consent=
Request Chain 347
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dzem%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=Co_Z5rYJyoRQGfbQOJpN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDN5PVUNLSLFFHS32SKFDWMYSRJ5FHATRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DONJWGQ3DOMBXGUZTAOJXGU4DANRVGY4DENZTGA4DAMBQKYYTAJTWONUWIPJTGA4TONJYGA3DKNRYGI3TGMBYGAYDAVRRGA
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 353
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-YlgjY2xE2uGWCT2Bxf5M3u0AAt4iR4tbWjCYWqQ-~A&gdpr=0&gdpr_consent=
Request Chain 354
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L9P3RHNQ-1L-GOHY&gdpr=0
Request Chain 356
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dtriplelift%26uid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=triplelift&uid=3297528069470816787454
Request Chain 357
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dzeta%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=zeta&uid=ua-4c9af021-d090-30cc-901b-1499eb913dff
Request Chain 358
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=smartadserver&uid=3530166902386920020
Request Chain 359
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVEMkQyM0ItNDYyRi00NzhGLUJDOEUtQTk1NkIyNDhGNTRE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 360
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=index_rtb&uid=Y1ivcTwsNC697faFC7nUTQAA%264897
Request Chain 361
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
Request Chain 362
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=appnexus&uid=4251134718965978439
Request Chain 373
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e6d340f8-f252-4382-aa70-e94c8f250f85&dongle=0cfd
Request Chain 374
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI5NzUyODA2OTQ3MDgxNjc4NzQ1NA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA1IGet2w8FsPl-kLruFOKQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 376
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI5NzUyODA2OTQ3MDgxNjc4NzQ1NA%3D%3D
Request Chain 377
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3297528069470816787454&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3297528069470816787454&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ced6bb0d-1051-44af-8688-e26339de7ade&_noobservation=1
Request Chain 379
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3297528069470816787454?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ITqPQtNE2oQEN8MTfqeUpcx.t26TmvBKX3WNUXyGWA--~A&dongle=0883
Request Chain 382
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Co_Z5rYJyoRQGfbQOJpN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5INXV6WRVOJMUU6LPKJIUOZTCKFHUU4CO&gdpr=0
Request Chain 387
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e6d340f8-f252-4382-aa70-e94c8f250f85&expiration=1669348467&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBFnrf1nt9YAJbXejH114c4&google_cver=1
Request Chain 391
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0c3b6358-af73-4300-b840-d9d9fe4e94ad
Request Chain 392
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4251134718965978439
Request Chain 393
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4251134718965978439
Request Chain 405
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 407
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9P3RHNQ-1L-GOHY&gdpr=0&us_privacy=1YN-
Request Chain 408
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4251134718965978439
Request Chain 410
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
Request Chain 412
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2287944550 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e6d340f8-f252-4382-aa70-e94c8f250f85 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9d536ec9-5e82-4aa8-920d-5845863682bd-004
Request Chain 415
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F6102%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 416
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-XXT5rqFE2uHgcU_xXLmcrkZxYHcIJeC4CXCLn5c-~A
Request Chain 417
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00YzlhZjAyMS1kMDkwLTMwY2MtOTAxYi0xNDk5ZWI5MTNkZmYqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNGM5YWYwMjEtZDA5MC0zMGNjLTkwMWItMTQ5OWViOTEzZGZmMgEGOAE=%26buyeruid%3D
Request Chain 418
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-XXT5rqFE2uHgcU_xXLmcrkZxYHcIJeC4CXCLn5c-~A
Request Chain 422
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e6d340f8-f252-4382-aa70-e94c8f250f85&gdpr=0&gdpr_consent=&expires=30
Request Chain 424
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHRLyoTrkrbAmfRG6zhDAUU&google_cver=1
Request Chain 429
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8865220097830755215
Request Chain 431
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB
Request Chain 435
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e6d340f8-f252-4382-aa70-e94c8f250f85&expiration=1669348468&gdpr=0&gdpr_consent=

434 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
www.bg3.co/a/ 		56 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d8eca1ffbccb7a95d58861b8bc730be026f794d70d8d008899fad9eda58ad43

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Oct 2022 03:54:15 GMT
ETag
"df60-IrgCcMJhx8IhDxZ+UqJN8SnNsvA"
Expires
Wed, 26 Oct 2022 04:54:15 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
280f65f41d5c1f1c884ca450563c5830c78c3157ca8ae30083d52f653f672997
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 03:54:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72627
x-xss-protection
0
server
sffe
etag
"94dc74ec042f425a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 26 Oct 2022 03:54:16 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d2ed3fd545568285345130ea7f5bb020dc63073584458309435e74476ffa462a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 03:54:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9676
x-xss-protection
0
server
sffe
etag
"89bc2298b0b5dac0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 26 Oct 2022 03:54:16 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a0aed5d6070276dcbf847b073b7d275ae9fce1b5759926b8486938019f13223a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 03:54:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7580
x-xss-protection
0
server
sffe
etag
"fa5fea1d25453090"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 26 Oct 2022 03:54:16 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 03:54:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
etag
"4e6c8ca7bdbf4727"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 26 Oct 2022 03:54:19 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:17 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gR4WWDVPdzv8CMeOAvTs9yrpSF1wokHSTbE6yyoBEhthCw9l9DJYTxMSni1eSRUIIT0WgR2RuvzwuDdBQj1etD9dwQXPSdZ40VW%2FyAUNo9g4zAbMDz5SZdOsZGSnOJzqrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76003ff2dbf8a7ea-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 26 Oct 2022 03:54:17 GMT
content-encoding
br
last-modified
Tue, 25 Oct 2022 07:00:26 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5
x-cf-geodata
AU
content-length
9035
expires
Wed, 26 Oct 2022 04:54:17 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 26 Oct 2022 03:54:17 GMT
content-encoding
br
last-modified
Wed, 05 Oct 2022 09:36:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=4
x-cf-geodata
AU
content-length
105274
expires
Wed, 26 Oct 2022 04:54:17 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:17 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1666756457.dop028.sj3.t,1666756457.cds203.sj3.hn,1666756457.cds210.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
5b807fec54a133737cf01c49a01d7f52.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5b807fec54a133737cf01c49a01d7f52.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373016ccf45bdd69b18669c757317a28e52c35cf381bbb79e851b3b8b7bb401d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 21:26:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5B807FEC54A133737CF01C49A01D7F52"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCvku2XlLK6g8VRFnpFEHy6%2ByMj5wO0pNLts4UmrZ5%2F7hlE8swBFOahaVtwjNeYOTs0xRbdI4Fk4n36PXV1puiQw8tBJHpUIehvaCZVLLgN5v1qPIaccbD%2FmBCbguDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ff46bc1a96d-SYD
content-length
8703
expires
Wed, 02 Nov 2022 03:54:18 GMT
ed39c4c103af19858afc1783d4e0c8ba.jpg
static.bg3.co/imgs/202110/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/ed39c4c103af19858afc1783d4e0c8ba.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e806aeed209a3d575a7fc70ef9f4377b31bb2471f7808902482b5ce134313664

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Oct 2021 06:58:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ED39C4C103AF19858AFC1783D4E0C8BA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wmlzQNmVC0u4e1d7pP2UHpDV3ohXTF%2BY6NIgwkKBVGWgQdukNgnrzjVs%2BDoC82kH69idRAwVdnS5P36yIf9avoB3l3e5m6CW4OUTSHbjFqgEOoBEDuF1Qpnm9eBcJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ff46bc2a96d-SYD
content-length
7185
expires
Wed, 02 Nov 2022 03:54:18 GMT
5732eb18cf650e39f116741f942ad30b.jpg
static.bg3.co/imgs/202105/ 		553 KB
554 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5732eb18cf650e39f116741f942ad30b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13f94db3214035ccc4cce69e43e994319ed1daff55f367b14bac9a9e0242f14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 23:06:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5732EB18CF650E39F116741F942AD30B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1BAnxklRZXpPpMle1p8UA7Lk6RFtGj%2BO9gjTOcOjoNFLe7vvRYu%2Fki2Y9vWx96qfzh6rc368ge9LDNbWzOk6O%2B1Itxnx6%2FDmjMyv9iCI8z6p3VrPFomMn4XvDIj32Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ff46bc4a96d-SYD
content-length
566030
expires
Wed, 02 Nov 2022 03:54:18 GMT
14a4eb1de32a5d1b77755988e6b3f1da.jpg
static.bg3.co/imgs/202202/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202202/14a4eb1de32a5d1b77755988e6b3f1da.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fff63a70e66a84003bf0102066ebb0a83f95dc277e60ca3fbf4588d12546578

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
cf-cache-status
MISS
last-modified
Wed, 16 Feb 2022 00:22:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"14A4EB1DE32A5D1B77755988E6B3F1DA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVvTVEqD3TAy0a1YBa%2BvEWD0vmmnx7Z%2BBDgrGbAUYyEDNMt6BmX%2F4zeRv3GsmyTNRO0Btt9w5WUP%2F9WzXhOYxGKn756jmr7OX3kGPWHd3h71%2FOYUKqt1Rny3bqc5gK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ff46bc5a96d-SYD
content-length
4325
expires
Wed, 02 Nov 2022 03:54:18 GMT
3517801e936be35dc9760e802db60952.jpg
static.bg3.co/imgs/202106/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/3517801e936be35dc9760e802db60952.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1c9094879060bcad1478a6b5df25524b026944b304816e8fe99a722979f622e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 08:03:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3517801E936BE35DC9760E802DB60952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRuCgDZG%2BrE08%2FKpI%2Bj6BxZBFSfNgVfGS0bB7Elx%2FAzVsnAKGb7jwisLTIsWqFen0j5vZmWr3wjGrxXLP9S2TcOIn%2FpJ3VGH5dkbxC1YXhhvsIw9F1Zv7xCotRqdMQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ff46bbda96d-SYD
content-length
9830
expires
Wed, 02 Nov 2022 03:54:18 GMT
c90df31eb835a497ece4717dd8bbd3bd.jpg
static.bg3.co/imgs/202106/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c90df31eb835a497ece4717dd8bbd3bd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620acf54bfa7499b88ebdbdba63537f7c2fbf1e1998388fcc2a88052fc4c7026

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 23:58:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"C90DF31EB835A497ECE4717DD8BBD3BD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNbu4%2F3%2BnqJSPh1mePjGx%2FmBO93MUf5K5M%2Bp7aSdTPaXIt8aAC4OVl0TZx9YpUFL4M%2FgKXdtQul210i%2BLyJsXYM%2B5TQzdG7l%2BAPVvoIIZ6JRzYO%2B%2BrjfxucEWY1yQdk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ff46bc0a96d-SYD
content-length
5230
expires
Wed, 02 Nov 2022 03:54:18 GMT
90feca32465e99c67a636ca8678ddaa1.jpg
static.bg3.co/imgs/202106/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/90feca32465e99c67a636ca8678ddaa1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4fea6aabf1c7acfc49527aecbc75c28e26ee13ebebf75c8cd029f7eb74b973

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 21:51:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"90FECA32465E99C67A636CA8678DDAA1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VE3Yvi8H0X1A9YwnB%2BsFOLdmuw%2B5rSfeZMrj1TDlEEmRLFQbOe%2B9865DoNssP6HoAkJ8L%2Fgoh12ULKyvWDQZ6u5V59O%2BZLRoc%2BP6ZlmoI%2FXdCcSDYuiU2UgYHr34B%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ff46bbfa96d-SYD
content-length
10756
expires
Wed, 02 Nov 2022 03:54:18 GMT
e2536fa2552f2be6275cf648a2a4982e.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e2536fa2552f2be6275cf648a2a4982e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1a9f141054817013d6def3c02cca28a5dee0b7a181eb53a11e5eaa6d8e9788a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 07:18:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E2536FA2552F2BE6275CF648A2A4982E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1slq1uSe3kXnBtNq4tYmG%2For4zrN7bG3GXSMRUjZDYJs6iYztwyEUNmpjd4gRJVI6CmoRtDoX%2Bj%2F3doG8U6q%2BCoNAUnLCTTOCDbyQQqibvR5pJOGmuTJz%2BeHVzSRQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ffd1f82a96d-SYD
content-length
8786
expires
Wed, 02 Nov 2022 03:54:19 GMT
96bcd3f1e06179920f069619f91e73be.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/96bcd3f1e06179920f069619f91e73be.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c7a175843b9b8b8516b8facc3c7db87e62dcabe9748f7101a61c55bec2d4c73

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 10:29:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"96BCD3F1E06179920F069619F91E73BE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avJPXoBAs0oqyheqLrzPr1zcNC1qMSNSsv84rLsg87IN3eQyK30QEpSrXqHzplRGIcicZv%2B7W5NyBlg7VWfbZI%2FrMxPlk6APgjqE8SmQohHA4YgurJssy14SjrvhGEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ffe7926a96d-SYD
content-length
5940
expires
Wed, 02 Nov 2022 03:54:19 GMT
ffc9e01bf0c67b707e714c9852492dab.jpg
static.bg3.co/imgs/202106/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ffc9e01bf0c67b707e714c9852492dab.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33cf47e41bf8ec192949d3fb5dab90f082d3702d3f655adf0035e30f8f0767da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 09:28:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"FFC9E01BF0C67B707E714C9852492DAB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FyjWXknj59ilCZemEwNSOuasjb0f7YNET7kQfULrEuvs9%2BeF54v1a1wtqLlU9%2FXJVfwPxfo%2FIyyAqUQLIt1%2Bsu2W%2BojP%2BbguRRJLPTj99Kmb3tP8%2Bub5UUCXM2nTN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ffe7937a96d-SYD
content-length
15244
expires
Wed, 02 Nov 2022 03:54:19 GMT
58ef77ed4db97798a56a40c99facf7df.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/58ef77ed4db97798a56a40c99facf7df.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73373991eac312472337b27e27d0afcca20b5102b0dccff89cf502d1f705d36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 08:57:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"58EF77ED4DB97798A56A40C99FACF7DF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daU53HN%2F2WV2pTNrs3dj84B%2FJa5MLf0VSLP%2Bt4bVXD9Bh7szNklbVdDRqeyhBIbtZYVaRxQ2z4SPsKH5kd3W9xehGpxX3OpMZPvDd5ZndYyJ85xle%2FhRF5caWUiK1z0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ffe793aa96d-SYD
content-length
7018
expires
Wed, 02 Nov 2022 03:54:19 GMT
d8ed0f6738741ee5f567788d1a788624.jpg
static.bg3.co/imgs/202106/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d8ed0f6738741ee5f567788d1a788624.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f09e22efc805bed870cf0765df49eb4d0404617fff40ff58957f810df822dc8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 11:08:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D8ED0F6738741EE5F567788D1A788624"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAuPDUZRJ1JfNClShvODsSA%2F2VqwUf0LUU6JiKEbt2CeKT8pkjmAv57iiKpgn3OSD6jTSZIQFgyPEn%2B7wdX7%2F%2BUwf%2BPfaDsUk8fEh5v3ng%2Bu%2F8zNFxyaZ%2FLwxqPaeeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ffe793ba96d-SYD
content-length
7356
expires
Wed, 02 Nov 2022 03:54:19 GMT
7cc4f98c9d61a9a51383a822ad5e4de1.jpg
static.bg3.co/imgs/202106/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7cc4f98c9d61a9a51383a822ad5e4de1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a726284f6362626b72a3c5bb70fd9b35b306ca323fc74ac05b4b6752be4b38a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 18:48:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7CC4F98C9D61A9A51383A822AD5E4DE1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HlQk0eLTi%2FFpdWAZozvS9q7iw6zBWf7eSN9xu3EgjFUIp8AYGDjD%2BRJHahR74J28ZiSzn7YcB2e5z0rwk%2BQK52IzqC2ydV4CkrmYaw1RfHXe82j5um60T5hx3OxrWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ffe9951a96d-SYD
content-length
12130
expires
Wed, 02 Nov 2022 03:54:19 GMT
c6ce321af803019732a1fb3298f3f404.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c6ce321af803019732a1fb3298f3f404.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8302bd622828fa309784460cc3e186d87c72558b21b8f23045ee71e40ec73723

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Jun 2021 06:26:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"C6CE321AF803019732A1FB3298F3F404"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCROfB4WkU37SytHK3RSm3dtIydwoCqUPQmgYVFLAEVhBg8nFWZN%2B1YuDRipkXNS9zabYIUwt6uFjcV5BHKT%2Fg%2Bdoe5ULlZ6nbhYLnEcbZqwRd0ZbPA8wpkhouofTK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ffe9954a96d-SYD
content-length
6180
expires
Wed, 02 Nov 2022 03:54:19 GMT
b6350a4f7109d95b67f7761aa491e22a.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b6350a4f7109d95b67f7761aa491e22a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5707c61eea9e2e9a128ce265780189bcd389478b2a2ec96bc8df37c589781567

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 00:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B6350A4F7109D95B67F7761AA491E22A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqG585T7XR%2B9kB9yfW%2FRWHJ4vqzunOhGLjKTHJrpiA9ibtnKQ2n%2BmlNHLbUFZcKcx7qLG35%2B90A7Ngk58gpe0BQ8%2Ftg1YM3UEuwng56VtTnAMR2qxN214oJAHix5e2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
76003ffe9955a96d-SYD
content-length
8193
expires
Wed, 02 Nov 2022 03:54:19 GMT
6a5fc41d8a815ae29525e023e4d3def6.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6a5fc41d8a815ae29525e023e4d3def6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d22eae55760b086559a9853b402289fbaefd27b7d855336b3664933bff0fd2c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 17:24:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6A5FC41D8A815AE29525E023E4D3DEF6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc8WB%2BugvhvCOE2EGfITInHzL12nNY41Jw7q0sAwiPCvqjcIacVnICfAFpV%2BijQrBgZ1E2x5lpzjevJ2wIMVqzVqhbwTpXkm8ZNpGcKeeVtPrSSyT7ooREmJLQIdNDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
760040026e81a96d-SYD
content-length
4541
expires
Wed, 02 Nov 2022 03:54:20 GMT
d955855ade536de6ffda0ec027a921dd.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d955855ade536de6ffda0ec027a921dd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd6da6ff2b5c7f3061f874463cd7fc2cc3e52940c5d24b750424a4bd7b5f35f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 04:46:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D955855ADE536DE6FFDA0EC027A921DD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeJ1AKMaQfhKl%2F03lZKpHy7hEDKUxDQw2ai4RPO%2F0Ee0nsbpnA%2BSqvUfK2AsI8TUMXveJHVcgNoak6evVv5qP4Zxoig5gnPxtv%2Bx4We%2F6LtsmMzUSjAibIZqEWBLyHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
760040026e82a96d-SYD
content-length
6794
expires
Wed, 02 Nov 2022 03:54:20 GMT
f0903211b7521c196637589f5a9a6b87.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f0903211b7521c196637589f5a9a6b87.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c61aad8a31bf9566c57c01d3e897b3a6104c29122a04b1c443a4ae1caa7637a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 01:22:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F0903211B7521C196637589F5A9A6B87"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMccEHg5mZEWQJJc2cnRkaP5tjqUUc7LLcWLQEhrkPKtYSsTzbwSjOZ%2FB4eDQsZb7vDrDU6vWhesMqRmg%2FnomdMH33NNNc63ywySTw6G%2Bb4pEFjsH63tk8%2FE0mhaBPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
760040026e83a96d-SYD
content-length
4057
expires
Wed, 02 Nov 2022 03:54:20 GMT
3a953780f0eeb41e942af33883bc9b95.jpg
static.bg3.co/imgs/202107/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/3a953780f0eeb41e942af33883bc9b95.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07bcfe5be714693a093c0dd1e3d6ab073f8a1bbd124095ee0b7631750cd9221

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
cf-cache-status
MISS
last-modified
Thu, 08 Jul 2021 18:11:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3A953780F0EEB41E942AF33883BC9B95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BR0kRqYVoGT3G3jSTU9vkeWy09rU0Z%2BmRWMCXqKw4NuCswqjMW%2FIhcsF1gBvV05x9%2B26K3NhP8IEDeu1JkV6U2zQtWE5hfMoPrJdb9jPdnddZ4QchS4cg%2F89ntvD7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
760040026e85a96d-SYD
content-length
6836
expires
Wed, 02 Nov 2022 03:54:20 GMT
efe9a393586d8845b2d0bf69d1e2fbd5.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/efe9a393586d8845b2d0bf69d1e2fbd5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e1ce5759089356f735fdde922a67a450135ae257f474d91f3c6f21789a81d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 14:44:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"EFE9A393586D8845B2D0BF69D1E2FBD5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ado9Lfiq%2B0nKrFn8rIMwA9E7b4G6uEbIDJzC1OOvj0ige%2BXeeA%2BGERm9%2F%2FZIgV6gfuP3RJjdis66WyRtEcHItrF%2FQRpNqb1Yq5vvuTpnvEvB2jcssByqPEfbKvQxtHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
760040037fefa96d-SYD
content-length
5443
expires
Wed, 02 Nov 2022 03:54:20 GMT
201d11a123a8214ddbf34605f08b75de.jpg
static.bg3.co/imgs/202106/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/201d11a123a8214ddbf34605f08b75de.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd68ae623feacb1b3e15fc6612cd2bda123e7da4d0d3b27163cff14244298a48

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
cf-cache-status
MISS
last-modified
Sun, 13 Jun 2021 16:08:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"201D11A123A8214DDBF34605F08B75DE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ce13G9U00Imi4yVSTvOJZPxcHkAtE442tKrRv%2FH5udL69ucjSrAMMJ9hKJjYQokwuu0taTQEcL%2BOIp7Ru9fAAR1QnpT9eg4wwzk5ygMMMF6xFvOPc%2BVUn%2BFzjnd3rb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
760040061be1a96d-SYD
content-length
4006
expires
Wed, 02 Nov 2022 03:54:20 GMT
e9c8a0d08e0f8cf400de6948a8d34c77.jpg
static.bg3.co/imgs/202106/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e9c8a0d08e0f8cf400de6948a8d34c77.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d16088079db948faa5c25430593d7b2c1d9e440d3eeb98844b485792ec5db19

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 11:18:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E9C8A0D08E0F8CF400DE6948A8D34C77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BK7fgGAadDWjPSGhil6rFrKJGIa5cCgxKNoZdd8lP2W7RDiFUO1v%2FI%2BpcLfcYHWcecTCr1x8o0JX5jVys8OF5DlSNACeYXoORAeS1JYFo1QUVMd4RUP4IDbOIZDKjdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
760040061be3a96d-SYD
content-length
7534
expires
Wed, 02 Nov 2022 03:54:21 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
dd077349a06d9c21c75ffc7b287de576f506a262b218d8a9926dc10145ccf4df
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Oct 2022 22:16:42 GMT
age
20258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
server
sffe
etag
"a122783c89e19dfb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Oct 2023 22:16:42 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
3b17e5d516f9bd51ed05461dcca0a156e97a77768ff453f678a493de698783ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Oct 2022 22:16:29 GMT
age
20271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23041
x-xss-protection
0
server
sffe
etag
"ea9f23854f5e71da"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Oct 2023 22:16:29 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e843075b4de1b815c512b135f360fe4674f55dca31ce715241f670b4131353bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
595
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d54633573668b4703db3bdccede99c1076819aa2bb287773cf8ef5d2bebae418
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Oct 2022 22:16:42 GMT
age
20258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3839
x-xss-protection
0
server
sffe
etag
"cadad0096bbc82de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Oct 2023 22:16:42 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1666756460.dop028.sj3.t,1666756460.cds203.sj3.hn,1666756460.cds046.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6196
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p52Qas2JWLmrlIP%2BF3W8T7aKjOntCorPaN%2BNCXu4iCGKUk7xG8H2FQfnDieV3zkSNL3%2BpCltGb4i0RrSe%2FyRSXJy8hMCyyTopA3ZjZyfF0ByazuXb%2FHdq2VGVd3%2BsNEaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
76003ff43e5ca7ea-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
f9723d3f41444061b801c833bb798bd89f1c4e1333612c639c347d2284ccc3dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 03:54:18 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
f9723d3f41444061b801c833bb798bd89f1c4e1333612c639c347d2284ccc3dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 03:54:18 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9167477048042403&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 03:54:18 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.5902609431606345&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 03:54:18 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
56df0a279f759f13bf5024aaf4547c82d47fad55498ba1473aece0f2c9587531
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Oct 2022 22:16:55 GMT
age
20245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10232
x-xss-protection
0
server
sffe
etag
"c8f64f42400c7620"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Oct 2023 22:16:55 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1666756458183
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 26 Oct 2022 03:54:20 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Wed, 26 Oct 2022 04:54:20 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BF6A 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
0b4a7f405b8ac41af5f67109eef04604ef18be4ef4401ddc1fbb3e625fd0de0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40067
x-xss-protection
0
server
cafe
etag
9524522086757827622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 03:54:18 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8DD5 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
02c8b43aeb928d29f42d1fbaf7cd782b6a567a349028ab60f8cc48e8aa089557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40074
x-xss-protection
0
server
cafe
etag
12480982189336500777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 03:54:18 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 0678 		714 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6526
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76003ffb0edea817-SYD
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 03:54:18 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rh3xX7J2JmM1dCP8ivX5p2RVAOSvboFKlZqjzIu5KWXFcatSbvaYtdLguEUx7f9zivTcSqWiH8T6PXbQuZRbP%2Bgr7bJJImdMhtmB6BEP8zt3HwRFzVlcWkUDCX1mXE2vQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 03:54:20 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3812 		714 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6526
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76003ffb6f8da817-SYD
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 03:54:18 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76yMGB6sqoEN1W%2BkTmjZQUQwpUM72w%2B2%2FtjYgqed9ISYElenpdke4nVTw6fFD3owCzY8iB8ZKKlC%2BHfhisMV%2FFfQixZlXeaUlC47BS%2BI%2Bd71i84yGQnIqf%2FsnYBrI3OGAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0678 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
aecd275db55084f011e0c856ff9479acba68d2e1e1b42c6f08e6cc9414dfda12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27345
x-xss-protection
0
server
sffe
etag
"1374 / 170 of 1000 / last-modified: 1666747921"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Oct 2022 03:54:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3812 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
acec5eacb1b4d876d6ead9a4bca74986cd7f25528ba09f3bb1a55b050a189eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27344
x-xss-protection
0
server
sffe
etag
"1374 / 858 of 1000 / last-modified: 1666747876"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Oct 2022 03:54:19 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ Frame BF6A 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
3123b687869e2f9fb8303d1b4363be6f18e9f2a701ae6f515d43532d2343aeea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118752
x-xss-protection
0
server
cafe
etag
6411728657198545622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 03:54:20 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ Frame 8DD5 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js?bust=31070467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
7d8e6039c97598be9f5e7e83c7a1d3290441bb9221bd5df605ce1e35d58adf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118765
x-xss-protection
0
server
cafe
etag
16451197366737157240
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 03:54:20 GMT
gtag.json
cdn.ampproject.org/rtv/012210010655000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Oct 2022 21:23:05 GMT
age
23474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"af0e5541a4a7e61b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Oct 2023 21:23:05 GMT
pubads_impl_2022102001.js
securepubads.g.doubleclick.net/gpt/ Frame 3812 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 05:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130516
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 05:25:34 GMT
pubads_impl_2022102001.js
securepubads.g.doubleclick.net/gpt/ Frame 0678 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130516
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 26 Oct 2023 01:45:25 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 3812 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3812 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3812 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2126733901434926&correlator=111520004161080&eid=31068458%2C44761478%2C44775319&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1666756460424&lmt=1644386353&dlt=1666756458857&idt=1543&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=iuxw6zdqmduj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1448476106.1666756460&ga_sid=1666756460&ga_hid=1808482593&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ed3c51bd1b4bf9c15cef0a9ed85c7e76f216467179db5fdf492961c00c0eb36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bd434c13192b0ba3801f7c67ab0b5479.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0429 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd434c13192b0ba3801f7c67ab0b5479.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:20 GMT
expires
Thu, 26 Oct 2023 03:54:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E9%95%B7%E6%BE%A4%E9%9B%85%E7%BE%8E%E3%80%8C%E7%9D%BD%E9%81%954%E5%B9%B4%E5%8D%8A%E3%80%8D%E9%87%8D%E8%BF%94%E5%B0%8F%E7%86%92%E5%B9%95%E4%B8%BB%E6%BC%94%EF%BC%81%E3%80%80%E6%90%AD%E6%AA%942%E8%82%8C%E8%82%89%E7%94%B7%E7%A5%9E%E8%BF%BD%E5%86%A4%E6%A1%88%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-JMpm2PFr2QOokQC6DhCKBQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.547925284525302&gjid=0.519919112567097&_r=1&a=705&z=0.28548946989836255&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 0678 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0678 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0678 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=948058443876234&correlator=1206633403415270&eid=31070528%2C44761478&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1666756460603&lmt=1644386353&dlt=1666756458779&idt=1804&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=7wn752ymtc5v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=267232604.1666756461&ga_sid=1666756461&ga_hid=772218756&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
aa6c0c7befcf40d513b597bf466c8658c6e156947e2ef47aefa3ff0bb90b0e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ad6d7095e9b3fbb668a951e5b126aafb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CDF4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad6d7095e9b3fbb668a951e5b126aafb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:21 GMT
expires
Thu, 26 Oct 2023 03:54:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1a12e03c6e7368771df0045c0d29660585881ec9e385b5cc885351c2a0bc3905
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Oct 2022 15:19:15 GMT
age
45305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57866
x-xss-protection
0
server
sffe
etag
"a079e55eff1cbcb0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Oct 2023 15:19:15 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=13
content-length
94168
expires
Thu, 26 Oct 2023 03:54:21 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=12
accept-ranges
bytes
content-length
317
expires
Thu, 26 Oct 2023 03:54:21 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
17440
expires
Wed, 26 Oct 2022 04:54:21 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?event=PAGE_VIEW&data=eyJzaXRlSWQiOjQyNzUzfQ%3D%3D&pxRes=false
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
server
nginx/1.14.0 (Ubuntu)
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
acec5eacb1b4d876d6ead9a4bca74986cd7f25528ba09f3bb1a55b050a189eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27344
x-xss-protection
0
server
sffe
etag
"1374 / 65 of 1000 / last-modified: 1666747876"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Oct 2022 03:54:21 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjY3NTY0NjEwNTEsInBhY2tldElkIjoiMDAwMEE3MDEtNDUxNWNiZWMtMDU2MC00ODQzLWI5NzYtMzljMmYxNmU5ZDFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW5nLXplLXlhLW1laS1rdWktd2VpLTRuaWFuLWJhbi16aG9uZy1mYW4teGlhby15aW5nLW11LXpodS15YW4tZGEtZGFuZy0yamktcm91LW5hbi1zaGVuLXpodWkteXVhbi1hbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6400.199999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjY3NTY0NjEwNTEsInBhY2tldElkIjoiMDAwMEE3MDEtNDUxNWNiZWMtMDU2MC00ODQzLWI5NzYtMzljMmYxNmU5ZDFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW5nLXplLXlhLW1laS1rdWktd2VpLTRuaWFuLWJhbi16aG9uZy1mYW4teGlhby15aW5nLW11LXpodS15YW4tZGEtZGFuZy0yamktcm91LW5hbi1zaGVuLXpodWkteXVhbi1hbi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6400.900000095367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY3NTY0NjEwNTEsInBhY2tldElkIjoiMDAwMEE3MDEtNDUxNWNiZWMtMDU2MC00ODQzLWI5NzYtMzljMmYxNmU5ZDFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW5nLXplLXlhLW1laS1rdWktd2VpLTRuaWFuLWJhbi16aG9uZy1mYW4teGlhby15aW5nLW11LXpodS15YW4tZGEtZGFuZy0yamktcm91LW5hbi1zaGVuLXpodWkteXVhbi1hbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=6401.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY3NTY0NjEwNTYsInBhY2tldElkIjoiMDAwMEE3MDEtNDUxNWNiZWMtMDU2MC00ODQzLWI5NzYtMzljMmYxNmU5ZDFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW5nLXplLXlhLW1laS1rdWktd2VpLTRuaWFuLWJhbi16aG9uZy1mYW4teGlhby15aW5nLW11LXpodS15YW4tZGEtZGFuZy0yamktcm91LW5hbi1zaGVuLXpodWkteXVhbi1hbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6405.900000095367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY3NTY0NjEwNTksInBhY2tldElkIjoiMDAwMEE3MDEtNDUxNWNiZWMtMDU2MC00ODQzLWI5NzYtMzljMmYxNmU5ZDFjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW5nLXplLXlhLW1laS1rdWktd2VpLTRuaWFuLWJhbi16aG9uZy1mYW4teGlhby15aW5nLW11LXpodS15YW4tZGEtZGFuZy0yamktcm91LW5hbi1zaGVuLXpodWkteXVhbi1hbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=6408.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3812 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
4e1d86cccd80a12a938b7ae1b5ba32ba9c261f0ab0b155b3cf661251ae8919d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11245
x-xss-protection
0
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-20671926272823164609.ampproject.net/2210010655000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-20671926272823164609.ampproject.net/2210010655000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0678 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
0899e7dab5846e89079360c2a30ab99fbf0d330e36e2771c5de6a8266b7c9f49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11281
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 8DD5 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js?bust=31070467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a9af27e29acfea4a046869073069d58d65a71334ea90da8b2c8034d9b4708f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 8DD5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js?bust=31070467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8DD5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js?bust=31070467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 88B5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js?bust=31070467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
938
content-length
673
content-type
text/html
date
Wed, 26 Oct 2022 03:38:45 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 75d57b6f1d28b9be49fef8fc0aa4a23c.cloudfront.net (CloudFront)
x-amz-cf-id
3KYSBho5h9BJ4qZ-0cm07Qp1HxdFzNu1DJuSRV_JG2fiWrZK7YGi8A==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:22 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame BF6A 		379 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
1c8e16104b0e6422af2018a70f1a3c8698cee105f42f716edced33249b004096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame BF6A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BF6A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9EC7 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
edac349b96c6c62e0513d7a0a819e8fdb1167eafa680956220b0403bc074023c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12204
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:22 GMT
expires
Wed, 26 Oct 2022 03:54:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3812 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:22 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 434D 		603 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3150269307335175326&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3288&oid=2&is_amp=5&amp_v=2210010655000&d_imp=1&c=226000705&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&ga_hid=705&dt=1666756461283&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&bdt=4947&dtd=370&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:22 GMT
expires
Wed, 26 Oct 2022 03:54:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0678 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:22 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
530ada81665d4f8f68e14afba4d6ae64128d80240dda6ddc8919b31d65a69702

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
etag
"bLcVTDhl2t9kvw7/36cOxA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 02 Nov 2022 03:54:22 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221026
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b961f3e5429f6cba42937515ec75515393c936905bf2d1d3da51056398f1b4d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
3170
x-jsd-version
1.0.1504
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4572-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"666-7YdXr8FPpsywxYfavqZQHipv5Pw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
760040113d1ca973-SYD
prebid
prebid.media.net/rtb/ 		1 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7412f2123229e885f3085e2b0fc6a05cc0058c4f54a58c3301bd94076af79ade

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
513
alt-svc
clear
arj
adpushup-d.openx.net/w/1.0/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=21a7f1e9-ad80-43e0-8d9c-3da657d4207b%2Cc31143ea-3143-448d-83bb-335978666236%2C1c04fabc-f7d1-4c5b-888a-8ed876c056f8&nocache=1666756462027&pubcid=2410fded-37fe-42e7-b88b-df3374f103bf&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6c6be8c4182d09db3dfd3dd01bc0b1c3842ab6a0b9d6e6ba6d2b57132b96f48b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2696
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=da1d57d4-ff82-40fe-8693-cd23518ef18e&nocache=1666756462028&pubcid=2410fded-37fe-42e7-b88b-df3374f103bf&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=28b4c569-aea7-45ff-82c2-506daecaccda&nocache=1666756462028&pubcid=2410fded-37fe-42e7-b88b-df3374f103bf&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c60f3c7a-147a-483b-b9d0-7e2876bfe2a1&nocache=1666756462028&pubcid=2410fded-37fe-42e7-b88b-df3374f103bf&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 26 Oct 2022 03:54:23 GMT
cygnus
htlb.casalemedia.com/ 		37 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2216c837e2fd53b14%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22232bd37bc7eb822%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222643911353bc317%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2227e3cd399580f7a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222410fded-37fe-42e7-b88b-df3374f103bf%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ae663f3fd81d1a020e65ffc0b69251736602e28017350edb65fad173d35409

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
760040115e58aac1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2216c837e2fd53b14%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222643911353bc317%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2227e3cd399580f7a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222410fded-37fe-42e7-b88b-df3374f103bf%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ae663f3fd81d1a020e65ffc0b69251736602e28017350edb65fad173d35409

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
760040115e59aac1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.121.116 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
b577dd6b2f12f4f6e1f7a2b9de4802e1b5e6d80f456de52ccb793796ba9ff2c2

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.121.116 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
2cb9c123035209c64ecedd08a8d96307a1ce3e4a5a195e0494c56aa98fa925c5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.121.116 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ed031b57f5675a0baf10f35fb2183729eb7d339f9c153aba931de54fc0bf43d0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=2410fded-37fe-42e7-b88b-df3374f103bf%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=6f483265-cf79-480b-a892-25e095e2099a%3B21ea5ee3-5fd4-4526-9d8e-41ed2ad00001%3B2f0780d0-69c8-4dd5-b42d-5c2fa3fc3ee0&l_pb_bid_id=29052a3838f80f1%3B30b133689d044b9%3B31fb80e49f33dc3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.4240775414854103
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d4375c1ebe02a95a7e37975e519ab3a6a7908fdd07884716745fd816475690de

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.121.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-121-143.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1953c66074d7eb7705ca4778e482e89a497e503f27e52bb0d05fdeac0f3430d0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3740
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
adreq
ads.servenobid.com/ 		656 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3745
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.114.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-114-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c46f7fadb683c44c08212442b5b1af83da52fd88bda523456fc4e6d72dc70a8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=74464553831
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 03:54:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		50 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
dfeb10b1ca3323529b0871057cf8b475f728b3f3d4fa5df33d0329aec32f8daa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 26 Oct 2022 03:54:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
02d8c732-52c7-40b2-b183-1d624a1c0915
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e82981683cdae3ed153560d63861f3b4bff2b6083117662f0efb62e8dc431b40

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 26 Oct 2022 03:54:22 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
c
prebid.a-mo.net/a/ 		486 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
c952428572a65c0feb8905f62a92a6feb65108e86708a2a92d896f93c6531858

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
194
content-length
259
pubads_impl_2022102001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 05:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130516
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 05:25:34 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Wed, 26 Oct 2022 03:54:22 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9EC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CE1kkba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkAJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZADrtmxJ8w9QwNGmgXnta93XP273ZFYk62SLzfK_KZrkkswzCtxRFoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=v8VaNN4pZns&uach_m=[UACH]&cid=CAQSKQDq26N946xI-h1SySU9ckkdT8FPviYXKueAgNE22REIuyAFyBxi9ciIGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 03:54:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 9EC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k_2dCpzIC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQba9YY5iEF-k6KAtwe8HgABIAAA&wp=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
125576
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 0ACC 		156 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a23695cc5fc59b33dd647e7d5c19b02a1665506a0edbf24aa5c67af7329155f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=ag4OmAU-g3fnwRi4AXvnhg2dRRjGW31ACe-8KyG-pkLk7V95nIYwHUz-gZ6uyDBCEFTiwUUiwWiV6bsmw51sFMKlMyPdxXDGZ0YsXrCh4pZ4Ns2XFJDWNpYcETS9SXIctKQ-dhFSVdMFVwKhlTmCvo09TpIfv5yWmnM_GGNvIU4RqHfORtD2FgtdHUc7cM-HqnwVY-OMduX4eWkmKNxeuwBSzFzULO-XWsN_pQzg48r7xaGO_GVOHXBOW5HO0_ywM4A3wdKm88conJPH"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
145902624
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 9EC7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A6FC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 19:48:09 GMT
etag
48472445140208031
expires
Wed, 26 Oct 2022 19:48:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 9EC7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:23 GMT
l
www.google.com/ads/measurement/ Frame 9EC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSi5ULPKQvltFmdZYDATKuMABst3d1a96x7IxUGlW3WpNLksZg-spKjiWa8_i2szA3Cs6aqaIVVDl8pM6ogBJpHVsrCNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EC7 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0499 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
268681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 01:16:21 GMT
expires
Mon, 23 Oct 2023 01:16:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B43A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
83f79007ac7b66b48f57e153953d895b7aa81317ce743d054f93ba26a865a9fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_zjAlUTzp56RfNFT_Nzp2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-_zjAlUTzp56RfNFT_Nzp2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:22 GMT
expires
Wed, 26 Oct 2022 03:54:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D883 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
268681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 01:16:21 GMT
expires
Mon, 23 Oct 2023 01:16:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B480 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
adae8601f8b502d542dc2b8df517b323e3625a1e4190763aa2b7127cb5aa6004
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i_xTKGOJ0i8TavUdLhZzSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-i_xTKGOJ0i8TavUdLhZzSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:22 GMT
expires
Wed, 26 Oct 2022 03:54:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
i.match
s.tribalfusion.com/z/ Frame A6FC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoT...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnv...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoTgjHZAXkV3v0iO2NObywQgR_YrRxwFtWJVFehzEALoRjPL7o5pt8yKw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoTgjHZAXkV3v0iO2NObywQgR_YrRxwFtWJVFehzEALoRjPL7o5pt8yKw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
760040172d28a8c2-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
72
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoTgjHZAXkV3v0iO2NObywQgR_YrRxwFtWJVFehzEALoRjPL7o5pt8yKw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8nq9YR3z6Sew0WojPBa44LNLvWwlV_w_CBb58P-v5ViQ90DPyQYPpMZdrIDoSpK_pJ0-fCZerTtleIFglE8uG66liqbnvoTgjHZAXkV3v0iO2NObywQgR_YrRxwFtWJVFehzEALoRjPL7o5pt8yKw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
760040151b35a8c2-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6FC
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEBNZb5JGLmmpMceYQWrZye4&google_cver=1&google_push=AZmPxg9KMPV7mWLebwDvzQlLsJONbVrAuaoUbvodsZ2DF6QJrr2tvr4CGzb0BuCyJzjfQ5tF7Wimyzw...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9KMPV7mWLebwDvzQlLsJONbVrAuaoUbvodsZ2DF6QJrr2tvr4CGzb0BuCyJzjfQ5tF7WimyzwLa1yvlzq159PoeFybbjTVt3G16ILl2n-FuMKcEVcNvK1o8kgz...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9KMPV7mWLebwDvzQlLsJONbVrAuaoUbvodsZ2DF6QJrr2tvr4CGzb0BuCyJzjfQ5tF7WimyzwLa1yvlzq159PoeFybbjTVt3G16ILl2n-FuMKcEVcNvK1o8kgzJ9H_I8xR8qYFVJ0-8ZB0WsYCRTA&google_hm=KGnQc_fsSxGsbnqdjX4SRVE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:22 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9KMPV7mWLebwDvzQlLsJONbVrAuaoUbvodsZ2DF6QJrr2tvr4CGzb0BuCyJzjfQ5tF7WimyzwLa1yvlzq159PoeFybbjTVt3G16ILl2n-FuMKcEVcNvK1o8kgzJ9H_I8xR8qYFVJ0-8ZB0WsYCRTA&google_hm=KGnQc_fsSxGsbnqdjX4SRVE
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6FC
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEELtgbVWZ3SMMpFuHBSxRhU&google_cver=1&google_push=AZmPxg_-pviw9oFecsRKhxnWDsYk620UtZ_Me3UhT-NZtvsStBXkkMemsL9hRwc0TWxI75shvNsXh...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg_-pviw9oFecsRKhxnWDsYk620UtZ_Me3UhT-NZtvsStBXkkMemsL9hRwc0TWxI75shvNsXh9zFuilgBXDqy4cJahgOiEkIV8MBT-N-QmdiA7mkV01A59Y7jZiYQs...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg_-pviw9oFecsRKhxnWDsYk620UtZ_Me3UhT-NZtvsStBXkkMemsL9hRwc0TWxI75shvNsXh9zFuilgBXDqy4cJahgOiEkIV8MBT-N-QmdiA7mkV01A59Y7jZiYQsX-f1Q004s96wijkgL5Y9Xy5rA&google_hm=VkhlREozRkFwN0Qtc3ZLYnJKN1pMUXhRZ2Nr&from_google=sp1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:23 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg_-pviw9oFecsRKhxnWDsYk620UtZ_Me3UhT-NZtvsStBXkkMemsL9hRwc0TWxI75shvNsXh9zFuilgBXDqy4cJahgOiEkIV8MBT-N-QmdiA7mkV01A59Y7jZiYQsX-f1Q004s96wijkgL5Y9Xy5rA&google_hm=VkhlREozRkFwN0Qtc3ZLYnJKN1pMUXhRZ2Nr&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame A6FC
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGVfImVb4SLGoRwuKV92vCw&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzI3ZTVlMzQtOGZhZi00ZjRkLWJmOWQtOGJiZTNhN2JmZDI5&google_gid=CAESEGVfImVb4SLGoRwuKV92vCw&google_cver=1&google_push=AZmPxg8_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzI3ZTVlMzQtOGZhZi00ZjRkLWJmOWQtOGJiZTNhN2JmZDI5&google_gid=CAESEGVfImVb4SLGoRwuKV92vCw&google_cver=1&google_push=AZmPxg8_Wrw1i_PGHnGZc2_JPLuBA_i0mmqA5h6ZSLI9ZCxdvCQ-UzuJB-DAD2fWEnVQE4097wnFKG-r8IZN3hG4QoLj-clA_NOR-Pd4vsYG6iyMK78nn_2Q-19LVu7zLH3RjNVCJFjMd8OarjpnKXdpST4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzI3ZTVlMzQtOGZhZi00ZjRkLWJmOWQtOGJiZTNhN2JmZDI5&google_gid=CAESEGVfImVb4SLGoRwuKV92vCw&google_cver=1&google_push=AZmPxg8_Wrw1i_PGHnGZc2_JPLuBA_i0mmqA5h6ZSLI9ZCxdvCQ-UzuJB-DAD2fWEnVQE4097wnFKG-r8IZN3hG4QoLj-clA_NOR-Pd4vsYG6iyMK78nn_2Q-19LVu7zLH3RjNVCJFjMd8OarjpnKXdpST4
date
Wed, 26 Oct 2022 03:54:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
asr
aid.send.microad.jp/g/ Frame A6FC 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEMb1EaJac0lfFxNRroEUHTM&google_cver=1&google_push=AZmPxg-mbrjIkv3VfMUetAcF6GDroOcPvgFQxRxWFPlzo8acaytdPA_GfdgrY12AiHu0Uq_TDVC07iPhiuIJU5LHPplqThS0tSeO96Y7uvQnR_LpyB8-BgHOu0JYLwyhWEoxxnTapytjwch5CRH00N10jdU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 03:54:23 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame A6FC
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHOZd4GX1SE-WPoTkNVSAfA&google_cver=1&google_push=AZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7knCUzi92YSPCcam3FVSm1Ln_enU-m...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHOZd4GX1SE-WPoTkNVSAfA%26google_cver%3D1%26google_push%3DAZmPxg_knA-q_7zi0OpX8-...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A2276093351435623372&exchange=193&google_gid=CAESEHOZd4GX1SE-WPoTkNVSAfA&google_cver=1&google_push=AZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7k...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIyNzYwOTMzNTE0MzU2MjMzNzI&google_push=AZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7knCUzi92YSPCcam3FVSm1Ln_enU-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIyNzYwOTMzNTE0MzU2MjMzNzI&google_push=AZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7knCUzi92YSPCcam3FVSm1Ln_enU-mKehcolK0dhvlGU-FW8S_UDZD2eIIq-EFnaOg2el1vjxzvvoSeAFN8aGNXHKx5wUyYWT2G2vdKNmO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIyNzYwOTMzNTE0MzU2MjMzNzI&google_push=AZmPxg_knA-q_7zi0OpX8-olAM2IhxyTuHivV3LCyPTbrFD_jT7knCUzi92YSPCcam3FVSm1Ln_enU-mKehcolK0dhvlGU-FW8S_UDZD2eIIq-EFnaOg2el1vjxzvvoSeAFN8aGNXHKx5wUyYWT2G2vdKNmO
Date
Wed, 26 Oct 2022 03:54:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A6FC
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEKTFrIJQWXruEhRPV_CkNaw&google_cver=1&google_push=AZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNlFlWNKPljRbit...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k2...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOXSDZhD-KgH1QtPuy60YBqtsW9_TvNY49nIqKkw&google_push=AZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNl...
  • https://cm.g.doubleclick.net/pixel?google_hm=B3K6EVelTIOga-jfndKF&google_push=AZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNlFlWNKPljRbitg_1ujXWtxKEagHA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=B3K6EVelTIOga-jfndKF&google_push=AZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNlFlWNKPljRbitg_1ujXWtxKEagHA4nyMS9iXrM9hBSQgBa95QtWGIMLfLDvHakVy1&google_nid=inmobi_new_eb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 26 Oct 2022 03:54:25 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=B3K6EVelTIOga-jfndKF&google_push=AZmPxg9J2drey5xi7xCdcNTiC26ndgYalcRw2QnGuZNn50k27vT3RFt4fDTPCVGD83xPPyB7Kf9-Gx9HagrvOXTWilNlFlWNKPljRbitg_1ujXWtxKEagHA4nyMS9iXrM9hBSQgBa95QtWGIMLfLDvHakVy1&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
281
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame A6FC 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRNwxeFAqlNxq6un4nWjAIl_2PSNDXw3bOIj8a1LfiF_h7Q1r2D-f_VQjyz6SRJpTF0p4CHfc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIxODM2MjhfMTY2Njc1NjQ2Mjc1NSIsInVzZXJJZCI6IjU5ODc2MV8xNjY2NzU2NDYyNzU1Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMjk1MDgyXzE2NjY3NTY0NjI3NTUiLCJwYWdlUGF0aCI6IiUyRmElMkZjaGFuZy16ZS15YS1tZWkta3VpLXdlaS00bmlhbi1iYW4temhvbmctZmFuLXhpYW8teWluZy1tdS16aHUteWFuLWRhLWRhbmctMmppLXJvdS1uYW4tc2hlbi16aHVpLXl1YW4tYW4uaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZjaGFuZy16ZS15YS1tZWkta3VpLXdlaS00bmlhbi1iYW4temhvbmctZmFuLXhpYW8teWluZy1tdS16aHUteWFuLWRhLWRhbmctMmppLXJvdS1uYW4tc2hlbi16aHVpLXl1YW4tYW4uaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjY3NTY0NjI3NTV9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:22 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvY2hhbmctemUteWEtbWVpLWt1aS13ZWktNG5pYW4tYmFuLXpob25nLWZhbi14aWFvLXlpbmctbXUtemh1LXlhbi1kYS1kYW5nLTJqaS1yb3UtbmFuLXNoZW4temh1aS15dWFuLWFuLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvY2hhbmctemUteWEtbWVpLWt1aS13ZWktNG5pYW4tYmFuLXpob25nLWZhbi14aWFvLXlpbmctbXUtemh1LXlhbi1kYS1kYW5nLTJqaS1yb3UtbmFuLXNoZW4temh1aS15dWFuLWFuLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 26 Oct 2022 03:54:23 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=37, origin; dur=198
content-length
555
expires
Wed, 26 Oct 2022 04:54:23 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-41.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:06:22 GMT
via
1.1 3c5649f7d49e8f5b916e18a72b919074.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
2882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
7FSPR1Z846GpQHj8BPxN6-p8hvFNCZ3KHM4_KMUG8vxcwAASJA2Vxg==
truncated
/ Frame 9EC7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae38c7bd7de2c868380fd86067b03523b0c4eaa06330ca33086af84df3cff44d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 0499 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:48:54 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame D883 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:48:54 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 88B5 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
8f8b049f33bce362740d852a19b932331730133039584237848a2abc51b75c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40064
x-xss-protection
0
server
cafe
etag
14814651067827239965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 03:54:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B43A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=2126733901434926&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B480 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=948058443876234&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
9f5785e81528a785379bfceed212a1a43fead337b5bae5106c6e4d1c9bb13bab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77823
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Oct 2022 03:54:23 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9jaGFuZy16ZS15YS1tZWkta3VpLXdlaS00bmlhbi1iYW4temhvbmctZmFuLXhpYW8teWluZy1tdS16aHUteWFuLWRhLWRhbmctMmppLXJvdS1uYW4tc2hlbi16aHVpLXl1YW4tYW4uaHRtbCIsInRpbWUiOjE2NjY3NTY0NjMyMDd9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
server
nginx/1.14.0 (Ubuntu)
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ Frame 88B5 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
1a5804df02c6ba88fcddcc37b09d4d8433fea367bef4fe2e9df850866b122c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118747
x-xss-protection
0
server
cafe
etag
7103589859475041253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 03:54:23 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0ACC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Oct 2023 03:54:23 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0ACC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Oct 2023 03:54:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0ACC 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 21 Oct 2023 03:54:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0ACC 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 21 Oct 2023 03:54:23 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 0ACC 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=h6gXNcgW3uiuQidpt2zJLC_PrftiD2rZ8hsOgeSFyKYBUb0IZ2yNMAoTvSrDr8QZ4efC94i94lPGx_mtHzbYrmRzPf8VRJ1NEhhApnlvp8F-pHlpdkVmeFwPh-QzwJXUBMn-eMOK55x53URljjZYRq4J0BXdmBj6f-j0v6EAfqtgLzF-u8QMU2-q9m4Mr7GE_r8NsR0ul13aFd9RD7Z4gqB0G5Fe_zHdIuKs_7wGzqDu2Wk7QYSwp5Hmxm2zkpsnU9VQWmME9PFq8EYGmOfmhRZ7F5EpDpLmZWvin978C8SmG0jCwTgt8S2DYA4pCZVJDCbWKp27B9f5bKnqIgcmtudqTAn7bkgEb-0X9Eb-gYyNa9j4My8DBFF7UZsPaU3mqnK7vw_Sr50tjSoSypqHC8vwyXNchYqFwnopX9JG2FlV8PMw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1714206
expires
Mon, 26 Jul 1997 05:00:00 GMT
d68c2de320a24612b92fa31a0d6974a6_minervam_2.woff
static.criteo.net/design/dt/ Frame 0ACC 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d68c2de320a24612b92fa31a0d6974a6_minervam_2.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
4c30a663f0048881b008b54e1c8ed14ffa153b6e43c9b78f36fffe3a635df84d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 15 Nov 2021 05:15:22 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6191ecea-4410"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Oct 2023 03:54:23 GMT
c6d8be8bfeb0404bbe85a532ccc9463e_minervam_2.woff
static.criteo.net/design/dt/ Frame 0ACC 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/c6d8be8bfeb0404bbe85a532ccc9463e_minervam_2.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
4c30a663f0048881b008b54e1c8ed14ffa153b6e43c9b78f36fffe3a635df84d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 15 Nov 2021 05:15:22 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6191ecea-4410"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Oct 2023 03:54:23 GMT
generate_204
tpc.googlesyndication.com/ Frame 0499 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oZHGRA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D883 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NiaUUw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0ACC 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
1146387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76004019e869a96e-SYD
expires
Mon, 16 Oct 2023 03:54:23 GMT
animejs.js
static.criteo.net/animejs/ Frame 0ACC 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Oct 2023 03:54:23 GMT
img
pix.as.criteo.net/img/ Frame 0ACC 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=44756&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F44756%2F220405%2Fb42f512a45454d0abd3309f56d64aee8_logo_darkbg_horizontal.png&v=3&w=668&s=dcPBcLxNq0gPYWTEc_W4esrA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c47932788a148087fd2b8bb922beef7d03f01fea24ee797b5a97799d8ccc9527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29544633
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16666
expires
Tue, 03 Oct 2023 02:44:57 GMT
img
pix.as.criteo.net/img/ Frame 0ACC 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=44756&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fcastlery%2Fimage%2Fprivate%2Fc_fit%2Cf_auto%2Cq_auto%2Cw_1200%2Fv1623727286%2Fcrusader%2Fvariants%2F40550099%2FSeb-Extendable-Dining-Table-Front_2.jpg&v=3&w=400&s=ATUVfsdSTufZm0JOEEiuCJG1&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6ba9cdab4db860aed530576f7fbf693f20e6ed1f44867614c552b01f123e7575
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2457309
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7264
expires
Wed, 23 Nov 2022 14:29:33 GMT
img
pix.as.criteo.net/img/ Frame 0ACC 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=44756&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fcastlery%2Fimage%2Fprivate%2Fc_fit%2Cf_auto%2Cq_auto%2Cw_1200%2Fv1655776710%2Fcrusader%2Fvariants%2F40550126%2FMiles-Sideboard-160cm-Front-1655776710.jpg&v=3&w=400&s=LlCg5I_YsCHApA2fGNjKaZBp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e59c9ea2bc851e8467476e2d30f1406c16bb0000ebfcdff7674e8fab43e2d2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2027902
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7658
expires
Fri, 18 Nov 2022 15:12:46 GMT
img
pix.as.criteo.net/img/ Frame 0ACC 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=44756&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fcastlery%2Fimage%2Fprivate%2Fc_fit%2Cf_auto%2Cq_auto%2Cw_1200%2Fv1624967673%2Fcrusader%2Fvariants%2F41360026%2FHarper-Sideboard-Front.jpg&v=3&w=400&s=OedUbBfMDiUD8FYIO7BmoQHL&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4a56008264e9e21036617404d7077a032aa3d09921d80d1e3b873272f851145a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2457622
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7454
expires
Wed, 23 Nov 2022 14:34:46 GMT
all
csm.as.criteo.net/ Frame 0ACC 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=ag4OmAU-g3fnwRi4AXvnhg2dRRjGW31ACe-8KyG-pkLk7V95nIYwHUz-gZ6uyDBCEFTiwUUiwWiV6bsmw51sFMKlMyPdxXDGZ0YsXrCh4pZ4Ns2XFJDWNpYcETS9SXIctKQ-dhFSVdMFVwKhlTmCvo09TpIfv5yWmnM_GGNvIU4RqHfORtD2FgtdHUc7cM-HqnwVY-OMduX4eWkmKNxeuwBSzFzULO-XWsN_pQzg48r7xaGO_GVOHXBOW5HO0_ywM4A3wdKm88conJPH&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0ACC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Oct 2023 03:54:23 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0ACC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Oct 2023 03:54:23 GMT
pixel;r=902630825;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html;uh=e51ed67dfb...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=902630825;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1953832090-1666756463542;pbc=2410fded-37fe-42e7-b88b-df3374f103bf;ns=0;ce=1;qjs=1;qv=1ce15e3b-20221024154237;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1666756463542;tzo=0;ogl=;ses=1376847b-e378-4236-bbbe-e72538cd9b4f
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 88B5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 88B5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 074C 		40 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
cd5d4fee62738f10c317a80daf4aa02b6facd86efd5d47df2e3a91299b1ed434
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
15543
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		145 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3937714832469612&correlator=2708961020190266&eid=31069353&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D7468fb15608a93d%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D78da8c2ee63d87c%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D7919fba734b3bff%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D9e183c5cdf590016-221c9cd943b40048%3AT%3D1666756462%3ART%3D1666756462%3AS%3DALNI_Mat8OlHobpW28cNZ1u-tL_zUTzZzg&gpic=UID%3D00000b6d1852f6bd%3AT%3D1666756462%3ART%3D1666756462%3AS%3DALNI_MYvKPGlI6PNDk5VLdDfEDPwe1RjHw&arp=1&abxe=1&dt=1666756463644&lmt=1666756463&dlt=1666756456336&idt=6283&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1892847822.1666756464&ga_sid=1666756464&ga_hid=705&ga_fc=false&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
d5bf286259d1886d01420abec20b85e9858f1179ae5a47d96fcb32cbdb45b978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46748
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6483 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:23 GMT
expires
Thu, 26 Oct 2023 03:54:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 0ACC 		2 KB
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
ESF /
Resource Hash
2217681f6d9558c2fab7e3ec0f40051276138880c76082503a33a699bc1accde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 03:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 03:47:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Oct 2022 03:54:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3812 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=2126733901434926&bg=!AwClAETNAAaaxvStusY7ACkAdvg8WiP8ki2w3gd33Ib8qh5I2Ep-8O1ch4fTkw1naKoXQQWshi8caAIAAADbUgAAAANoAQeZArteEbwxh47ouwV6311yxp9uOapMnFwAgMncZGx11alZ3u7ahtJHinD8xFQQ_ukcgenuGe7904sBVRbVexR9Dp1-TTEPpOppm6kcu67ocNNB7VvdtfBEf4nzcwWBU9xXemT_YwroQENyFv8A8GIDuMm19hHzYLKpT-53V1TZf1KStGQX3OwZ-ZH2-8B-m3NBjSJnWcSmsVywCy6KaRUZScFvSMXEuBJVx4pQnZeH5hG5A5ZgNQ5FPzv47L2GvBm-sMAxj0tWV8y9hHQaqnMYySuzvgNes0E0SgMePyfy7SCaflrwxxUnqW6tFX43HlEBrVIcZcDmHY2YQqXVCTXE8_EmXdcvEd_wabHOSIaUv1i5IRmxjTLLlFWp5LrVRjuVGQuLLMqZ2WStms-gyhTXqazphg8Dsdk90vmmYItk2sfxSJi-yUX6-7sz7wfHQat8wIetGAH8ARpOS-kuQ39x1gY6DbpdT_38pH9lBJ3TXTdjRTdV3xtccT54I50CvE1ylYPBlUa7iBXCfbp5OlE-JK265B-YHogWMJa1gOSAutqxhlxAb10wd1T5C_PIFkvCzssAtvCyRiMk2zp-MTOD8BrpQ9a1rjktVczSeXpz7FKEZ7QOBl8KJc4r3rLnKMaxe9zd3Z7rNrtwJitBgQ8iM2CSjh2Dzd-dbXM-4bDYROHpL3v-pnsj7u-cKgM_o66jKpq5uZ37nBrrSMc6mAZVTKWKtWqnINAA4u-_lXg2xT9F0qhdzeVIxxWTwKpaKawKHSKUQ9eAY_KFbh3csWSRHTXn9tdoFb21KxidHnUK2fG7zKRk3HG-Oe7jk_xcvd1zVj4ckn8XHoZBjpVA6f75uzfioIxI_bTgP2B_KyAJd8mFoGhEzNNIN6H2mfeCFu8Lcxyg1d7qZP5_gWUtHClhsH35qTx7TGGUprA_XnQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0678 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=948058443876234&bg=!g4ClgMTNAAaaxvStusY7ACkAdvg8WigzY1d2qbfNCrP5yRYum9KABBgruMoKs0Tga_d0oSjBxObblAIAAADNUgAAAAJoAQcKAM8Kql0uTeWxTcjD3LpBvJgnSqTAslRts-IsAmeehurmHAv2NpXSqc5ixD4sM8r4Q7ljgIcIHu7FAC4wfu31v8bB9HrphqROmM3YfVS2twMxvScz6fjNQJqbEOeLfZbaw5xLD6CQjZek4sNLkrc8GDeljXgtjDI-DV19BiErsOPHSyiRw7ft5W6bE34vR888cKir5mhK_AShZV4pwsBJR127KB7zXhpCKqAucLWvSbOA5CwgXZkjq9eEjri3JSjUoS5VqospQsXOU4mu0WfnCHKZAruBoqqkiA85HgpBsGoWpRkzaqHhM05nh6NnXgxGskw62bXktqCvl-fMHeOZxhGholZfG311M3WJOCUOSyx64EqVIZD0iKgKqI53GntZ-YbjAxXUPTWwVdQHNpRr2NlFmM1SHbO2dJmuBd6X1TN_0QSiS19zjCjZy1cJ-Ou5pAheEcSP3XYyboXCPUCn8AH6uZ1WWBstVHnRWIl0Mq_MDTKRirWBbTwsXW-mM_4vQ6rQQ0k7UFnS4JpOhknaY-AFwIiMlN4nBQegcljRcGkQJgn-JYC9LLuBlVvpcXnbccy6o1AS7-iPx7GemyYSpSYeh4CjaUAy8WuTjiHpIa6aF1lPfo7D4SEDg9d8QLx8uQGURqiPX-Hug816la73yZD1z71t_lLR_qXkl-tukwNNG5wbqnCNyPoiS1o_jdRBItbThdGikT8jzBz6KNFz0aiz9_ENhuIe9vN29AEM-JoG5o9UgKIev_YEv9XLUTvBhElHMJthdAzX6Y8BUEUPElXVWfi1V2Pjs-Hdj4Ua0Eh5D3cqVTJtxjE2-DgnU3kymnm1uOknyST1C1awK5AK0Y7XsEHJyg5diWj06lydihmfWdptfrKZ-8F9Sr4fKrk9_cnc-Z6kLBWhIIvooY0AT_9bo5LF9GLBhthpbFzM_QlnzQh8CUscLEmIUkv7XPCkwmt5gFQRRd0tBwG-C7o8uQMLVMJ9WAc-mXxlJbsJo8h8UzRL-inVyLQtbqle3LXrv0IHyyjFcOhqKARNVRjE9jTxJcXAc7-SLTHTI8I20hqlPRqnj8tjh6QRjHohd0t9zi4UgpsYr_XNqFQ-ZWOFumKLktzJPJw3icZJPiq634rkIETmAdOF_nayw_-kyOJw3Z-fb-E1mKR-wBoKDbW-VzvhdkqbuYvlzOOjsNzV02LlO0dlJ8H9QJyJOLJP9KA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeao0&_p=705&cid=1892847822.1666756464&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666756464&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&dt=%E9%95%B7%E6%BE%A4%E9%9B%85%E7%BE%8E%E3%80%8C%E7%9D%BD%E9%81%954%E5%B9%B4%E5%8D%8A%E3%80%8D%E9%87%8D%E8%BF%94%E5%B0%8F%E7%86%92%E5%B9%95%E4%B8%BB%E6%BC%94%EF%BC%81%E3%80%80%E6%90%AD%E6%AA%942%E8%82%8C%E8%82%89%E7%94%B7%E7%A5%9E%E8%BF%BD%E5%86%A4%E6%A1%88%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8C5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjlYQb69YY5rnKYuqoQPUvbe4AazX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLIBT9D10HIA0szjMYCQ4ElnwcWM8h0qAs2tkcNT1IMEDkf6NBEoxQzqYP0sknDsEcOnO8MDArfBU1-OOFhMp5_qA3MyMGkNVfKdyvTWRD_MJ9rATGiA0jgza1YrQk5uL3Du_3MvyR4ORe0M2jEl1voCL-wbPfEZckun-Fq3bIx6ezz6V-qJX37YfG2Dg5ODkeeq2u9ET8hXcPk6YwaLC6BlYJUqY5ERVBNwE_Z-lpe8GNK_8IAGw8Xfm8qtzZjpAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=wjJts0nA8Es&uach_m=[UACH]&cid=CAQSKQDq26N9tX3QJe1iHBYPFYWa0FLxzUv1Ov8B7i2aMApvyR30tb2Sxyx5GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 03:54:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 8C5E 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=2.3215482E-4&viewability=-1&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=e79d4c7cc4974d7aa20e5622330dae6e&dtc=apac_sg&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-7cc5995b77-g27sf.SG&ogbdp=0.02&prvReqId=4441520221613_781962375_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&commit_id=d6ab571b&scrid=1700080812610100250025000000500&mang=1&bidrestime=1666756463770&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 26 Oct 2022 03:54:24 GMT
log
qsearch-a.akamaihd.net/ Frame 8C5E 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=3.0&adtyp=0&req_id=Y1ivbwALNH4KaFQS3Q77Hg&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&deal_id=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=-0.0100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1666756463770&cc=AU&strg=no_strategy&ss=&current_hour=3&time_stamp=2022-10-26+03%3A54%3A23&rvshhon=&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=e79d4c7cc4974d7aa20e5622330dae6e&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.15.0&totalTimeBucket=1&visibility=2&totalTime=1952820&dmm_m1=2022-10-26+03%3A54%3A23.772518506&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7cc5995b77-g27sf.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-216.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:24 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 26 Oct 2022 03:54:24 GMT
nmedianet.js
contextual.media.net/ Frame 8C5E 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84b97a0ec417d10ab212f6e288a3f29c15fca46837a8550b4699d066c39967ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
22-x3n5
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 26 Oct 2022 03:54:24 GMT
server
Apache
etag
"ac877b6422653e37446cbabd9d0d8906"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-35
timing-allow-origin
*
expires
Wed, 26 Oct 2022 03:59:24 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 8C5E 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 26 Oct 2022 03:54:24 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=79244
access-control-allow-credentials
true
content-length
62892
expires
Thu, 27 Oct 2022 01:55:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 8C5E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 8C5E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:23 GMT
l
www.google.com/ads/measurement/ Frame 8C5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuAXh2o11djaJ7GhLjzpSwL-Nhafmi6Yx_b48-CvpdMSlFQqB420OIYMaNwfAI-tpplCkqKgveRro51dX7BajM99tZXg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8C5E 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:24 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 0ACC 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 16:11:31 GMT
x-content-type-options
nosniff
age
42173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 16:11:31 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 0ACC 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 18:14:01 GMT
x-content-type-options
nosniff
age
207623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Oct 2023 18:14:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9EC7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstmiHALih5u7tdCZx-0yHH8kGRBZz2RVMiY2R8Ysi9AZ08J1m_oMw0jR99B55nMDvKtKeVCeOYTprPNuiQlu3L_2yD&sig=Cg0ArKJSzNY9d6yZ4B7AEAE&cid=CAASFeRoEoEvj4dGJuK_G8ofbq0nWlrg3g&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666756461526&rpt=1814&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 38E0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:23 GMT
expires
Thu, 26 Oct 2023 03:54:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 800E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:23 GMT
expires
Thu, 26 Oct 2023 03:54:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B8A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:23 GMT
expires
Thu, 26 Oct 2023 03:54:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all
csm.as.criteo.net/ Frame 0ACC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=ag4OmAU-g3fnwRi4AXvnhg2dRRjGW31ACe-8KyG-pkLk7V95nIYwHUz-gZ6uyDBCEFTiwUUiwWiV6bsmw51sFMKlMyPdxXDGZ0YsXrCh4pZ4Ns2XFJDWNpYcETS9SXIctKQ-dhFSVdMFVwKhlTmCvo09TpIfv5yWmnM_GGNvIU4RqHfORtD2FgtdHUc7cM-HqnwVY-OMduX4eWkmKNxeuwBSzFzULO-XWsN_pQzg48r7xaGO_GVOHXBOW5HO0_ywM4A3wdKm88conJPH&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1ivbQAPEyMAtwV8AAWdiQQqW_OAhl9GRFx_qQ&u=%7CYgp7QQesWFKFOv21KHpYl2cVUqQcXgMM0IwQHKf7%2F%2FA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1biSqZkz2AS9MV6cOJpyl06hdAdQv1Fy0YC6Z26lklozkwT_Iz0JM6L_vt2f4LwnW422_vTvuCKM-IJZr3E_XTFNbUOE-MyzupEBxNdlSqeWEcoQaBCwVa-3BvrP63zJHplHmh_yK42elUhpPMF2cx9AZXnn4vOE9FwwRaQzBH9X9JHhwNBIgpsI72sseIZItwKoizmmq03EHV21CXkdkPVoGxaVSIG9EvW0F5z6Fz4rZlIwt4L_WFiHyKbQxD2iZ-Km1IgClNuLY6b_b3iOXFOlSTgHGhGOaINK42j2F-2GC2A_xQS--u7yU1wQozS3hTNqYQ0IM4JJwvRCMy_ByYvfId_R4Z95wMdbsec40C8lNemlmmwfIenHIkJYjy75MQ_N_cfG9VYosuPo4S-8_IYMA6eGAEVh7HXCqJQiAp5fXWD2Zco755MFkiKAK3tRVeGThvT6T9R98yBWF00ctklo-Ke0EGffFQngorq3jlBrL4VG-4Kq8T6E0RNxu95fsEaOzrUmbopvpVL6E-_tY37FxadmKWDbcAdIqnRgSIvvNPDv4ubDzlSlKGzl3ueZUx_ZSqqYKJ1oQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8XHba9YY6OmPPyK3LUPibuW2AeY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJD67meJW6lPqgDAaoEkwJP0MVpTIXHh790QVID3JzyfGdIL9W8Q5IZGsWaa4_jscY5y2hs0vYpve7ZLCykUr4xMcBP_clKBNPcj9ETohU5fYLqnMv-Vv_RcA7lLL-kuLS7zL1J9vdHrGHSJ9o6xWZafLVFcfxinNri43zGo6zoeD27M6DIoIx9CRofusNd7vQfbZ9E5D9PB9w1vCMNWshb1fwxgY_BlyYULhlIrkLq-uq412WTeBEcMCF87NDlGrqlvDuipoI-bdq5060qnKnZq3wto3-TrzxIRppdSCJm9nrRyj0d0tLRFChWsW9boJCu5W5v5F9IZACptE3bFsHZvi4v8OcGPUcUFnr981wK84wDPqQl4CT6vtTU4U0v6XvIRoAG15OZ07igyOGeAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0UzNw9qpvvAYGgVO5Z49YdHufAbA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 26 Oct 2022 03:54:24 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
css
fonts.googleapis.com/ Frame 38E0 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 03:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 03:37:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Oct 2022 03:54:25 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 38E0 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:57:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 38E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfZbKb69YY9jJMcGM9fwP_cCIwAGL6fW0ZoKl--OLDP_Ror3AARABILqEwDNgpYCAgJABoAGwuqHXA8gBCakCozC4VomwsD7gAgCoAwHIA8sEqgS9Ak_QJy9HvoMXFtg3QTguDan3qtXwNrYSbI3IeMCQmxPC6O9BfpSvbymfWY_o3gI6waw6M9Wl0qvgWvCNkQUzrB-MfsQGb5OnzeguZF0EkfTlBZh7XUT00rHjEnOj4lFWSXqk2XXSQtFVf-iCwYM1QoKQ3kcINYTTx0aDHNChAAFbQn5lq8vPfqVcfzKvaoYP28s-PkHdZS97nwtwWDmfMwy-zhPab3UxwzzxVrP2FC9DuvQojKaWzhAMDh2Ag8O5PBWiDG7LAXzrXeBu0sjf0d6VlQgY2USJSJyku9qJX-teQpy_C9sUzyrqhqxVdSv2YLMH_mHfx_ftr3B_yHxdtxLqK-mb-UjYPRU8nQeHEnM6fEsP1FtCMOELKYfphLIlwIThU3HVkmyXws52QLpk4xINUF-iSxCjXZeEmgkqwAS939O6owPgBAGSBQQIBBgBkgUECAUYBKAGLoAHytqbZagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCxgQjSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=R9ZOsxuBZOw&uach_m=[UACH]&template_id=494
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 38E0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:52:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 38E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 38E0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:23 GMT
l
www.google.com/ads/measurement/ Frame 38E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7CZGjnNGVpcvjgFr8pfKF2ahlQBqMCzReTE-c2_5RKFuehyXXw4uW0iK2l6xnoJpv8EhEZv4tm5JofVSjvIh7Q8zMcg
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 38E0 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:24 GMT
6d06f43d9219529f87f676616f1c0e3b.js
www.gstatic.com/mysidia/ Frame 38E0 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:41:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13940
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 17:30:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 03:41:45 GMT
truncated
/ Frame 38E0 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
562616355818907787
tpc.googlesyndication.com/simgad/ Frame 38E0
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr6bKiUhCACBiACDIIJYu_i1lmA0E
  • https://tpc.googlesyndication.com/simgad/562616355818907787
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/562616355818907787
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:08:31 GMT
x-content-type-options
nosniff
age
71154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8502
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 12:51:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 08:08:31 GMT

Redirect headers

date
Tue, 25 Oct 2022 09:26:43 GMT
x-content-type-options
nosniff
server
cafe
age
66461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/562616355818907787
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 09:26:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BD55 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNWdCsSszRXXfuMXP2fNTSTjTQxKMndj6c-NbukkGaKhLuw0lN2LarDNWtMWITw5L4rFVUx63ItimZI9Yh6-Xo5gpdSVCQ
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 800E 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A86djP1sCGcOUyzgfBL7K6PD5HiWdDQUPvF7jOLtaZUh1CV4ferrQah2ym_Dhxd9YDALJcSVGiCDP5IHecydtLUjMv3g&cry=1&dbm_d=AKAmf-C_vfXIo1hfa3prS3IHWbzLuTY28Xk9QEgjaZxpWh2a3pPkyU1ZGEPo7Cv36lV_WvoKHdFBfxZyy161ayBx3__eZEtPa6dCQhUURm7LEzDcDMpOrsNwTynSR0a5cqhqEOpc8U2k5HH0GU42bd3I8RyDNZmAVoq-fTWf-r2K48aKkKPLixFm8dzF4kJWsPZIdO1fPAol-iayjTjd5lG7Mv8Nct0hk2Etoe3cIKQu7EifFg36jhwG__rTmECfDNHUaTsRh1FBbM0bJfIt8USgSOjM1ei_hJwSHQKM8N9Bext0wu4Ul2G0wpAltaCFnACxBBGhbE8RkavSGxyHz34ieTh9AYU_gLzY-iNsDHrWpDH-3n0WKEXEhzX65hDxdKp-xl005_N0MFze0mLzTUyUrQDpVULYfPkKzv9mhIOcXyo89IHpl4n9AlayCm0Edz-iFKzOsZo6BO4rkv1xMNwe7rM7vWGc154wHo20HelbyhYkoT0cz34AU4gMHleZaU4oweaB-XY49CS1ZX4O85S45-krqRjyQmZOWh_bmf76ITgHnhogectd8xsRCtkXxi0Czrf1aIirvKvwK_BS9cuGjijVNDIRpnLxaOXE2Saqiv_ZLftXFP_Yh2kfpZyfzoJX5Y9xHwS6wki9FNgTl2XwY8wKzXqv--Lvojy0otM5jdHyGLlpZdt_iaN7Njh_NQUl86M-0Rp3jFutgh4Op3anEfT0hp1ILrAlR0YCUOpcpAMuKWdONwK0dSS1t7Xu-BBybCcHs4DT2jR2-ZNYZ_JyA9u-TO4HfnamMiFIfRwyg-pQOI0pRCiuhcFh_RunSf9_7Oy3EZbP-ztbVTjVBQFO331cmEOyopmvrgPQPIo_4AKB4Nw-TxY2dxhRq8uwHzHFcPiIMd1qKwZs5ynCIQUQA8PcTM8F_KXMuva3u60dQNEDRZVgBuOfbC6cz6pUryGNv6FKVTKYoW4erPH0Ec9j3KE-BzxH2_pyN_7FUBSgxFB5IPoZQDCZH_GFL25QQ2LwH3VINj1-cdNytCyH5ajzwSx9lYivrTmk5wI9ctO-N57jP1HsegRfvIfaK2RdeqEeM71N5c4Aym33OY9XJ48fDTcYDZdAWfGSFUaRPbiznPglAQUFnsLZXrVIb_MiSFVFVvagaBxCNRzl4hrfoTxX9_jLYmHwVUu9u9dnZtSlOWGFh8NmIOgO1IAr7_bmmn9vdtkBZICLSUIfr2clnVZrsNcIWnlesYT9cTxXCGN3tMeDyVfBrNXf6uuHK1iCyvY83uDc3TlpwMkmip40DBkuaCn1uCINBwaUAq6xf85oCUyplvZCTSr0RbD0vj0-Ir_jj79QGWexD1o-02idJNkZ7ckKKHDDYQ-7XZFNoBftWjGOAjOHRxUKAm3PD4QkIkpR10D4aBFLLY1V0vGoICp0a3EnQ5jn-WqGHzPqbFZiJbUhSrzvB6ki1eD6kayuz4C3HGucaUJ-8yEg4tWrRtx3cHJPQbUa-FJTNo6U-A9rY7KXM-iTXKQdcBthv9eSmJR5b2n0eKwhkV1BWaTtMz35SqJMTdYnoZlhV_3BJiD0hqgfLsDQgsaJob-YX7wAxI-NQVB2PoQJpu6kUI4XJh-EpySV0fZaDF5QaHLfY4b7lH_h3trycbXcFzOWH2XkSJdmUsUB1jP8qETKw4bYvR3bojW6pjG1bnGz8lKhpDZiUBgQ50mTISDdpAzfMF2B47sF7Oo5cwCeZW_mygudSFfnzDYkVnfi9GaAgUDqp288PUo5Agu8OnJOFm4tXmwR1Xq9O0TCCvuM18bFvyHMg28-zyWG2I3EfSf0FBp6sNkuBhscBoDLsGw5D40N83qyUs6G49jghFBb_PhVU0fevGSJ1fXbiYV_ClC7vj3tGFEEDI_FhEEwRQDx0ZMzJIgzTFD3ji6wPdunenbUw9qy7qrjywIhX_biK-uVd3FtSkj3LB5jjNpaCjscl6Jb8pOCYgJwZcHXFT-_t6aEmsqNBBsQoDVN9vcT48_DjFgGL53wXMcaWWEqXEoEHphNIhxGEDby5-lLRlYo6Sx9yx5P4YG1jkqsN1QOgtUDDYQ4_N6gCVOAiwPQbmhebVQF1IajfYxAowq3mN2h90G9qeVF4SIRv2vm4hd4PFxVSlZ2FnRatkTfVKngNNFB-SXfB2M-0MfMHWZqSVXKzfFc6f5LiG_NhKaTjk6Nah712218k1BoSocJF4unw7SXYmCZoGq7g91QYjh1tclcKG_pBEoWKpgCH92WX2WUS4j8lAPv1_wQesbmGrfE_QmqV3uIvSbjIYFtBOXyYh7MvdwczuGtaIgYA2CJijB-PoHx-dFx0Vfwk0oNGbD5CUe08fLQVm22pWcZ-0_lOtU88-uXDOdgtBCOH5sx4TESI1Zqk2AQzyKcGvlHDmmyRqAdjQbgYPGxwuPQA95qbL3lhJhmZx_42J_9keSUBGKoJT1zW6Lb-i732vbpNRjFefe1cc0aHmN2Byxu_ht20pK3mnT3ILnSSCixgLmBb35RuQd5_ZRUNNbP6P_hB5nhZf3eAzp0lUKBPTHIWbaMpu1nbf_WQXP9QZAxd4n226eJUIt1OSF1JM1p5G9CnoSOmokUKeoQVbrp-XCX-NIKSPgiiTCKKk6LRkJCIERRtTbgjnyFvcONRWlT6ZF3ayUIwcNEqsKMi7Pokq6SIOtiCyHb_nWe3a3rBKEEwOQWN2UakTRt_RJgUdDnKGZIzvgZBb0-_Bqw6hsCNyf4kWsB6CWlWotsQxQyCTsxm20twJ1BDEUn59mHzXQ0NH5JWSXrL2g5esqWmRr-esx8Ajsz5qgJlG2gITe1RtZYda315odXnfo8R0VFcOJgNcyvYNK9YEKZtAVzZDYyuxUk7xNxLVIc31Dgj_8btNj8j3M_5NoCdNL9dZBIrKOxOCWXAyKTte3tBI9FtYHWbDL1eebFDmq8vtiOiGG3MjFBeNL-yuoyvEzfpNby1T4fPZTGYE7nyGEkfCupwG_BT55WXzEZ9OrgitNsQSdHi_gPa2JogqUk2-qjmS_qLbuuyc-U4b37VDTJvi36RHIrrR1VKOlEjElP3jNJPDXeJsbcVe2lcA_E2YAWwRPwp2x70cUkXuq0wp8bA9M0s22zwTsdWnO68Brti5osxn3TeAr-DOLQEyUB4Q&cid=CAASJeRokM37oyCseg_J_9AUrji0yQauVNOfqQU4K1f4yXO0GCBqeK8&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
64e5cf05f6b216c8356ce80da947f05e99ad5ace0ab6d12357b70ae0984f8993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34072
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 800E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADhZBh6JuBTrLkxIX4ntKY_Mpv7Wqo1Ol_AmfzrxYCSBJhzAccGczOjU2UA0GIn2tw0LtQwRLKulhK0x8dH_4nTQjJulS94QQh21T6m0iLeSAq2Gw
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 800E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 800E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:23 GMT
l
www.google.com/ads/measurement/ Frame 800E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvsE-Q9GiH8s-t3qeKcYBcJkm4bYhfi_I9g5iPzpKpL77_i36-TzJPm4mublcdiB7VqZBn2HYvE1ENjerxQ_mNeIv5Sg
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 800E 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9A8A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeh19gCEMa03YwDGJyBidUBMAE&v=APEucNVG1C4kOtPpvb-fcjqfG5Q-xl1eSHTOO68n_NZNBXi4ow8KVgeuVEQRN0NXgkLSmgiW2dE-dbWWiPn6H8ClrXbOpJrVfw
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8B8A 		69 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZ8LinE_Epo1k44iGFjYuWhOZEtH154cU67w7SfBI84IWw6-UYVP-E72ZKD4EE812qVhUrDIXW1iIVxB1BCbG_PGi2nw&cry=1&dbm_d=AKAmf-C1lXBy5E8Isg9bH-t45-U3rf02dmRM6RHCGkMUzq8SypAovj0MqKVKt0jMZKEwFMbXu5omQxYnyJnrkOyTst1byROWx8WZeFeapLsKCjyUfLNa_BNGmbbB05dduAtnCAZfpX8wZbYc9AFecDfT9qeSkc6kLoZk_m6NyCw7gbbQ3lRzGmVxflB7KQrQhU5bfVz1-bCXajsp9QmP81gnZf1NX6ZHcADDaZLgKBRiWAp0pWwiS2QBuZpH4_ZGBnb6EADr3Jx0h0jajJmOop2g_MmOuI7lPCEnUPuvc5VOWDbwqU83vJ2M9YVzEuUoAd7S0nRWAU7MD09UmOstAM_ggeXD_nXSMKKnP7poTdHtUqnPXuK4dOvZLYXLprl8svMj-MwU8QS4yLCPjHYr337ZFFJ1lX8R2c_fo28MSBZUyT6ba0ZPE7gIHICINxA3llTtQg4SOx3p7_BiUTMxJxTDs609SwLBNyCZEnnN9ovbW0M9b1X9oq-rHoRIFrkPrZOzRCib3SwOKtmRexwKjC0GqvOSOysetioGYBpQViIQrihZexRsxhvjUeG1itjxqHnXGWYne2N4CVOKwRJIcdPaSxIWGkY-vWdHo7UGk2Yze92mpH-2QMXpa3I9g2Il2XkxL4ROzqC7OYiFLeGS2pmZY8QiuezMw5jKM1c7hgKXHsVEeqeA7vlwuhWFreXWr9bu75TN7DESOzru9Ij8aMXj8ApiVgfLm9DChnb35zzDv69syNe3XkznlLL8YpZuWndgZDkUzACU6BmO8BKmS97aAzPMwOJTsO83TQJxgSs3umpIAPaiLr1N244xqofmzu1Y0dnFzTI7RiRDHNgWG5ws0LaBdrHf0o_lHn7XzuB6oYeIOkgx3I0AaedCsHwZGgVT16y8kO__lBLUVncctJnCNdC_kfM4pjc2YgebcE05jiX_W-dDAYp_5dIo_zFGjhyaMzSV6YwxOypv_16yMcGHtZc3HE0w80wHvpPJxAE3Rnpqq0aRC-NsNa7eS5tAUroXz7ywxBDQt9LYQ9i4EiSnk7CXR6Mbyl4lx9mUPHWidr9lyV5hqUB8COiA2_6Ztth-pojG-n8rS6AnAlVipJRW9cpgmsm2vq-e_Gq6uz6LrqqyD3gVcuWfP_pqvCDrnHK1pKyNnzS4RXcrrw7TD7u-rmxIYs84m155khhKEwo55vtDtTnbyCaQ6q1LKlFoLrh0wqL12pCqcEnapTT8GEJk4py16ka9pNiMtxF3rAHd5MiyVTpsAMkBAnbozVkow6m1bwpqD9p0-N9BAopNP5jUKiQ5X6dVybzCR90EYRln10kb92-J64NOQUVBZ79GA4JEpIAUkYsYwny0g8jPO7fc2rchuSEi0opfgiBpDTuUYKr4iVNadLhcSAb0-WizvS6r0M6wSnh9jhwzJoRZPv5remmDcdlDHyxzqTXmJ8NA7-gAQf2Eytfxt26-0nLbO0oDALqwHvLh5gu1RA6AdA4VI7-2kcG5vysK3rCH_aaRWVCo3_LsCr1lTYU7oJkh6Jw1hUy6qR8nnWO47Wg9MeEfp1WPFUu7uKGAcC6e4FiL2kF6KSMX4DXqcDc-EYDuSj5447tph1d_2S9SAo9pAlo0erPf_Hw-9Dlg4ZTWEiQYkpuuOkgfnYqpH7aqbC0LHjkXQXvgSZMqlVVG3Zh05BWuz_4ZzIG9BlGiApui-ayh3dvAnFLjMZ9cDr5jad_dMF8MqRlx2d8ujnbTuZN3MfdUdVOvqYcRngyf3EHXenFSM_RbXaOV8pnCGAvW_MMK1svMXWFWOM6wf61Gc1t0DnraqZ-m7I-h5Je957qgm3-Q2jtWyrYdPv12oqX9QE0B9zzhDQqRQL6nIVJXHHrlBsQ2OBf1xtENbrL_dxYS73BT8zlzdHoOUr-PX0RQ54rBmqkHgWlg9doCIny9PoB0EdgQbfDaSyf4livVngzPraGmYh2k2gEIV1bfYS5zn8Y6n0tTTrfnWy-jaXcViklf4DHmZvl_GDrKAqz2nahdFJikboTf9NUeowzU9FxDWPn3UfJB0dvo16NCe97qBN6Id26R1bswCAzh4E1fzLfx8lOFqQZgs2fvJytCh7oDPz62wt1j7mhGhZ0xxo-bAMaJE38-6UuIL0GrwS7SRAwwVQv8P91rxzW3_Xff-x0WhFDhP9NsmjZrNJth6WzsMDcQF4-XQzxMHNtsGj-ufX1m3dNwdwX6LfPEPmosYJr5QyYE2M89wIFuRe0JgNwqMcJ1KaJES7E2Wvh1jSAPH_R1RgOsv9Bs2w3OYRqpvHb4HxUS6VJloCxu82aa5i9Y5A3UjS6XEoo1DoqwWjPKMUpDYAlffqhtQcoC-lx5wXuBlo6f6L3txVDT-uiyt-TwZbbWKCLH7QMGN1HOEdtTPQWb3GSK-2Aps8lLPV7DyNjAun1WFF_-OwD0HMwWldMbWraC83EIcAoRPgSfRgho6KfLZWLLoHVbIkBpTJpORViqnE9mDN9rYSMOjLROyUxf-k7lyIslAo9hqY_k-6awxEKa4zlnmtQAkzcOTtH6P4-Sng1jLHLUWFD-jQd0puJ4TEwWxhxn4MZvhW1aSoDkdmN-T6y3KMK_jZltOTql5n4UyKefSciWERoEKZAcbbDqHP7xHGfZlqOhy0JoxnaH5mrezgSFzEJug19bQoje9c5IGp3K7gBBdIatKx9pdY-axs2eIN7fC8--3FeLOO8jBeVqQiGV3IdKuxQPmn6wWrUwcPZSMhHWojGfizcaXlMeS83phIw8lCn5zuvRZAwUMeNz9KQKU_K6OInVmkPjcls73mbbXdf8zNNoPVM5XbEn5DX0i-kMrP1_PqjyrZC-ngPuY3K8h6Cqtk8r1pjpaGPpdQFMFZI29Nl6QuEgMmYSMw_nwV8p1DViJW-liPPo4qqTa7XBUlRuGHFWMhzBW-oO4himlalVtc1aVg7Nato_UlE6hdQOSpq9D4qXGjtZGDnPLI-jJ8FjBhq3-o60fyVfk9p8Jlu7NEXJ1r3-zi4s9wr-xehkD6j7G-f12B9vLtcGkZrCgs9bOnSyiRd_hkjLqU-P899Y-ZDk1VDWiq27k8NYh0A-omnYcnwum7n-nFCmkzfdgepVB5VQ96gPu4HbsLLJuHsSj-V2CqYWxXD4xlPHlK7FYfsjMmvN1ktGkA1V5PEmDErMORcO_anf0QBLgYdkaq5_VPdD-G4C7xSMXRIsRn55N2Jm5VnYbOIkmxcidZxXtkWmPych4_LoFmfbAeQpM9DRvFIPvdy_PxpG-SVAPL6zD-OKEkRpUgS1Rz2PcRd1wm3jNP9qAdMcREThprPYWzSW-5JrqZ1ZJqVwrSYfrWJveVrWqpmhLbDmd0ryoS9H74s53w8K3qdfCH0XsRkbi1vn9fKcBf5N&cid=CAASJeRoC4oVo3jSLk9uBGUb4KxL9xc8DSWDcCxbxkKtHDjpZaN0eZg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
0999499279570edeb602db248e1c0f9ef2c345dc919b8c2f054f03c9fb9ca671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33120
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B8A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJcwPq1Kag-wlpf9y_qB5lbJPoiPQyDAaWMfEJO0MAsIp8zYepdtGsydYt4dUI9v2iw2KuWg7JSgeZ9KrdcKOYf35IqJ_Y3z0uu4ET4x3n2NlHQOs
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 8B8A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 8B8A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:41:23 GMT
l
www.google.com/ads/measurement/ Frame 8B8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsEtKROhUOG_GzdU4bwsVPrLq3f3pU2VnDBh8V3LiRZGeIb0sryi06TjjZlD67iY7VKtBlSkfFAoKSWv8cMp81bVpWrQ
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B8A 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2107 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 19:48:09 GMT
etag
48472445140208031
expires
Wed, 26 Oct 2022 19:48:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame BD55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNWdCsSszRXXfuMXP2fNTSTjTQxKMndj6c-NbukkGaKhLuw0lN2LarDNWtMWITw5L4rFVUx63ItimZI9Yh6-Xo5gpdSVCQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame BD55
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1ivcZUelniUzxuEDS6XKQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNWdCsSszRXXfuMXP2fNTSTjTQxKMndj6c-NbukkGaKhLuw0lN2LarDNWtMWITw5L4rFVUx63ItimZI9Yh6-Xo5gpdSVCQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BD55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1z4l5tYtod049T5okoLFA&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESED1z4l5tYtod049T5okoLFA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNWdCsSszRXXfuMXP2fNTSTjTQxKMndj6c-NbukkGaKhLuw0lN2LarDNWtMWITw5L4rFVUx63ItimZI9Yh6-Xo5gpdSVCQ
Protocol
HTTP/1.1
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:25 GMT
AN-X-Request-Uuid
46dd8ae9-28dc-49e6-b0f6-65bddcdf7c41
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESED1z4l5tYtod049T5okoLFA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BD55
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1MTEzNDcxODk2NTk3ODQzOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1MTEzNDcxODk2NTk3ODQzOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNWdCsSszRXXfuMXP2fNTSTjTQxKMndj6c-NbukkGaKhLuw0lN2LarDNWtMWITw5L4rFVUx63ItimZI9Yh6-Xo5gpdSVCQ
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:24 GMT
AN-X-Request-Uuid
65b041b2-5c05-4852-a0c0-c4ea09835c32
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1MTEzNDcxODk2NTk3ODQzOQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9A8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeh19gCEMa03YwDGJyBidUBMAE&v=APEucNVG1C4kOtPpvb-fcjqfG5Q-xl1eSHTOO68n_NZNBXi4ow8KVgeuVEQRN0NXgkLSmgiW2dE-dbWWiPn6H8ClrXbOpJrVfw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 9A8A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1ivcZUelniUzxuEDS6XKQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeh19gCEMa03YwDGJyBidUBMAE&v=APEucNVG1C4kOtPpvb-fcjqfG5Q-xl1eSHTOO68n_NZNBXi4ow8KVgeuVEQRN0NXgkLSmgiW2dE-dbWWiPn6H8ClrXbOpJrVfw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpVCsuje72FWKeQF_nyTik&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9A8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1z4l5tYtod049T5okoLFA&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESED1z4l5tYtod049T5okoLFA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeh19gCEMa03YwDGJyBidUBMAE&v=APEucNVG1C4kOtPpvb-fcjqfG5Q-xl1eSHTOO68n_NZNBXi4ow8KVgeuVEQRN0NXgkLSmgiW2dE-dbWWiPn6H8ClrXbOpJrVfw
Protocol
HTTP/1.1
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:25 GMT
AN-X-Request-Uuid
b2ff61c1-bcf5-4604-ae77-7eed0b6ba262
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESED1z4l5tYtod049T5okoLFA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9A8A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1MTEzNDcxODk2NTk3ODQzOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1MTEzNDcxODk2NTk3ODQzOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeh19gCEMa03YwDGJyBidUBMAE&v=APEucNVG1C4kOtPpvb-fcjqfG5Q-xl1eSHTOO68n_NZNBXi4ow8KVgeuVEQRN0NXgkLSmgiW2dE-dbWWiPn6H8ClrXbOpJrVfw
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:24 GMT
AN-X-Request-Uuid
726cdabc-a428-47b1-b612-90ac68da8400
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1MTEzNDcxODk2NTk3ODQzOQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 38E0 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c139d35943417f3eade49de19306cdb485ee8e9edcd4ed7fb8096ed14a63c4cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 800E 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Origin
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 05:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Oct 2022 05:36:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 800E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A86djP1sCGcOUyzgfBL7K6PD5HiWdDQUPvF7jOLtaZUh1CV4ferrQah2ym_Dhxd9YDALJcSVGiCDP5IHecydtLUjMv3g&cry=1&dbm_d=AKAmf-C_vfXIo1hfa3prS3IHWbzLuTY28Xk9QEgjaZxpWh2a3pPkyU1ZGEPo7Cv36lV_WvoKHdFBfxZyy161ayBx3__eZEtPa6dCQhUURm7LEzDcDMpOrsNwTynSR0a5cqhqEOpc8U2k5HH0GU42bd3I8RyDNZmAVoq-fTWf-r2K48aKkKPLixFm8dzF4kJWsPZIdO1fPAol-iayjTjd5lG7Mv8Nct0hk2Etoe3cIKQu7EifFg36jhwG__rTmECfDNHUaTsRh1FBbM0bJfIt8USgSOjM1ei_hJwSHQKM8N9Bext0wu4Ul2G0wpAltaCFnACxBBGhbE8RkavSGxyHz34ieTh9AYU_gLzY-iNsDHrWpDH-3n0WKEXEhzX65hDxdKp-xl005_N0MFze0mLzTUyUrQDpVULYfPkKzv9mhIOcXyo89IHpl4n9AlayCm0Edz-iFKzOsZo6BO4rkv1xMNwe7rM7vWGc154wHo20HelbyhYkoT0cz34AU4gMHleZaU4oweaB-XY49CS1ZX4O85S45-krqRjyQmZOWh_bmf76ITgHnhogectd8xsRCtkXxi0Czrf1aIirvKvwK_BS9cuGjijVNDIRpnLxaOXE2Saqiv_ZLftXFP_Yh2kfpZyfzoJX5Y9xHwS6wki9FNgTl2XwY8wKzXqv--Lvojy0otM5jdHyGLlpZdt_iaN7Njh_NQUl86M-0Rp3jFutgh4Op3anEfT0hp1ILrAlR0YCUOpcpAMuKWdONwK0dSS1t7Xu-BBybCcHs4DT2jR2-ZNYZ_JyA9u-TO4HfnamMiFIfRwyg-pQOI0pRCiuhcFh_RunSf9_7Oy3EZbP-ztbVTjVBQFO331cmEOyopmvrgPQPIo_4AKB4Nw-TxY2dxhRq8uwHzHFcPiIMd1qKwZs5ynCIQUQA8PcTM8F_KXMuva3u60dQNEDRZVgBuOfbC6cz6pUryGNv6FKVTKYoW4erPH0Ec9j3KE-BzxH2_pyN_7FUBSgxFB5IPoZQDCZH_GFL25QQ2LwH3VINj1-cdNytCyH5ajzwSx9lYivrTmk5wI9ctO-N57jP1HsegRfvIfaK2RdeqEeM71N5c4Aym33OY9XJ48fDTcYDZdAWfGSFUaRPbiznPglAQUFnsLZXrVIb_MiSFVFVvagaBxCNRzl4hrfoTxX9_jLYmHwVUu9u9dnZtSlOWGFh8NmIOgO1IAr7_bmmn9vdtkBZICLSUIfr2clnVZrsNcIWnlesYT9cTxXCGN3tMeDyVfBrNXf6uuHK1iCyvY83uDc3TlpwMkmip40DBkuaCn1uCINBwaUAq6xf85oCUyplvZCTSr0RbD0vj0-Ir_jj79QGWexD1o-02idJNkZ7ckKKHDDYQ-7XZFNoBftWjGOAjOHRxUKAm3PD4QkIkpR10D4aBFLLY1V0vGoICp0a3EnQ5jn-WqGHzPqbFZiJbUhSrzvB6ki1eD6kayuz4C3HGucaUJ-8yEg4tWrRtx3cHJPQbUa-FJTNo6U-A9rY7KXM-iTXKQdcBthv9eSmJR5b2n0eKwhkV1BWaTtMz35SqJMTdYnoZlhV_3BJiD0hqgfLsDQgsaJob-YX7wAxI-NQVB2PoQJpu6kUI4XJh-EpySV0fZaDF5QaHLfY4b7lH_h3trycbXcFzOWH2XkSJdmUsUB1jP8qETKw4bYvR3bojW6pjG1bnGz8lKhpDZiUBgQ50mTISDdpAzfMF2B47sF7Oo5cwCeZW_mygudSFfnzDYkVnfi9GaAgUDqp288PUo5Agu8OnJOFm4tXmwR1Xq9O0TCCvuM18bFvyHMg28-zyWG2I3EfSf0FBp6sNkuBhscBoDLsGw5D40N83qyUs6G49jghFBb_PhVU0fevGSJ1fXbiYV_ClC7vj3tGFEEDI_FhEEwRQDx0ZMzJIgzTFD3ji6wPdunenbUw9qy7qrjywIhX_biK-uVd3FtSkj3LB5jjNpaCjscl6Jb8pOCYgJwZcHXFT-_t6aEmsqNBBsQoDVN9vcT48_DjFgGL53wXMcaWWEqXEoEHphNIhxGEDby5-lLRlYo6Sx9yx5P4YG1jkqsN1QOgtUDDYQ4_N6gCVOAiwPQbmhebVQF1IajfYxAowq3mN2h90G9qeVF4SIRv2vm4hd4PFxVSlZ2FnRatkTfVKngNNFB-SXfB2M-0MfMHWZqSVXKzfFc6f5LiG_NhKaTjk6Nah712218k1BoSocJF4unw7SXYmCZoGq7g91QYjh1tclcKG_pBEoWKpgCH92WX2WUS4j8lAPv1_wQesbmGrfE_QmqV3uIvSbjIYFtBOXyYh7MvdwczuGtaIgYA2CJijB-PoHx-dFx0Vfwk0oNGbD5CUe08fLQVm22pWcZ-0_lOtU88-uXDOdgtBCOH5sx4TESI1Zqk2AQzyKcGvlHDmmyRqAdjQbgYPGxwuPQA95qbL3lhJhmZx_42J_9keSUBGKoJT1zW6Lb-i732vbpNRjFefe1cc0aHmN2Byxu_ht20pK3mnT3ILnSSCixgLmBb35RuQd5_ZRUNNbP6P_hB5nhZf3eAzp0lUKBPTHIWbaMpu1nbf_WQXP9QZAxd4n226eJUIt1OSF1JM1p5G9CnoSOmokUKeoQVbrp-XCX-NIKSPgiiTCKKk6LRkJCIERRtTbgjnyFvcONRWlT6ZF3ayUIwcNEqsKMi7Pokq6SIOtiCyHb_nWe3a3rBKEEwOQWN2UakTRt_RJgUdDnKGZIzvgZBb0-_Bqw6hsCNyf4kWsB6CWlWotsQxQyCTsxm20twJ1BDEUn59mHzXQ0NH5JWSXrL2g5esqWmRr-esx8Ajsz5qgJlG2gITe1RtZYda315odXnfo8R0VFcOJgNcyvYNK9YEKZtAVzZDYyuxUk7xNxLVIc31Dgj_8btNj8j3M_5NoCdNL9dZBIrKOxOCWXAyKTte3tBI9FtYHWbDL1eebFDmq8vtiOiGG3MjFBeNL-yuoyvEzfpNby1T4fPZTGYE7nyGEkfCupwG_BT55WXzEZ9OrgitNsQSdHi_gPa2JogqUk2-qjmS_qLbuuyc-U4b37VDTJvi36RHIrrR1VKOlEjElP3jNJPDXeJsbcVe2lcA_E2YAWwRPwp2x70cUkXuq0wp8bA9M0s22zwTsdWnO68Brti5osxn3TeAr-DOLQEyUB4Q&cid=CAASJeRokM37oyCseg_J_9AUrji0yQauVNOfqQU4K1f4yXO0GCBqeK8&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 17:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 17:11:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 800E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A86djP1sCGcOUyzgfBL7K6PD5HiWdDQUPvF7jOLtaZUh1CV4ferrQah2ym_Dhxd9YDALJcSVGiCDP5IHecydtLUjMv3g&cry=1&dbm_d=AKAmf-C_vfXIo1hfa3prS3IHWbzLuTY28Xk9QEgjaZxpWh2a3pPkyU1ZGEPo7Cv36lV_WvoKHdFBfxZyy161ayBx3__eZEtPa6dCQhUURm7LEzDcDMpOrsNwTynSR0a5cqhqEOpc8U2k5HH0GU42bd3I8RyDNZmAVoq-fTWf-r2K48aKkKPLixFm8dzF4kJWsPZIdO1fPAol-iayjTjd5lG7Mv8Nct0hk2Etoe3cIKQu7EifFg36jhwG__rTmECfDNHUaTsRh1FBbM0bJfIt8USgSOjM1ei_hJwSHQKM8N9Bext0wu4Ul2G0wpAltaCFnACxBBGhbE8RkavSGxyHz34ieTh9AYU_gLzY-iNsDHrWpDH-3n0WKEXEhzX65hDxdKp-xl005_N0MFze0mLzTUyUrQDpVULYfPkKzv9mhIOcXyo89IHpl4n9AlayCm0Edz-iFKzOsZo6BO4rkv1xMNwe7rM7vWGc154wHo20HelbyhYkoT0cz34AU4gMHleZaU4oweaB-XY49CS1ZX4O85S45-krqRjyQmZOWh_bmf76ITgHnhogectd8xsRCtkXxi0Czrf1aIirvKvwK_BS9cuGjijVNDIRpnLxaOXE2Saqiv_ZLftXFP_Yh2kfpZyfzoJX5Y9xHwS6wki9FNgTl2XwY8wKzXqv--Lvojy0otM5jdHyGLlpZdt_iaN7Njh_NQUl86M-0Rp3jFutgh4Op3anEfT0hp1ILrAlR0YCUOpcpAMuKWdONwK0dSS1t7Xu-BBybCcHs4DT2jR2-ZNYZ_JyA9u-TO4HfnamMiFIfRwyg-pQOI0pRCiuhcFh_RunSf9_7Oy3EZbP-ztbVTjVBQFO331cmEOyopmvrgPQPIo_4AKB4Nw-TxY2dxhRq8uwHzHFcPiIMd1qKwZs5ynCIQUQA8PcTM8F_KXMuva3u60dQNEDRZVgBuOfbC6cz6pUryGNv6FKVTKYoW4erPH0Ec9j3KE-BzxH2_pyN_7FUBSgxFB5IPoZQDCZH_GFL25QQ2LwH3VINj1-cdNytCyH5ajzwSx9lYivrTmk5wI9ctO-N57jP1HsegRfvIfaK2RdeqEeM71N5c4Aym33OY9XJ48fDTcYDZdAWfGSFUaRPbiznPglAQUFnsLZXrVIb_MiSFVFVvagaBxCNRzl4hrfoTxX9_jLYmHwVUu9u9dnZtSlOWGFh8NmIOgO1IAr7_bmmn9vdtkBZICLSUIfr2clnVZrsNcIWnlesYT9cTxXCGN3tMeDyVfBrNXf6uuHK1iCyvY83uDc3TlpwMkmip40DBkuaCn1uCINBwaUAq6xf85oCUyplvZCTSr0RbD0vj0-Ir_jj79QGWexD1o-02idJNkZ7ckKKHDDYQ-7XZFNoBftWjGOAjOHRxUKAm3PD4QkIkpR10D4aBFLLY1V0vGoICp0a3EnQ5jn-WqGHzPqbFZiJbUhSrzvB6ki1eD6kayuz4C3HGucaUJ-8yEg4tWrRtx3cHJPQbUa-FJTNo6U-A9rY7KXM-iTXKQdcBthv9eSmJR5b2n0eKwhkV1BWaTtMz35SqJMTdYnoZlhV_3BJiD0hqgfLsDQgsaJob-YX7wAxI-NQVB2PoQJpu6kUI4XJh-EpySV0fZaDF5QaHLfY4b7lH_h3trycbXcFzOWH2XkSJdmUsUB1jP8qETKw4bYvR3bojW6pjG1bnGz8lKhpDZiUBgQ50mTISDdpAzfMF2B47sF7Oo5cwCeZW_mygudSFfnzDYkVnfi9GaAgUDqp288PUo5Agu8OnJOFm4tXmwR1Xq9O0TCCvuM18bFvyHMg28-zyWG2I3EfSf0FBp6sNkuBhscBoDLsGw5D40N83qyUs6G49jghFBb_PhVU0fevGSJ1fXbiYV_ClC7vj3tGFEEDI_FhEEwRQDx0ZMzJIgzTFD3ji6wPdunenbUw9qy7qrjywIhX_biK-uVd3FtSkj3LB5jjNpaCjscl6Jb8pOCYgJwZcHXFT-_t6aEmsqNBBsQoDVN9vcT48_DjFgGL53wXMcaWWEqXEoEHphNIhxGEDby5-lLRlYo6Sx9yx5P4YG1jkqsN1QOgtUDDYQ4_N6gCVOAiwPQbmhebVQF1IajfYxAowq3mN2h90G9qeVF4SIRv2vm4hd4PFxVSlZ2FnRatkTfVKngNNFB-SXfB2M-0MfMHWZqSVXKzfFc6f5LiG_NhKaTjk6Nah712218k1BoSocJF4unw7SXYmCZoGq7g91QYjh1tclcKG_pBEoWKpgCH92WX2WUS4j8lAPv1_wQesbmGrfE_QmqV3uIvSbjIYFtBOXyYh7MvdwczuGtaIgYA2CJijB-PoHx-dFx0Vfwk0oNGbD5CUe08fLQVm22pWcZ-0_lOtU88-uXDOdgtBCOH5sx4TESI1Zqk2AQzyKcGvlHDmmyRqAdjQbgYPGxwuPQA95qbL3lhJhmZx_42J_9keSUBGKoJT1zW6Lb-i732vbpNRjFefe1cc0aHmN2Byxu_ht20pK3mnT3ILnSSCixgLmBb35RuQd5_ZRUNNbP6P_hB5nhZf3eAzp0lUKBPTHIWbaMpu1nbf_WQXP9QZAxd4n226eJUIt1OSF1JM1p5G9CnoSOmokUKeoQVbrp-XCX-NIKSPgiiTCKKk6LRkJCIERRtTbgjnyFvcONRWlT6ZF3ayUIwcNEqsKMi7Pokq6SIOtiCyHb_nWe3a3rBKEEwOQWN2UakTRt_RJgUdDnKGZIzvgZBb0-_Bqw6hsCNyf4kWsB6CWlWotsQxQyCTsxm20twJ1BDEUn59mHzXQ0NH5JWSXrL2g5esqWmRr-esx8Ajsz5qgJlG2gITe1RtZYda315odXnfo8R0VFcOJgNcyvYNK9YEKZtAVzZDYyuxUk7xNxLVIc31Dgj_8btNj8j3M_5NoCdNL9dZBIrKOxOCWXAyKTte3tBI9FtYHWbDL1eebFDmq8vtiOiGG3MjFBeNL-yuoyvEzfpNby1T4fPZTGYE7nyGEkfCupwG_BT55WXzEZ9OrgitNsQSdHi_gPa2JogqUk2-qjmS_qLbuuyc-U4b37VDTJvi36RHIrrR1VKOlEjElP3jNJPDXeJsbcVe2lcA_E2YAWwRPwp2x70cUkXuq0wp8bA9M0s22zwTsdWnO68Brti5osxn3TeAr-DOLQEyUB4Q&cid=CAASJeRokM37oyCseg_J_9AUrji0yQauVNOfqQU4K1f4yXO0GCBqeK8&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
71224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11429
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 08:07:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 8B8A 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZ8LinE_Epo1k44iGFjYuWhOZEtH154cU67w7SfBI84IWw6-UYVP-E72ZKD4EE812qVhUrDIXW1iIVxB1BCbG_PGi2nw&cry=1&dbm_d=AKAmf-C1lXBy5E8Isg9bH-t45-U3rf02dmRM6RHCGkMUzq8SypAovj0MqKVKt0jMZKEwFMbXu5omQxYnyJnrkOyTst1byROWx8WZeFeapLsKCjyUfLNa_BNGmbbB05dduAtnCAZfpX8wZbYc9AFecDfT9qeSkc6kLoZk_m6NyCw7gbbQ3lRzGmVxflB7KQrQhU5bfVz1-bCXajsp9QmP81gnZf1NX6ZHcADDaZLgKBRiWAp0pWwiS2QBuZpH4_ZGBnb6EADr3Jx0h0jajJmOop2g_MmOuI7lPCEnUPuvc5VOWDbwqU83vJ2M9YVzEuUoAd7S0nRWAU7MD09UmOstAM_ggeXD_nXSMKKnP7poTdHtUqnPXuK4dOvZLYXLprl8svMj-MwU8QS4yLCPjHYr337ZFFJ1lX8R2c_fo28MSBZUyT6ba0ZPE7gIHICINxA3llTtQg4SOx3p7_BiUTMxJxTDs609SwLBNyCZEnnN9ovbW0M9b1X9oq-rHoRIFrkPrZOzRCib3SwOKtmRexwKjC0GqvOSOysetioGYBpQViIQrihZexRsxhvjUeG1itjxqHnXGWYne2N4CVOKwRJIcdPaSxIWGkY-vWdHo7UGk2Yze92mpH-2QMXpa3I9g2Il2XkxL4ROzqC7OYiFLeGS2pmZY8QiuezMw5jKM1c7hgKXHsVEeqeA7vlwuhWFreXWr9bu75TN7DESOzru9Ij8aMXj8ApiVgfLm9DChnb35zzDv69syNe3XkznlLL8YpZuWndgZDkUzACU6BmO8BKmS97aAzPMwOJTsO83TQJxgSs3umpIAPaiLr1N244xqofmzu1Y0dnFzTI7RiRDHNgWG5ws0LaBdrHf0o_lHn7XzuB6oYeIOkgx3I0AaedCsHwZGgVT16y8kO__lBLUVncctJnCNdC_kfM4pjc2YgebcE05jiX_W-dDAYp_5dIo_zFGjhyaMzSV6YwxOypv_16yMcGHtZc3HE0w80wHvpPJxAE3Rnpqq0aRC-NsNa7eS5tAUroXz7ywxBDQt9LYQ9i4EiSnk7CXR6Mbyl4lx9mUPHWidr9lyV5hqUB8COiA2_6Ztth-pojG-n8rS6AnAlVipJRW9cpgmsm2vq-e_Gq6uz6LrqqyD3gVcuWfP_pqvCDrnHK1pKyNnzS4RXcrrw7TD7u-rmxIYs84m155khhKEwo55vtDtTnbyCaQ6q1LKlFoLrh0wqL12pCqcEnapTT8GEJk4py16ka9pNiMtxF3rAHd5MiyVTpsAMkBAnbozVkow6m1bwpqD9p0-N9BAopNP5jUKiQ5X6dVybzCR90EYRln10kb92-J64NOQUVBZ79GA4JEpIAUkYsYwny0g8jPO7fc2rchuSEi0opfgiBpDTuUYKr4iVNadLhcSAb0-WizvS6r0M6wSnh9jhwzJoRZPv5remmDcdlDHyxzqTXmJ8NA7-gAQf2Eytfxt26-0nLbO0oDALqwHvLh5gu1RA6AdA4VI7-2kcG5vysK3rCH_aaRWVCo3_LsCr1lTYU7oJkh6Jw1hUy6qR8nnWO47Wg9MeEfp1WPFUu7uKGAcC6e4FiL2kF6KSMX4DXqcDc-EYDuSj5447tph1d_2S9SAo9pAlo0erPf_Hw-9Dlg4ZTWEiQYkpuuOkgfnYqpH7aqbC0LHjkXQXvgSZMqlVVG3Zh05BWuz_4ZzIG9BlGiApui-ayh3dvAnFLjMZ9cDr5jad_dMF8MqRlx2d8ujnbTuZN3MfdUdVOvqYcRngyf3EHXenFSM_RbXaOV8pnCGAvW_MMK1svMXWFWOM6wf61Gc1t0DnraqZ-m7I-h5Je957qgm3-Q2jtWyrYdPv12oqX9QE0B9zzhDQqRQL6nIVJXHHrlBsQ2OBf1xtENbrL_dxYS73BT8zlzdHoOUr-PX0RQ54rBmqkHgWlg9doCIny9PoB0EdgQbfDaSyf4livVngzPraGmYh2k2gEIV1bfYS5zn8Y6n0tTTrfnWy-jaXcViklf4DHmZvl_GDrKAqz2nahdFJikboTf9NUeowzU9FxDWPn3UfJB0dvo16NCe97qBN6Id26R1bswCAzh4E1fzLfx8lOFqQZgs2fvJytCh7oDPz62wt1j7mhGhZ0xxo-bAMaJE38-6UuIL0GrwS7SRAwwVQv8P91rxzW3_Xff-x0WhFDhP9NsmjZrNJth6WzsMDcQF4-XQzxMHNtsGj-ufX1m3dNwdwX6LfPEPmosYJr5QyYE2M89wIFuRe0JgNwqMcJ1KaJES7E2Wvh1jSAPH_R1RgOsv9Bs2w3OYRqpvHb4HxUS6VJloCxu82aa5i9Y5A3UjS6XEoo1DoqwWjPKMUpDYAlffqhtQcoC-lx5wXuBlo6f6L3txVDT-uiyt-TwZbbWKCLH7QMGN1HOEdtTPQWb3GSK-2Aps8lLPV7DyNjAun1WFF_-OwD0HMwWldMbWraC83EIcAoRPgSfRgho6KfLZWLLoHVbIkBpTJpORViqnE9mDN9rYSMOjLROyUxf-k7lyIslAo9hqY_k-6awxEKa4zlnmtQAkzcOTtH6P4-Sng1jLHLUWFD-jQd0puJ4TEwWxhxn4MZvhW1aSoDkdmN-T6y3KMK_jZltOTql5n4UyKefSciWERoEKZAcbbDqHP7xHGfZlqOhy0JoxnaH5mrezgSFzEJug19bQoje9c5IGp3K7gBBdIatKx9pdY-axs2eIN7fC8--3FeLOO8jBeVqQiGV3IdKuxQPmn6wWrUwcPZSMhHWojGfizcaXlMeS83phIw8lCn5zuvRZAwUMeNz9KQKU_K6OInVmkPjcls73mbbXdf8zNNoPVM5XbEn5DX0i-kMrP1_PqjyrZC-ngPuY3K8h6Cqtk8r1pjpaGPpdQFMFZI29Nl6QuEgMmYSMw_nwV8p1DViJW-liPPo4qqTa7XBUlRuGHFWMhzBW-oO4himlalVtc1aVg7Nato_UlE6hdQOSpq9D4qXGjtZGDnPLI-jJ8FjBhq3-o60fyVfk9p8Jlu7NEXJ1r3-zi4s9wr-xehkD6j7G-f12B9vLtcGkZrCgs9bOnSyiRd_hkjLqU-P899Y-ZDk1VDWiq27k8NYh0A-omnYcnwum7n-nFCmkzfdgepVB5VQ96gPu4HbsLLJuHsSj-V2CqYWxXD4xlPHlK7FYfsjMmvN1ktGkA1V5PEmDErMORcO_anf0QBLgYdkaq5_VPdD-G4C7xSMXRIsRn55N2Jm5VnYbOIkmxcidZxXtkWmPych4_LoFmfbAeQpM9DRvFIPvdy_PxpG-SVAPL6zD-OKEkRpUgS1Rz2PcRd1wm3jNP9qAdMcREThprPYWzSW-5JrqZ1ZJqVwrSYfrWJveVrWqpmhLbDmd0ryoS9H74s53w8K3qdfCH0XsRkbi1vn9fKcBf5N&cid=CAASJeRoC4oVo3jSLk9uBGUb4KxL9xc8DSWDcCxbxkKtHDjpZaN0eZg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
71225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11429
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 08:07:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 8B8A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZ8LinE_Epo1k44iGFjYuWhOZEtH154cU67w7SfBI84IWw6-UYVP-E72ZKD4EE812qVhUrDIXW1iIVxB1BCbG_PGi2nw&cry=1&dbm_d=AKAmf-C1lXBy5E8Isg9bH-t45-U3rf02dmRM6RHCGkMUzq8SypAovj0MqKVKt0jMZKEwFMbXu5omQxYnyJnrkOyTst1byROWx8WZeFeapLsKCjyUfLNa_BNGmbbB05dduAtnCAZfpX8wZbYc9AFecDfT9qeSkc6kLoZk_m6NyCw7gbbQ3lRzGmVxflB7KQrQhU5bfVz1-bCXajsp9QmP81gnZf1NX6ZHcADDaZLgKBRiWAp0pWwiS2QBuZpH4_ZGBnb6EADr3Jx0h0jajJmOop2g_MmOuI7lPCEnUPuvc5VOWDbwqU83vJ2M9YVzEuUoAd7S0nRWAU7MD09UmOstAM_ggeXD_nXSMKKnP7poTdHtUqnPXuK4dOvZLYXLprl8svMj-MwU8QS4yLCPjHYr337ZFFJ1lX8R2c_fo28MSBZUyT6ba0ZPE7gIHICINxA3llTtQg4SOx3p7_BiUTMxJxTDs609SwLBNyCZEnnN9ovbW0M9b1X9oq-rHoRIFrkPrZOzRCib3SwOKtmRexwKjC0GqvOSOysetioGYBpQViIQrihZexRsxhvjUeG1itjxqHnXGWYne2N4CVOKwRJIcdPaSxIWGkY-vWdHo7UGk2Yze92mpH-2QMXpa3I9g2Il2XkxL4ROzqC7OYiFLeGS2pmZY8QiuezMw5jKM1c7hgKXHsVEeqeA7vlwuhWFreXWr9bu75TN7DESOzru9Ij8aMXj8ApiVgfLm9DChnb35zzDv69syNe3XkznlLL8YpZuWndgZDkUzACU6BmO8BKmS97aAzPMwOJTsO83TQJxgSs3umpIAPaiLr1N244xqofmzu1Y0dnFzTI7RiRDHNgWG5ws0LaBdrHf0o_lHn7XzuB6oYeIOkgx3I0AaedCsHwZGgVT16y8kO__lBLUVncctJnCNdC_kfM4pjc2YgebcE05jiX_W-dDAYp_5dIo_zFGjhyaMzSV6YwxOypv_16yMcGHtZc3HE0w80wHvpPJxAE3Rnpqq0aRC-NsNa7eS5tAUroXz7ywxBDQt9LYQ9i4EiSnk7CXR6Mbyl4lx9mUPHWidr9lyV5hqUB8COiA2_6Ztth-pojG-n8rS6AnAlVipJRW9cpgmsm2vq-e_Gq6uz6LrqqyD3gVcuWfP_pqvCDrnHK1pKyNnzS4RXcrrw7TD7u-rmxIYs84m155khhKEwo55vtDtTnbyCaQ6q1LKlFoLrh0wqL12pCqcEnapTT8GEJk4py16ka9pNiMtxF3rAHd5MiyVTpsAMkBAnbozVkow6m1bwpqD9p0-N9BAopNP5jUKiQ5X6dVybzCR90EYRln10kb92-J64NOQUVBZ79GA4JEpIAUkYsYwny0g8jPO7fc2rchuSEi0opfgiBpDTuUYKr4iVNadLhcSAb0-WizvS6r0M6wSnh9jhwzJoRZPv5remmDcdlDHyxzqTXmJ8NA7-gAQf2Eytfxt26-0nLbO0oDALqwHvLh5gu1RA6AdA4VI7-2kcG5vysK3rCH_aaRWVCo3_LsCr1lTYU7oJkh6Jw1hUy6qR8nnWO47Wg9MeEfp1WPFUu7uKGAcC6e4FiL2kF6KSMX4DXqcDc-EYDuSj5447tph1d_2S9SAo9pAlo0erPf_Hw-9Dlg4ZTWEiQYkpuuOkgfnYqpH7aqbC0LHjkXQXvgSZMqlVVG3Zh05BWuz_4ZzIG9BlGiApui-ayh3dvAnFLjMZ9cDr5jad_dMF8MqRlx2d8ujnbTuZN3MfdUdVOvqYcRngyf3EHXenFSM_RbXaOV8pnCGAvW_MMK1svMXWFWOM6wf61Gc1t0DnraqZ-m7I-h5Je957qgm3-Q2jtWyrYdPv12oqX9QE0B9zzhDQqRQL6nIVJXHHrlBsQ2OBf1xtENbrL_dxYS73BT8zlzdHoOUr-PX0RQ54rBmqkHgWlg9doCIny9PoB0EdgQbfDaSyf4livVngzPraGmYh2k2gEIV1bfYS5zn8Y6n0tTTrfnWy-jaXcViklf4DHmZvl_GDrKAqz2nahdFJikboTf9NUeowzU9FxDWPn3UfJB0dvo16NCe97qBN6Id26R1bswCAzh4E1fzLfx8lOFqQZgs2fvJytCh7oDPz62wt1j7mhGhZ0xxo-bAMaJE38-6UuIL0GrwS7SRAwwVQv8P91rxzW3_Xff-x0WhFDhP9NsmjZrNJth6WzsMDcQF4-XQzxMHNtsGj-ufX1m3dNwdwX6LfPEPmosYJr5QyYE2M89wIFuRe0JgNwqMcJ1KaJES7E2Wvh1jSAPH_R1RgOsv9Bs2w3OYRqpvHb4HxUS6VJloCxu82aa5i9Y5A3UjS6XEoo1DoqwWjPKMUpDYAlffqhtQcoC-lx5wXuBlo6f6L3txVDT-uiyt-TwZbbWKCLH7QMGN1HOEdtTPQWb3GSK-2Aps8lLPV7DyNjAun1WFF_-OwD0HMwWldMbWraC83EIcAoRPgSfRgho6KfLZWLLoHVbIkBpTJpORViqnE9mDN9rYSMOjLROyUxf-k7lyIslAo9hqY_k-6awxEKa4zlnmtQAkzcOTtH6P4-Sng1jLHLUWFD-jQd0puJ4TEwWxhxn4MZvhW1aSoDkdmN-T6y3KMK_jZltOTql5n4UyKefSciWERoEKZAcbbDqHP7xHGfZlqOhy0JoxnaH5mrezgSFzEJug19bQoje9c5IGp3K7gBBdIatKx9pdY-axs2eIN7fC8--3FeLOO8jBeVqQiGV3IdKuxQPmn6wWrUwcPZSMhHWojGfizcaXlMeS83phIw8lCn5zuvRZAwUMeNz9KQKU_K6OInVmkPjcls73mbbXdf8zNNoPVM5XbEn5DX0i-kMrP1_PqjyrZC-ngPuY3K8h6Cqtk8r1pjpaGPpdQFMFZI29Nl6QuEgMmYSMw_nwV8p1DViJW-liPPo4qqTa7XBUlRuGHFWMhzBW-oO4himlalVtc1aVg7Nato_UlE6hdQOSpq9D4qXGjtZGDnPLI-jJ8FjBhq3-o60fyVfk9p8Jlu7NEXJ1r3-zi4s9wr-xehkD6j7G-f12B9vLtcGkZrCgs9bOnSyiRd_hkjLqU-P899Y-ZDk1VDWiq27k8NYh0A-omnYcnwum7n-nFCmkzfdgepVB5VQ96gPu4HbsLLJuHsSj-V2CqYWxXD4xlPHlK7FYfsjMmvN1ktGkA1V5PEmDErMORcO_anf0QBLgYdkaq5_VPdD-G4C7xSMXRIsRn55N2Jm5VnYbOIkmxcidZxXtkWmPych4_LoFmfbAeQpM9DRvFIPvdy_PxpG-SVAPL6zD-OKEkRpUgS1Rz2PcRd1wm3jNP9qAdMcREThprPYWzSW-5JrqZ1ZJqVwrSYfrWJveVrWqpmhLbDmd0ryoS9H74s53w8K3qdfCH0XsRkbi1vn9fKcBf5N&cid=CAASJeRoC4oVo3jSLk9uBGUb4KxL9xc8DSWDcCxbxkKtHDjpZaN0eZg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 17:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38598
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 17:11:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8B8A 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvWOralVTZktk5VWDXfDfORkIVKUL1QmQzYuYXpW47eLhTvaXep2yXw8wTnVGL3aJbUG6ugGirVjdLCqr85619ouobsaTdmHKrLtDSmU5_DEaTmxqX8Ob618jBoOVePWQ5XQyWLASscWUyfLAukX6hiK-vYIdFryZNdpjV_UoNxCN6CTVLeY3lcTaUkwS6KF4l8bzLsSyrwAknVeGACXxn8OP-Gan23FwbDy8cgFPdjvh5MyU5s91s3c-z-NK6Wuy-8Gc3v4dlDZFkk1ot49AGASPYYlAc0MG1RtIKaAgEl767Io8NC4w-1JMkNGRnalKLiHmPKyr1Sm51N7eszLGaUqsvhGwX9-KmbeAf12VALuCVmj6SEoPlgZ2w4lmvp79vvcQLdx0C3Ov6PVVAY9efBC9J81qkyq3OrQpDZ6kZu5kZggAFHyShVyxzZ1rF4zTFXYEVTcdoou61C1-_8fPFQbDv9FbY_M7lwHOHZMZhlkTTPyqadL4M7XrTFrElewKPcqZdAoFeFaI9V4RNNXTzl_eyAjnresyzx-kVSc_W8yLrHSYxvc7j9BzjcV87ioL9KHFUe1FUlztubjKKb4IghCqXv-HNEsdzINMJfT9C24uGNmbzRb24WEy6Ow9nsXi_gpG-2W-kt_FnriQCiBGrQmMohjPEJlU9Gu0mdbFjcIVfY0jUdLkn4tSEnX8vuLMW4bX6_o-ewFIGntVkggpHKD9XPScIxh9zszfZrtqTmNdDlnSqUBSsgEz4_VKZmCOxP0BGZZA64jW757h6kDOphWvcnv22kK35Hl0dRQIWkoFJQ0N-7jEKdXbpAwA5uIZAOoAXrJO3XWVeQfdflHcJueSR2gFCZq9op25xsrPgHmaIm-BZnTzJeADjUZ2jHQZ5f80KHaeRUpVtoWbFTWtZy28cgZXNMCHaw0171dclaIqKH_maxATuAQFCtdUlu-oyhmZIZZi_jWQT1ueUKJ9RG2jz7EQLn7uBue1zlUxSOzTQ0su2h1PvqesqeQruN4q9Y0mwGrIWQN7uiTi1OwQsV7gnCTcfGwbQ_ObH0u4COfuLsqtstaBbsRaIdTUxGW2k3Tvjx5XuvncObg5CoR3GVkd5rkI7wuLJpEq7aHT4MRIGa41Larr93dtnbaXTMn8h0Jt2jB3z_iUwDp8eaK7t52WgQwM1wTxm_42dEfTrCYwXmEbNGAlSVmcZcp2FwKxgiz-qNLY9MWNmueUUq4A&sai=AMfl-YTnGLPAmzAM-iuO_hh7OdZ8yi0QHaZ-8CHToVwCAV7R21vGScjw5YQwVpKvvOSrH6MipYtctv5uXIOiO9X1TNYyGWlXLwQXckJZJ_2T1O1nmBa3opXpkza8McQXl2F1ryNdODYG5G-sb5tADGwpQaC3LrHW_dIisU7nAFPMUrzH9yfjQL8eP1OlId9-MofmsUq9U5F4CpX6gNRY39V_34J47PNvCg&sig=Cg0ArKJSzP0NWZeWgiCqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221020.59782&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZ8LinE_Epo1k44iGFjYuWhOZEtH154cU67w7SfBI84IWw6-UYVP-E72ZKD4EE812qVhUrDIXW1iIVxB1BCbG_PGi2nw&cry=1&dbm_d=AKAmf-C1lXBy5E8Isg9bH-t45-U3rf02dmRM6RHCGkMUzq8SypAovj0MqKVKt0jMZKEwFMbXu5omQxYnyJnrkOyTst1byROWx8WZeFeapLsKCjyUfLNa_BNGmbbB05dduAtnCAZfpX8wZbYc9AFecDfT9qeSkc6kLoZk_m6NyCw7gbbQ3lRzGmVxflB7KQrQhU5bfVz1-bCXajsp9QmP81gnZf1NX6ZHcADDaZLgKBRiWAp0pWwiS2QBuZpH4_ZGBnb6EADr3Jx0h0jajJmOop2g_MmOuI7lPCEnUPuvc5VOWDbwqU83vJ2M9YVzEuUoAd7S0nRWAU7MD09UmOstAM_ggeXD_nXSMKKnP7poTdHtUqnPXuK4dOvZLYXLprl8svMj-MwU8QS4yLCPjHYr337ZFFJ1lX8R2c_fo28MSBZUyT6ba0ZPE7gIHICINxA3llTtQg4SOx3p7_BiUTMxJxTDs609SwLBNyCZEnnN9ovbW0M9b1X9oq-rHoRIFrkPrZOzRCib3SwOKtmRexwKjC0GqvOSOysetioGYBpQViIQrihZexRsxhvjUeG1itjxqHnXGWYne2N4CVOKwRJIcdPaSxIWGkY-vWdHo7UGk2Yze92mpH-2QMXpa3I9g2Il2XkxL4ROzqC7OYiFLeGS2pmZY8QiuezMw5jKM1c7hgKXHsVEeqeA7vlwuhWFreXWr9bu75TN7DESOzru9Ij8aMXj8ApiVgfLm9DChnb35zzDv69syNe3XkznlLL8YpZuWndgZDkUzACU6BmO8BKmS97aAzPMwOJTsO83TQJxgSs3umpIAPaiLr1N244xqofmzu1Y0dnFzTI7RiRDHNgWG5ws0LaBdrHf0o_lHn7XzuB6oYeIOkgx3I0AaedCsHwZGgVT16y8kO__lBLUVncctJnCNdC_kfM4pjc2YgebcE05jiX_W-dDAYp_5dIo_zFGjhyaMzSV6YwxOypv_16yMcGHtZc3HE0w80wHvpPJxAE3Rnpqq0aRC-NsNa7eS5tAUroXz7ywxBDQt9LYQ9i4EiSnk7CXR6Mbyl4lx9mUPHWidr9lyV5hqUB8COiA2_6Ztth-pojG-n8rS6AnAlVipJRW9cpgmsm2vq-e_Gq6uz6LrqqyD3gVcuWfP_pqvCDrnHK1pKyNnzS4RXcrrw7TD7u-rmxIYs84m155khhKEwo55vtDtTnbyCaQ6q1LKlFoLrh0wqL12pCqcEnapTT8GEJk4py16ka9pNiMtxF3rAHd5MiyVTpsAMkBAnbozVkow6m1bwpqD9p0-N9BAopNP5jUKiQ5X6dVybzCR90EYRln10kb92-J64NOQUVBZ79GA4JEpIAUkYsYwny0g8jPO7fc2rchuSEi0opfgiBpDTuUYKr4iVNadLhcSAb0-WizvS6r0M6wSnh9jhwzJoRZPv5remmDcdlDHyxzqTXmJ8NA7-gAQf2Eytfxt26-0nLbO0oDALqwHvLh5gu1RA6AdA4VI7-2kcG5vysK3rCH_aaRWVCo3_LsCr1lTYU7oJkh6Jw1hUy6qR8nnWO47Wg9MeEfp1WPFUu7uKGAcC6e4FiL2kF6KSMX4DXqcDc-EYDuSj5447tph1d_2S9SAo9pAlo0erPf_Hw-9Dlg4ZTWEiQYkpuuOkgfnYqpH7aqbC0LHjkXQXvgSZMqlVVG3Zh05BWuz_4ZzIG9BlGiApui-ayh3dvAnFLjMZ9cDr5jad_dMF8MqRlx2d8ujnbTuZN3MfdUdVOvqYcRngyf3EHXenFSM_RbXaOV8pnCGAvW_MMK1svMXWFWOM6wf61Gc1t0DnraqZ-m7I-h5Je957qgm3-Q2jtWyrYdPv12oqX9QE0B9zzhDQqRQL6nIVJXHHrlBsQ2OBf1xtENbrL_dxYS73BT8zlzdHoOUr-PX0RQ54rBmqkHgWlg9doCIny9PoB0EdgQbfDaSyf4livVngzPraGmYh2k2gEIV1bfYS5zn8Y6n0tTTrfnWy-jaXcViklf4DHmZvl_GDrKAqz2nahdFJikboTf9NUeowzU9FxDWPn3UfJB0dvo16NCe97qBN6Id26R1bswCAzh4E1fzLfx8lOFqQZgs2fvJytCh7oDPz62wt1j7mhGhZ0xxo-bAMaJE38-6UuIL0GrwS7SRAwwVQv8P91rxzW3_Xff-x0WhFDhP9NsmjZrNJth6WzsMDcQF4-XQzxMHNtsGj-ufX1m3dNwdwX6LfPEPmosYJr5QyYE2M89wIFuRe0JgNwqMcJ1KaJES7E2Wvh1jSAPH_R1RgOsv9Bs2w3OYRqpvHb4HxUS6VJloCxu82aa5i9Y5A3UjS6XEoo1DoqwWjPKMUpDYAlffqhtQcoC-lx5wXuBlo6f6L3txVDT-uiyt-TwZbbWKCLH7QMGN1HOEdtTPQWb3GSK-2Aps8lLPV7DyNjAun1WFF_-OwD0HMwWldMbWraC83EIcAoRPgSfRgho6KfLZWLLoHVbIkBpTJpORViqnE9mDN9rYSMOjLROyUxf-k7lyIslAo9hqY_k-6awxEKa4zlnmtQAkzcOTtH6P4-Sng1jLHLUWFD-jQd0puJ4TEwWxhxn4MZvhW1aSoDkdmN-T6y3KMK_jZltOTql5n4UyKefSciWERoEKZAcbbDqHP7xHGfZlqOhy0JoxnaH5mrezgSFzEJug19bQoje9c5IGp3K7gBBdIatKx9pdY-axs2eIN7fC8--3FeLOO8jBeVqQiGV3IdKuxQPmn6wWrUwcPZSMhHWojGfizcaXlMeS83phIw8lCn5zuvRZAwUMeNz9KQKU_K6OInVmkPjcls73mbbXdf8zNNoPVM5XbEn5DX0i-kMrP1_PqjyrZC-ngPuY3K8h6Cqtk8r1pjpaGPpdQFMFZI29Nl6QuEgMmYSMw_nwV8p1DViJW-liPPo4qqTa7XBUlRuGHFWMhzBW-oO4himlalVtc1aVg7Nato_UlE6hdQOSpq9D4qXGjtZGDnPLI-jJ8FjBhq3-o60fyVfk9p8Jlu7NEXJ1r3-zi4s9wr-xehkD6j7G-f12B9vLtcGkZrCgs9bOnSyiRd_hkjLqU-P899Y-ZDk1VDWiq27k8NYh0A-omnYcnwum7n-nFCmkzfdgepVB5VQ96gPu4HbsLLJuHsSj-V2CqYWxXD4xlPHlK7FYfsjMmvN1ktGkA1V5PEmDErMORcO_anf0QBLgYdkaq5_VPdD-G4C7xSMXRIsRn55N2Jm5VnYbOIkmxcidZxXtkWmPych4_LoFmfbAeQpM9DRvFIPvdy_PxpG-SVAPL6zD-OKEkRpUgS1Rz2PcRd1wm3jNP9qAdMcREThprPYWzSW-5JrqZ1ZJqVwrSYfrWJveVrWqpmhLbDmd0ryoS9H74s53w8K3qdfCH0XsRkbi1vn9fKcBf5N&cid=CAASJeRoC4oVo3jSLk9uBGUb4KxL9xc8DSWDcCxbxkKtHDjpZaN0eZg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 03:54:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8B8A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZ8LinE_Epo1k44iGFjYuWhOZEtH154cU67w7SfBI84IWw6-UYVP-E72ZKD4EE812qVhUrDIXW1iIVxB1BCbG_PGi2nw&cry=1&dbm_d=AKAmf-C1lXBy5E8Isg9bH-t45-U3rf02dmRM6RHCGkMUzq8SypAovj0MqKVKt0jMZKEwFMbXu5omQxYnyJnrkOyTst1byROWx8WZeFeapLsKCjyUfLNa_BNGmbbB05dduAtnCAZfpX8wZbYc9AFecDfT9qeSkc6kLoZk_m6NyCw7gbbQ3lRzGmVxflB7KQrQhU5bfVz1-bCXajsp9QmP81gnZf1NX6ZHcADDaZLgKBRiWAp0pWwiS2QBuZpH4_ZGBnb6EADr3Jx0h0jajJmOop2g_MmOuI7lPCEnUPuvc5VOWDbwqU83vJ2M9YVzEuUoAd7S0nRWAU7MD09UmOstAM_ggeXD_nXSMKKnP7poTdHtUqnPXuK4dOvZLYXLprl8svMj-MwU8QS4yLCPjHYr337ZFFJ1lX8R2c_fo28MSBZUyT6ba0ZPE7gIHICINxA3llTtQg4SOx3p7_BiUTMxJxTDs609SwLBNyCZEnnN9ovbW0M9b1X9oq-rHoRIFrkPrZOzRCib3SwOKtmRexwKjC0GqvOSOysetioGYBpQViIQrihZexRsxhvjUeG1itjxqHnXGWYne2N4CVOKwRJIcdPaSxIWGkY-vWdHo7UGk2Yze92mpH-2QMXpa3I9g2Il2XkxL4ROzqC7OYiFLeGS2pmZY8QiuezMw5jKM1c7hgKXHsVEeqeA7vlwuhWFreXWr9bu75TN7DESOzru9Ij8aMXj8ApiVgfLm9DChnb35zzDv69syNe3XkznlLL8YpZuWndgZDkUzACU6BmO8BKmS97aAzPMwOJTsO83TQJxgSs3umpIAPaiLr1N244xqofmzu1Y0dnFzTI7RiRDHNgWG5ws0LaBdrHf0o_lHn7XzuB6oYeIOkgx3I0AaedCsHwZGgVT16y8kO__lBLUVncctJnCNdC_kfM4pjc2YgebcE05jiX_W-dDAYp_5dIo_zFGjhyaMzSV6YwxOypv_16yMcGHtZc3HE0w80wHvpPJxAE3Rnpqq0aRC-NsNa7eS5tAUroXz7ywxBDQt9LYQ9i4EiSnk7CXR6Mbyl4lx9mUPHWidr9lyV5hqUB8COiA2_6Ztth-pojG-n8rS6AnAlVipJRW9cpgmsm2vq-e_Gq6uz6LrqqyD3gVcuWfP_pqvCDrnHK1pKyNnzS4RXcrrw7TD7u-rmxIYs84m155khhKEwo55vtDtTnbyCaQ6q1LKlFoLrh0wqL12pCqcEnapTT8GEJk4py16ka9pNiMtxF3rAHd5MiyVTpsAMkBAnbozVkow6m1bwpqD9p0-N9BAopNP5jUKiQ5X6dVybzCR90EYRln10kb92-J64NOQUVBZ79GA4JEpIAUkYsYwny0g8jPO7fc2rchuSEi0opfgiBpDTuUYKr4iVNadLhcSAb0-WizvS6r0M6wSnh9jhwzJoRZPv5remmDcdlDHyxzqTXmJ8NA7-gAQf2Eytfxt26-0nLbO0oDALqwHvLh5gu1RA6AdA4VI7-2kcG5vysK3rCH_aaRWVCo3_LsCr1lTYU7oJkh6Jw1hUy6qR8nnWO47Wg9MeEfp1WPFUu7uKGAcC6e4FiL2kF6KSMX4DXqcDc-EYDuSj5447tph1d_2S9SAo9pAlo0erPf_Hw-9Dlg4ZTWEiQYkpuuOkgfnYqpH7aqbC0LHjkXQXvgSZMqlVVG3Zh05BWuz_4ZzIG9BlGiApui-ayh3dvAnFLjMZ9cDr5jad_dMF8MqRlx2d8ujnbTuZN3MfdUdVOvqYcRngyf3EHXenFSM_RbXaOV8pnCGAvW_MMK1svMXWFWOM6wf61Gc1t0DnraqZ-m7I-h5Je957qgm3-Q2jtWyrYdPv12oqX9QE0B9zzhDQqRQL6nIVJXHHrlBsQ2OBf1xtENbrL_dxYS73BT8zlzdHoOUr-PX0RQ54rBmqkHgWlg9doCIny9PoB0EdgQbfDaSyf4livVngzPraGmYh2k2gEIV1bfYS5zn8Y6n0tTTrfnWy-jaXcViklf4DHmZvl_GDrKAqz2nahdFJikboTf9NUeowzU9FxDWPn3UfJB0dvo16NCe97qBN6Id26R1bswCAzh4E1fzLfx8lOFqQZgs2fvJytCh7oDPz62wt1j7mhGhZ0xxo-bAMaJE38-6UuIL0GrwS7SRAwwVQv8P91rxzW3_Xff-x0WhFDhP9NsmjZrNJth6WzsMDcQF4-XQzxMHNtsGj-ufX1m3dNwdwX6LfPEPmosYJr5QyYE2M89wIFuRe0JgNwqMcJ1KaJES7E2Wvh1jSAPH_R1RgOsv9Bs2w3OYRqpvHb4HxUS6VJloCxu82aa5i9Y5A3UjS6XEoo1DoqwWjPKMUpDYAlffqhtQcoC-lx5wXuBlo6f6L3txVDT-uiyt-TwZbbWKCLH7QMGN1HOEdtTPQWb3GSK-2Aps8lLPV7DyNjAun1WFF_-OwD0HMwWldMbWraC83EIcAoRPgSfRgho6KfLZWLLoHVbIkBpTJpORViqnE9mDN9rYSMOjLROyUxf-k7lyIslAo9hqY_k-6awxEKa4zlnmtQAkzcOTtH6P4-Sng1jLHLUWFD-jQd0puJ4TEwWxhxn4MZvhW1aSoDkdmN-T6y3KMK_jZltOTql5n4UyKefSciWERoEKZAcbbDqHP7xHGfZlqOhy0JoxnaH5mrezgSFzEJug19bQoje9c5IGp3K7gBBdIatKx9pdY-axs2eIN7fC8--3FeLOO8jBeVqQiGV3IdKuxQPmn6wWrUwcPZSMhHWojGfizcaXlMeS83phIw8lCn5zuvRZAwUMeNz9KQKU_K6OInVmkPjcls73mbbXdf8zNNoPVM5XbEn5DX0i-kMrP1_PqjyrZC-ngPuY3K8h6Cqtk8r1pjpaGPpdQFMFZI29Nl6QuEgMmYSMw_nwV8p1DViJW-liPPo4qqTa7XBUlRuGHFWMhzBW-oO4himlalVtc1aVg7Nato_UlE6hdQOSpq9D4qXGjtZGDnPLI-jJ8FjBhq3-o60fyVfk9p8Jlu7NEXJ1r3-zi4s9wr-xehkD6j7G-f12B9vLtcGkZrCgs9bOnSyiRd_hkjLqU-P899Y-ZDk1VDWiq27k8NYh0A-omnYcnwum7n-nFCmkzfdgepVB5VQ96gPu4HbsLLJuHsSj-V2CqYWxXD4xlPHlK7FYfsjMmvN1ktGkA1V5PEmDErMORcO_anf0QBLgYdkaq5_VPdD-G4C7xSMXRIsRn55N2Jm5VnYbOIkmxcidZxXtkWmPych4_LoFmfbAeQpM9DRvFIPvdy_PxpG-SVAPL6zD-OKEkRpUgS1Rz2PcRd1wm3jNP9qAdMcREThprPYWzSW-5JrqZ1ZJqVwrSYfrWJveVrWqpmhLbDmd0ryoS9H74s53w8K3qdfCH0XsRkbi1vn9fKcBf5N&cid=CAASJeRoC4oVo3jSLk9uBGUb4KxL9xc8DSWDcCxbxkKtHDjpZaN0eZg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 16:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 16:13:11 GMT
11005805365377215739
s0.2mdn.net/simgad/ Frame 8B8A 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11005805365377215739
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
03defe788c487bc9974d219a7f4c511b37b3107036e9fea400bcf3c8e4e92458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:25 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108313
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 03:54:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BF6A 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9031fb6394636040da43903f24c6d58e9af4986b8042124b7a02b26feb5a7081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11287
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame 2107 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg_MwM975ripgH3oAdMDAn6aCUZYLO4BjFZipYlwHJEpFJ0K1jgYhib4Uhc9Eyglrg62j8XVODnxxZiN2HalnWyhHSgM3R3D&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_MwM975ripgH3oAdMDAn6aCUZYLO4BjFZipYlwHJEpFJ0K1jgYhib4Uhc9Eyglrg62j8XVODnxxZiN2HalnWyhHSgM3R3D%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
760040236d8fa949-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2107
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg_ZlAXnkS-m4tEeanRziYWiVb_BozMRAMNBIXFtN5bYjFfCG0ZaUYtVoYM6eyleAXr23VkBWy8S2t0CipH2P5...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg_ZlAXnkS-m4tEeanRziYWiVb_BozMRAMNBIXFtN5bYjFfCG0ZaUYtVoYM6eyleAXr23VkBWy8S2t0CipH2P5...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzJmNzY2ODctZDFiOS00ZDhmLTlmMGUtZTQ0YzkzNTZiOTg2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=32f76687-d1b9-4d8f-9f0e-e44c9356b986
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzJmNzY2ODctZDFiOS00ZDhmLTlmMGUtZTQ0YzkzNTZiOTg2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=32f76687-d1b9-4d8f-9f0e-e44c9356b986
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzJmNzY2ODctZDFiOS00ZDhmLTlmMGUtZTQ0YzkzNTZiOTg2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=32f76687-d1b9-4d8f-9f0e-e44c9356b986
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 2107
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg9lZxjgrAqeTnjzzdexFVTgr-Lr--_8CCxht6w_tcY0gkZukxI0mrTkzZCXPh1cV2gCR8lZNK26...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg9lZxjgrAqeTnjzzdexFVTgr-Lr--_8CCxht6w_tcY0gkZukxI0mrTkzZCXPh1cV2gCR8l...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzI3MzgwMjUxMjk3NzUwMTU2&google_push=AZmPxg9lZxjgrAqeTnjzzdexFVTgr-Lr--_8CCxht6w_tcY0gkZukxI0mrTkzZCXPh1cV2gCR8lZNK26...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzI3MzgwMjUxMjk3NzUwMTU2&google_push=AZmPxg9lZxjgrAqeTnjzzdexFVTgr-Lr--_8CCxht6w_tcY0gkZukxI0mrTkzZCXPh1cV2gCR8lZNK26T8oQ4YCPcvJpbzGC9wKi
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzI3MzgwMjUxMjk3NzUwMTU2&google_push=AZmPxg9lZxjgrAqeTnjzzdexFVTgr-Lr--_8CCxht6w_tcY0gkZukxI0mrTkzZCXPh1cV2gCR8lZNK26T8oQ4YCPcvJpbzGC9wKi
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2107
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_cver=1&google_push=AZmPxg8Defk9yPt9H2hyKSMGFaMECRLfq7bXUe0b1iCFo68ooF0fAq_4AlVYEF2KgIuoFOUJvRWH9eRiMMuWZ...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_push=AZmPxg8Defk9yPt9H2hyKSMGFaMECRLfq7bXUe0b1iCFo68ooF0fAq_4AlVYEF2KgIuoFOUJvRWH9eRiMMuWZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8Defk9yPt9H2hyKSMGFaMECRLfq7bXUe0b1iCFo68ooF0fAq_4AlVYEF2KgIuoFOUJvRWH9eRiMMuWZ9s_pKAdsOxNcrbH&google_hm=U3FIMHRnVFhDcGkzZHZ3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8Defk9yPt9H2hyKSMGFaMECRLfq7bXUe0b1iCFo68ooF0fAq_4AlVYEF2KgIuoFOUJvRWH9eRiMMuWZ9s_pKAdsOxNcrbH&google_hm=U3FIMHRnVFhDcGkzZHZ3aUxsam4=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8Defk9yPt9H2hyKSMGFaMECRLfq7bXUe0b1iCFo68ooF0fAq_4AlVYEF2KgIuoFOUJvRWH9eRiMMuWZ9s_pKAdsOxNcrbH&google_hm=U3FIMHRnVFhDcGkzZHZ3aUxsam4=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2107
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE0kdM3XL_vmz85GWrWJnJY&google_cver=1&google_push=AZmPxg-JzcBl7aLQ7bxS2rkiRcFzQ37cjmHqJFNQhUEzMvRSWSsFK36WwmuljdVpFD9hVGnasB3DLiiK59f-di1...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=EiyIerUgQWVo3xMsSqzyUq310VE&google_push=AZmPxg-JzcBl7aLQ7bxS2rkiRcFzQ37cjmHqJFNQhUEzMvRSWSsFK36WwmuljdVpFD9hVGnasB3DLiiK59f-di...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=EiyIerUgQWVo3xMsSqzyUq310VE&google_push=AZmPxg-JzcBl7aLQ7bxS2rkiRcFzQ37cjmHqJFNQhUEzMvRSWSsFK36WwmuljdVpFD9hVGnasB3DLiiK59f-di1whbBCfwVmfaHK
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=EiyIerUgQWVo3xMsSqzyUq310VE&google_push=AZmPxg-JzcBl7aLQ7bxS2rkiRcFzQ37cjmHqJFNQhUEzMvRSWSsFK36WwmuljdVpFD9hVGnasB3DLiiK59f-di1whbBCfwVmfaHK
Date
Wed, 26 Oct 2022 03:54:26 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 2107 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAZu8-YNijw_iLwdTB4sn_zy7-OCnIjGqxMwJdqpQW6EUcEj_Nqq2grXA
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:54:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 800E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 16:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 16:13:11 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2C29 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 19:48:09 GMT
etag
48472445140208031
expires
Wed, 26 Oct 2022 19:48:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1ACF 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 19:48:09 GMT
etag
48472445140208031
expires
Wed, 26 Oct 2022 19:48:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 800E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4434cbf25a585ae04dd4bfe478e2b99dddfbf46151f8e88bdd3f2416cbc8d082

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B8A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a3110deafe5e90662d96980e2dc86fef54ab6c222e9b9305e9fd72c1de8a0bb

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BF6A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:25 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 949C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
135493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 14:16:12 GMT
expires
Tue, 24 Oct 2023 14:16:12 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 38E0 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:42:03 GMT
x-content-type-options
nosniff
age
367942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 21:42:03 GMT
i.match
a.tribalfusion.com/ Frame 2C29 		43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg9z06pbFVIyQdEuB9jRGG3YvBI7UyiaEmAlflgJCL2Vda6esCIuYum6UQyr2mClqkinLiNOdHpvmybF-ehKq6yAYp8aa2P63KtveIFdHehYPwVwjeZyDdvNaAwC1w5Ym5udi1XogRRGMZG_i3IbS80&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9z06pbFVIyQdEuB9jRGG3YvBI7UyiaEmAlflgJCL2Vda6esCIuYum6UQyr2mClqkinLiNOdHpvmybF-ehKq6yAYp8aa2P63KtveIFdHehYPwVwjeZyDdvNaAwC1w5Ym5udi1XogRRGMZG_i3IbS80%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
760040249f48a949-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2C29
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg9-jpxsFYLwWrjluu9gpjBX2L7x8jXLZjWhcpWvClkOeDOiCr4kFskeyKMKncG3DHSbf9UuZy7q8aHMq_kTbN...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg9-jpxsFYLwWrjluu9gpjBX2L7x8jXLZjWhcpWvClkOeDOiCr4kFskeyKMKncG3DHSbf9UuZy7q8aHMq_kTbN...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTZkMzQwZjgtZjI1Mi00MzgyLWFhNzAtZTk0YzhmMjUwZjg1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e6d340f8-f252-4382-aa70-e94c8f250f85
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTZkMzQwZjgtZjI1Mi00MzgyLWFhNzAtZTk0YzhmMjUwZjg1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e6d340f8-f252-4382-aa70-e94c8f250f85
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTZkMzQwZjgtZjI1Mi00MzgyLWFhNzAtZTk0YzhmMjUwZjg1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e6d340f8-f252-4382-aa70-e94c8f250f85
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 2C29
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg-_5-zVyvAxFs9M4dnsQBdOdrJjMGVZ0T5CiSTwRjKXHLQvqFlQKedgUhukGfyeUAjqoPOxqZI6...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg-_5-zVyvAxFs9M4dnsQBdOdrJjMGVZ0T5CiSTwRjKXHLQvqFlQKedgUhukGfyeUAjqoPO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwMTIxMTA2ODI4OTAxNjk2NQ&google_push=AZmPxg-_5-zVyvAxFs9M4dnsQBdOdrJjMGVZ0T5CiSTwRjKXHLQvqFlQKedgUhukGfyeUAjqoPOxqZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwMTIxMTA2ODI4OTAxNjk2NQ&google_push=AZmPxg-_5-zVyvAxFs9M4dnsQBdOdrJjMGVZ0T5CiSTwRjKXHLQvqFlQKedgUhukGfyeUAjqoPOxqZI67y6gaWgqbyCEDr1ruIlRTpvcKARfHUL-CmAfwLzhL0vluRZLQ5fO3TDhXdT6ffwN4VAGCWIkoA
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwMTIxMTA2ODI4OTAxNjk2NQ&google_push=AZmPxg-_5-zVyvAxFs9M4dnsQBdOdrJjMGVZ0T5CiSTwRjKXHLQvqFlQKedgUhukGfyeUAjqoPOxqZI67y6gaWgqbyCEDr1ruIlRTpvcKARfHUL-CmAfwLzhL0vluRZLQ5fO3TDhXdT6ffwN4VAGCWIkoA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2C29
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_cver=1&google_push=AZmPxg9wdw8PAR6OgTcIjgntAvQXovqmzEBX___3nx6iCRiJOpSDHgVVi-mtvAe-5Vjee3DX-Kh8hpEMRGC3j...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_push=AZmPxg9wdw8PAR6OgTcIjgntAvQXovqmzEBX___3nx6iCRiJOpSDHgVVi-mtvAe-5Vjee3DX-Kh8hpEMRGC3j...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9wdw8PAR6OgTcIjgntAvQXovqmzEBX___3nx6iCRiJOpSDHgVVi-mtvAe-5Vjee3DX-Kh8hpEMRGC3jSr9spaKaJiaFd7BKZprQi-kjHSytppLIvlLtSS4APCz2Zt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9wdw8PAR6OgTcIjgntAvQXovqmzEBX___3nx6iCRiJOpSDHgVVi-mtvAe-5Vjee3DX-Kh8hpEMRGC3jSr9spaKaJiaFd7BKZprQi-kjHSytppLIvlLtSS4APCz2ZtdzpkEvnN-Yz_QM_peiwyX-2U&google_hm=bDlMcGVpR1kzdFJMT05aU1dBTk8=
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9wdw8PAR6OgTcIjgntAvQXovqmzEBX___3nx6iCRiJOpSDHgVVi-mtvAe-5Vjee3DX-Kh8hpEMRGC3jSr9spaKaJiaFd7BKZprQi-kjHSytppLIvlLtSS4APCz2ZtdzpkEvnN-Yz_QM_peiwyX-2U&google_hm=bDlMcGVpR1kzdFJMT05aU1dBTk8=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2C29
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE0kdM3XL_vmz85GWrWJnJY&google_cver=1&google_push=AZmPxg8gsEtTQvLHAq96zdi5nu9nC8i5M9Mg7gBPCYLwii4mXfWDHKy1iSVYUvFGnHt19fB1AsiTRA0fXJ3dPYu...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=c_-h8Y4dTIJlxSFIQTYaYa310VE&google_push=AZmPxg8gsEtTQvLHAq96zdi5nu9nC8i5M9Mg7gBPCYLwii4mXfWDHKy1iSVYUvFGnHt19fB1AsiTRA0fXJ3dPY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=c_-h8Y4dTIJlxSFIQTYaYa310VE&google_push=AZmPxg8gsEtTQvLHAq96zdi5nu9nC8i5M9Mg7gBPCYLwii4mXfWDHKy1iSVYUvFGnHt19fB1AsiTRA0fXJ3dPYuPaFTbRup88Is-Sskk0S_b3HbKM1Uoc1p5pqh31hxI6F4r12x5FgFJwJBzXbk9_nbQ4tI
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=c_-h8Y4dTIJlxSFIQTYaYa310VE&google_push=AZmPxg8gsEtTQvLHAq96zdi5nu9nC8i5M9Mg7gBPCYLwii4mXfWDHKy1iSVYUvFGnHt19fB1AsiTRA0fXJ3dPYuPaFTbRup88Is-Sskk0S_b3HbKM1Uoc1p5pqh31hxI6F4r12x5FgFJwJBzXbk9_nbQ4tI
Date
Wed, 26 Oct 2022 03:54:26 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 2C29 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjU7yY66ThMvcIXr5-il8fkoAio45cfeEBETDwDpzlpxyFOE4a__MmSVU
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
i.match
a.tribalfusion.com/ Frame 1ACF 		43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg8gb7TZL06otPXdLYBNlq7sLMSD9YTMb3ktSGh6a2BBU-dIBdgTW2yphwtIX0dML7k5lfBB9x-T0yrl46aytN_rPHa6acZj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8gb7TZL06otPXdLYBNlq7sLMSD9YTMb3ktSGh6a2BBU-dIBdgTW2yphwtIX0dML7k5lfBB9x-T0yrl46aytN_rPHa6acZj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
760040249f4da949-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1ACF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg8Bj34SMufyjkeLX8ozM3JvZN5Mxu8SndwNvtm4akG_McsyR5ILDlwZwJEWc_DobN4MAf_Emz0Nh1AIbed_rG...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg8Bj34SMufyjkeLX8ozM3JvZN5Mxu8SndwNvtm4akG_McsyR5ILDlwZwJEWc_DobN4MAf_Emz0Nh1AIbed_rG...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YmE0NDlkY2YtZTkyZi00YjRmLWJmOWYtZDIwMzNmODNiMTM2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ba449dcf-e92f-4b4f-bf9f-d2033f83b136
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YmE0NDlkY2YtZTkyZi00YjRmLWJmOWYtZDIwMzNmODNiMTM2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ba449dcf-e92f-4b4f-bf9f-d2033f83b136
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YmE0NDlkY2YtZTkyZi00YjRmLWJmOWYtZDIwMzNmODNiMTM2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ba449dcf-e92f-4b4f-bf9f-d2033f83b136
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 1ACF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg--qQNPhcgOEP7BQwVXklc__uRn77YuFHLKWmeHgCWu1eUhKqHIvI2ssaTe8cTmutPsgad3Mv9t...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg--qQNPhcgOEP7BQwVXklc__uRn77YuFHLKWmeHgCWu1eUhKqHIvI2ssaTe8cTmutPsgad...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzY4NzQzNDk0MTQxNjc2MjYwNg&google_push=AZmPxg--qQNPhcgOEP7BQwVXklc__uRn77YuFHLKWmeHgCWu1eUhKqHIvI2ssaTe8cTmutPsgad3Mv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzY4NzQzNDk0MTQxNjc2MjYwNg&google_push=AZmPxg--qQNPhcgOEP7BQwVXklc__uRn77YuFHLKWmeHgCWu1eUhKqHIvI2ssaTe8cTmutPsgad3Mv9teZ3clYZ0IGjRxWCx2BbriQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzY4NzQzNDk0MTQxNjc2MjYwNg&google_push=AZmPxg--qQNPhcgOEP7BQwVXklc__uRn77YuFHLKWmeHgCWu1eUhKqHIvI2ssaTe8cTmutPsgad3Mv9teZ3clYZ0IGjRxWCx2BbriQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1ACF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_cver=1&google_push=AZmPxg9zbfoVrPoa4Mppj6wZeNzNXuSSRsTm8AGb0uLICwp4xATcwYCMWPEHtlSFdLBkIF6pMdk4cyZDoU2un...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_push=AZmPxg9zbfoVrPoa4Mppj6wZeNzNXuSSRsTm8AGb0uLICwp4xATcwYCMWPEHtlSFdLBkIF6pMdk4cyZDoU2un...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9zbfoVrPoa4Mppj6wZeNzNXuSSRsTm8AGb0uLICwp4xATcwYCMWPEHtlSFdLBkIF6pMdk4cyZDoU2unXBVhSJkgFc0PpiN&google_hm=MnRkUWh3eE1iaFR0cWtL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9zbfoVrPoa4Mppj6wZeNzNXuSSRsTm8AGb0uLICwp4xATcwYCMWPEHtlSFdLBkIF6pMdk4cyZDoU2unXBVhSJkgFc0PpiN&google_hm=MnRkUWh3eE1iaFR0cWtLaXc1RzI=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9zbfoVrPoa4Mppj6wZeNzNXuSSRsTm8AGb0uLICwp4xATcwYCMWPEHtlSFdLBkIF6pMdk4cyZDoU2unXBVhSJkgFc0PpiN&google_hm=MnRkUWh3eE1iaFR0cWtLaXc1RzI=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1ACF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE0kdM3XL_vmz85GWrWJnJY&google_cver=1&google_push=AZmPxg97ZHa5Us92qqiOIttcGzKmUYtsMTWcppmmFnK_xzHnb3gGGhNqtaXHWJU7wiBBxX1-PBp_weEkwwG924d...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ia4L_ahUTuldYwnoBG6bG6310VE&google_push=AZmPxg97ZHa5Us92qqiOIttcGzKmUYtsMTWcppmmFnK_xzHnb3gGGhNqtaXHWJU7wiBBxX1-PBp_weEkwwG924...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ia4L_ahUTuldYwnoBG6bG6310VE&google_push=AZmPxg97ZHa5Us92qqiOIttcGzKmUYtsMTWcppmmFnK_xzHnb3gGGhNqtaXHWJU7wiBBxX1-PBp_weEkwwG924dR8PvZNy-OLUVBOw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ia4L_ahUTuldYwnoBG6bG6310VE&google_push=AZmPxg97ZHa5Us92qqiOIttcGzKmUYtsMTWcppmmFnK_xzHnb3gGGhNqtaXHWJU7wiBBxX1-PBp_weEkwwG924dR8PvZNy-OLUVBOw
Date
Wed, 26 Oct 2022 03:54:26 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 1ACF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KniIxSuGnUZk7TojZkKaw0hhCEX7vDM1ApCnSPdFX2MM2osQw5RT_Qcww
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 48E8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
135493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 14:16:12 GMT
expires
Tue, 24 Oct 2023 14:16:12 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8CB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
268684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 01:16:21 GMT
expires
Mon, 23 Oct 2023 01:16:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5244 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
2f923f5180774f6599bd88ec540004557c15443b015fb8458c39bb0338505047
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NwApvXsY0pmszAecyEytiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-NwApvXsY0pmszAecyEytiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:25 GMT
expires
Wed, 26 Oct 2022 03:54:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:54:25 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 949C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:48:54 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 48E8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:48:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5244 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=14388017653826&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame D8CB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:48:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 949C 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByWepcK9YY5fRLca21Aan87SwDwAAAAA4AeAEAg&bg=!FBelF1PNAAaaxvStusY7ACkAdvg8Wupkn6UTMGzRA57bTVDUhZvbZM0YCuPzgTXg5dLgGWoJ6eF7RAIAAABTUgAAAAJoAQeZAu9C3QJzTAniniUDDpl-CFXpUjM5N3l3UnDErFL_io02DuAWASlaFM9ErKaVS9FxPiU6mSK7DnuOWpxkCXRlIx5JnolZH5Sx5_owAzNjtTqmJ1Ex2PRQaWIV5-w_bZE__-TJ2yOrbl81oAN_tM__ECAAprzheLjdbRZlzwTJgVPp2IEEiSRSlEpdBanM-DtYqxunm_jyRGLk4znNYkBjuNK1sB3UDY8SnkLdXo8spMz8WC-PzAf_S9ztu5AQMMSpa8FtDftG67lWsJm9EGi5DzUobBJePxvRB4UXBHAp_N8BF7pkfBngPBgXvzHvajGa1NV1u-C1mcMVTUpTPlDNn-fDGMc4fMQM7p59UxABJG5YlqSjgrynkx_-qAU_TBZjfykZ3OuMjofevT0qqtMlyJRv594FEWeT6HLrPMpd461vWUAxCljDBzrIWFz4eCNv2pcyDq25z2hrGApYaoMAzz-3jBym0iy5JV5tGciFrnb7cATwkq8xAKfJz9xnu_rdOqs40TYTaMLhP9GjbLiTf0nKiIo2IxGurb_ZHfS1IQMIXmD9Nna8NSngIpBlyb4G2gIP7HoRCjbK_VtmY1e2ngVP8J6RAi2Y1NE0mYf7O9811lf3mVidwE2yB3xTdPLoe9nZXRsaByuhK8lueH6CuHnHD6O4PNdWYLkSb3nNDQ4TXoITQdZzNHAXyo2b2AZlAdrVXUdFym28P9mVYg4gGY6j_JyufR7zFtKsGNwn3JExs3kYW7TAK58WuJeUTo4qZUEaMXc5913xyS-8GNqkx4KKxG9EYCK79ufj0HT6KBSaiaxjComvJkMGM5VjX983HseyOeEsqriKGqdllka82Rn3kV8SAZ4-O9gjEuqbLAavlj_9vZVnVr5nyhHAWqb6cscBiFhqy7w18XHqx2WgWFZKlrsuc0tr1xr5xw4x_py4bYEh-yH6NwlQGVfQw6fcD0-TV0ancIpeV3nH9JTdu1nr6iRN1kmHC1SKTC4QTxO2
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smtr
contextual.media.net/ Frame 8C5E 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1666756464322146325&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&itid=17&bae=B444xzxe4/&bcpf=B444xz8fOnRrolnfOur8xe4%2F&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0384125018t202210260354&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1dad43954a6b675a0a6e65e37b92836675264c06d09fc4f0ec1472cc6c950bce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-sc-w
21-dj37
pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-zb8h
timing-allow-origin
*
content-length
33614
expires
Wed, 26 Oct 2022 03:54:26 GMT
bping.php
lg3.media.net/ Frame 8C5E 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=518&&vgd_cdv=816&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1666756464322146325&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886994807&r=1666756465729&requrl=https%3A%2F%2Fwww.bg3.co&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1666756464162078275&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0384125018t202210260354&vgd_pgids=1&vgd_uspa=0&hvsid=00001666756465724029185682735487&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Wed, 26 Oct 2022 03:54:25 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=8712
content-length
15
checksync.php
contextual.media.net/ Frame 0296 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c017bc85fd93ded1244d1a721c8d5fd5a52441092a4ce44cd1902ecbe90e34b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9408
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 03:54:25 GMT
expires
Fri, 28 Oct 2022 03:54:25 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 8C5E 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4355&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Y1ivbwALNH4KaFQS3Q77Hg&s_city=singapore&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=2.3215482E-4&mx_TAF=3&device_id=4&ae=false&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=d6ab571b&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=20.0&adj0=0.0&tmax=300&s_ip=74.125.190.139&adj2=0.0&adj1=0.0&feedback_id=Y1ivbwALNH4KaFQS3Q77Hg&adtypes=0&mx_aabpc=0&reqid=Y1ivbwALNH4KaFQS3Q77Hg&sc=AU-NSW&sd=1&mowxReqId=e79d4c7cc4974d7aa20e5622330dae6e_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1666756463770&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-44-26&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=e79d4c7cc4974d7aa20e5622330dae6e&actltime=30&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&suid=CAESEBNgJDmqlFt1sNw1y_CpBl8&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1666757064023&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.02&pvdTmax=255&ltime=29.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=4441520221613_781962375_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=32&apTags%3C%3E=75&mx_PC=0&wsip=mowx-istio-c5bfddccb-lrcxm&currsrc_date=2022-10-25+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-26+03%3A54%3A23&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_PnWWvQyzSEbigDhFL3vwHj_5NsOargUnIef0dOVRFtAWwexX6M5QQKGxWImGhXUbsNV&dmm_ogerpm=false&csip=rtb-common-istio-7cc5995b77-g27sf.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D616~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022102518~iurl_b%3D71581.96~url_tkc%3D2~std%3D~last%3D~vis_url_b%3D0.13~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D110%2C110~et%3D7~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022102522~vis_b%3D114.1~url_b%3D0.01~url_tvi%3D1718~smm_wr%3D51.9740~url_l%3D50~gcat%3D500996~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022102520~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw3Smog14oenF4Qx~btd%3D32326253262314255213381123275465633392366743372214630910289260215425023570931958104260608~d2p_l%3D70~3pcf%3D1.49~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D0.99~ogd2p_b%3D0.98~vurl_b%3D0.12~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D18.71~vurl_l%3D50~CI%3D2762~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D8.66~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.08~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEBNgJDmqlFt1sNw1y_CpBl8%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D2.3215482E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=1959&sf=0&cpr=0.47471755931449633
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Wed, 26 Oct 2022 03:54:25 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Wed, 26 Oct 2022 09:54:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4ADB 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 19:48:09 GMT
etag
48472445140208031
expires
Wed, 26 Oct 2022 19:48:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8C5E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69ad90299bb9a247097a75a43af64aab91cea0d01d37ee27d84d7d3007b64740

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/16092916223250062225/ Frame B362 		83 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
65b21379200b0ceb76a01a7a858f9481563b5dc5a8abd51918e8bab455fccc27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
34740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20407
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 18:15:26 GMT
expires
Wed, 25 Oct 2023 18:15:26 GMT
last-modified
Mon, 12 Sep 2022 05:31:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 800E 		0
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqu3pyv-whc1MvurvtcTkhbBeiuVrsC4cW5Dr8n_RMGooI5mc85M7Xj4CoeHh-menixA3bN8zSvICES0Y4O3EQhPoY_OmB9wwaG4VaAUY6veKBfNDROBo-x9GqTuDOMjYZXK2v4KZ4a3jLtXxqBxnRvbDVLkozKD9w9dInK7yd5dTrqlmrfVLz8W9HRLdh0IEpvE0uqWCM4b4K40HtYNWtiWSu17uqyBqHGYHU-Jtxit86VL6t6LvLZqUAPk870NB74_OImxJ8o7fRYJBzwIoeCuDn8ybrL7KIZV5FSbqCGUlzCaDSZO-nw6b1Gm07M0ptNKFG7B0VekArJUc9NLMdGKdsWxpMrIYZqKXSxhzL1Q2umjIa1Me_N5IWuJEtvo4H3Sx7Z8FCT0tl16wwFxijGrx3ntj-76qtKmW1ovv3dtXXkq_IqToE3UurcLpmcmX7AMAwbqJ-boVrV_9tiUAuAKWuo3QE0jxb1Gxa_D6Zs1grbR7xSHlsZnCJpRA5vKcHtNtFMF1vZd-3DtRxhknaXASYjdqKJs1xLIrNbBFNRfuOIbLhkuu3b8b58CpDI7J40j28hLrN8_q2-eaFyDpSf2qREbEU66j3caRPeGT6YxAqJdMdhcF8UnBJD5EmVA9v83rl03v6aD0OGUD_vT-NIX3eP1Aulf5uGcGcxdcUGjFhkzWyrogXBt6QY7GgLdQpK4LcyXJt1CiupFlz_mHllBjEwwCby2zi8m2aw6gbItAddSDMxDj99lFUdm01clrG7HqaJh4vuRXno0DOTvJxu0xcu277nYUEtzHySmKhGRQpM3uFynjZDaTtvnaezEkvCcgjVKMWXJiTR6rMCR6OpMiDlDT2RB-fabMFK0utvKrIOqc0fgVjRceXme3RAXfh9sgUhIG5i7cXwjOwqUr5McwkX-cPBV22ibHWFmwJ7Dj4sMX03qmo5IWaf4um1UHmcvaO99Hep9xUxDcEQUdRoQYm05bFCVF0dnegOgVPZyp7ceHJjRVB6UbCx-MHd3NNqDxjuRwUmMcxfwY95yvC_bA92aRUYjWabi7vF1ebhWRtKaimKxk_RVoMfv0uSElWHil5xsG_prNAl7coA-dW2PdjeODO6tGSCSJSPkwj7OJrJW59hIn8iimuLV07rjbAxvhE-ngJ80_TtJgkXPyvzJZBZ-R-NEtYMJFyNaMmftI5DPWwAfgOcZtLMoPS12yVao_QDgah29PQ4Q&sai=AMfl-YR-cge5heJe5R7B8YqAjV5N_NYUTW2z-IurxoI3fc1ezSI-xdf_ok8OklwKhTe7EzCLsh4rpCs7vMe3jbNuJtMCrrTp0VBdLLtWyPgO5I17MSyPqP1hDBq3j9VsUmiZaxMga8wtIb3AzJ0Tv34-qgmUNMRIG6DN-b2TrYmt9XyItw5LDmfJN4sIoZlH6yvwROwmyo5g_Xz68yJHrmoo6BPb1iW8Fw&sig=Cg0ArKJSzMHEkHnKwaqAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=878&cbvp=1&cstd=874&cisv=r20221020.76746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 03:54:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 0EA0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:48:54 GMT
generate_204
tpc.googlesyndication.com/ Frame D8CB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?O_helw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8B8A 		0
30 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvWOralVTZktk5VWDXfDfORkIVKUL1QmQzYuYXpW47eLhTvaXep2yXw8wTnVGL3aJbUG6ugGirVjdLCqr85619ouobsaTdmHKrLtDSmU5_DEaTmxqX8Ob618jBoOVePWQ5XQyWLASscWUyfLAukX6hiK-vYIdFryZNdpjV_UoNxCN6CTVLeY3lcTaUkwS6KF4l8bzLsSyrwAknVeGACXxn8OP-Gan23FwbDy8cgFPdjvh5MyU5s91s3c-z-NK6Wuy-8Gc3v4dlDZFkk1ot49AGASPYYlAc0MG1RtIKaAgEl767Io8NC4w-1JMkNGRnalKLiHmPKyr1Sm51N7eszLGaUqsvhGwX9-KmbeAf12VALuCVmj6SEoPlgZ2w4lmvp79vvcQLdx0C3Ov6PVVAY9efBC9J81qkyq3OrQpDZ6kZu5kZggAFHyShVyxzZ1rF4zTFXYEVTcdoou61C1-_8fPFQbDv9FbY_M7lwHOHZMZhlkTTPyqadL4M7XrTFrElewKPcqZdAoFeFaI9V4RNNXTzl_eyAjnresyzx-kVSc_W8yLrHSYxvc7j9BzjcV87ioL9KHFUe1FUlztubjKKb4IghCqXv-HNEsdzINMJfT9C24uGNmbzRb24WEy6Ow9nsXi_gpG-2W-kt_FnriQCiBGrQmMohjPEJlU9Gu0mdbFjcIVfY0jUdLkn4tSEnX8vuLMW4bX6_o-ewFIGntVkggpHKD9XPScIxh9zszfZrtqTmNdDlnSqUBSsgEz4_VKZmCOxP0BGZZA64jW757h6kDOphWvcnv22kK35Hl0dRQIWkoFJQ0N-7jEKdXbpAwA5uIZAOoAXrJO3XWVeQfdflHcJueSR2gFCZq9op25xsrPgHmaIm-BZnTzJeADjUZ2jHQZ5f80KHaeRUpVtoWbFTWtZy28cgZXNMCHaw0171dclaIqKH_maxATuAQFCtdUlu-oyhmZIZZi_jWQT1ueUKJ9RG2jz7EQLn7uBue1zlUxSOzTQ0su2h1PvqesqeQruN4q9Y0mwGrIWQN7uiTi1OwQsV7gnCTcfGwbQ_ObH0u4COfuLsqtstaBbsRaIdTUxGW2k3Tvjx5XuvncObg5CoR3GVkd5rkI7wuLJpEq7aHT4MRIGa41Larr93dtnbaXTMn8h0Jt2jB3z_iUwDp8eaK7t52WgQwM1wTxm_42dEfTrCYwXmEbNGAlSVmcZcp2FwKxgiz-qNLY9MWNmueUUq4A&sai=AMfl-YTnGLPAmzAM-iuO_hh7OdZ8yi0QHaZ-8CHToVwCAV7R21vGScjw5YQwVpKvvOSrH6MipYtctv5uXIOiO9X1TNYyGWlXLwQXckJZJ_2T1O1nmBa3opXpkza8McQXl2F1ryNdODYG5G-sb5tADGwpQaC3LrHW_dIisU7nAFPMUrzH9yfjQL8eP1OlId9-MofmsUq9U5F4CpX6gNRY39V_34J47PNvCg&sig=Cg0ArKJSzP0NWZeWgiCqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1065&vt=11&dtpt=1064&dett=2&cstd=0&cisv=r20221020.59782&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZ8LinE_Epo1k44iGFjYuWhOZEtH154cU67w7SfBI84IWw6-UYVP-E72ZKD4EE812qVhUrDIXW1iIVxB1BCbG_PGi2nw&cry=1&dbm_d=AKAmf-C1lXBy5E8Isg9bH-t45-U3rf02dmRM6RHCGkMUzq8SypAovj0MqKVKt0jMZKEwFMbXu5omQxYnyJnrkOyTst1byROWx8WZeFeapLsKCjyUfLNa_BNGmbbB05dduAtnCAZfpX8wZbYc9AFecDfT9qeSkc6kLoZk_m6NyCw7gbbQ3lRzGmVxflB7KQrQhU5bfVz1-bCXajsp9QmP81gnZf1NX6ZHcADDaZLgKBRiWAp0pWwiS2QBuZpH4_ZGBnb6EADr3Jx0h0jajJmOop2g_MmOuI7lPCEnUPuvc5VOWDbwqU83vJ2M9YVzEuUoAd7S0nRWAU7MD09UmOstAM_ggeXD_nXSMKKnP7poTdHtUqnPXuK4dOvZLYXLprl8svMj-MwU8QS4yLCPjHYr337ZFFJ1lX8R2c_fo28MSBZUyT6ba0ZPE7gIHICINxA3llTtQg4SOx3p7_BiUTMxJxTDs609SwLBNyCZEnnN9ovbW0M9b1X9oq-rHoRIFrkPrZOzRCib3SwOKtmRexwKjC0GqvOSOysetioGYBpQViIQrihZexRsxhvjUeG1itjxqHnXGWYne2N4CVOKwRJIcdPaSxIWGkY-vWdHo7UGk2Yze92mpH-2QMXpa3I9g2Il2XkxL4ROzqC7OYiFLeGS2pmZY8QiuezMw5jKM1c7hgKXHsVEeqeA7vlwuhWFreXWr9bu75TN7DESOzru9Ij8aMXj8ApiVgfLm9DChnb35zzDv69syNe3XkznlLL8YpZuWndgZDkUzACU6BmO8BKmS97aAzPMwOJTsO83TQJxgSs3umpIAPaiLr1N244xqofmzu1Y0dnFzTI7RiRDHNgWG5ws0LaBdrHf0o_lHn7XzuB6oYeIOkgx3I0AaedCsHwZGgVT16y8kO__lBLUVncctJnCNdC_kfM4pjc2YgebcE05jiX_W-dDAYp_5dIo_zFGjhyaMzSV6YwxOypv_16yMcGHtZc3HE0w80wHvpPJxAE3Rnpqq0aRC-NsNa7eS5tAUroXz7ywxBDQt9LYQ9i4EiSnk7CXR6Mbyl4lx9mUPHWidr9lyV5hqUB8COiA2_6Ztth-pojG-n8rS6AnAlVipJRW9cpgmsm2vq-e_Gq6uz6LrqqyD3gVcuWfP_pqvCDrnHK1pKyNnzS4RXcrrw7TD7u-rmxIYs84m155khhKEwo55vtDtTnbyCaQ6q1LKlFoLrh0wqL12pCqcEnapTT8GEJk4py16ka9pNiMtxF3rAHd5MiyVTpsAMkBAnbozVkow6m1bwpqD9p0-N9BAopNP5jUKiQ5X6dVybzCR90EYRln10kb92-J64NOQUVBZ79GA4JEpIAUkYsYwny0g8jPO7fc2rchuSEi0opfgiBpDTuUYKr4iVNadLhcSAb0-WizvS6r0M6wSnh9jhwzJoRZPv5remmDcdlDHyxzqTXmJ8NA7-gAQf2Eytfxt26-0nLbO0oDALqwHvLh5gu1RA6AdA4VI7-2kcG5vysK3rCH_aaRWVCo3_LsCr1lTYU7oJkh6Jw1hUy6qR8nnWO47Wg9MeEfp1WPFUu7uKGAcC6e4FiL2kF6KSMX4DXqcDc-EYDuSj5447tph1d_2S9SAo9pAlo0erPf_Hw-9Dlg4ZTWEiQYkpuuOkgfnYqpH7aqbC0LHjkXQXvgSZMqlVVG3Zh05BWuz_4ZzIG9BlGiApui-ayh3dvAnFLjMZ9cDr5jad_dMF8MqRlx2d8ujnbTuZN3MfdUdVOvqYcRngyf3EHXenFSM_RbXaOV8pnCGAvW_MMK1svMXWFWOM6wf61Gc1t0DnraqZ-m7I-h5Je957qgm3-Q2jtWyrYdPv12oqX9QE0B9zzhDQqRQL6nIVJXHHrlBsQ2OBf1xtENbrL_dxYS73BT8zlzdHoOUr-PX0RQ54rBmqkHgWlg9doCIny9PoB0EdgQbfDaSyf4livVngzPraGmYh2k2gEIV1bfYS5zn8Y6n0tTTrfnWy-jaXcViklf4DHmZvl_GDrKAqz2nahdFJikboTf9NUeowzU9FxDWPn3UfJB0dvo16NCe97qBN6Id26R1bswCAzh4E1fzLfx8lOFqQZgs2fvJytCh7oDPz62wt1j7mhGhZ0xxo-bAMaJE38-6UuIL0GrwS7SRAwwVQv8P91rxzW3_Xff-x0WhFDhP9NsmjZrNJth6WzsMDcQF4-XQzxMHNtsGj-ufX1m3dNwdwX6LfPEPmosYJr5QyYE2M89wIFuRe0JgNwqMcJ1KaJES7E2Wvh1jSAPH_R1RgOsv9Bs2w3OYRqpvHb4HxUS6VJloCxu82aa5i9Y5A3UjS6XEoo1DoqwWjPKMUpDYAlffqhtQcoC-lx5wXuBlo6f6L3txVDT-uiyt-TwZbbWKCLH7QMGN1HOEdtTPQWb3GSK-2Aps8lLPV7DyNjAun1WFF_-OwD0HMwWldMbWraC83EIcAoRPgSfRgho6KfLZWLLoHVbIkBpTJpORViqnE9mDN9rYSMOjLROyUxf-k7lyIslAo9hqY_k-6awxEKa4zlnmtQAkzcOTtH6P4-Sng1jLHLUWFD-jQd0puJ4TEwWxhxn4MZvhW1aSoDkdmN-T6y3KMK_jZltOTql5n4UyKefSciWERoEKZAcbbDqHP7xHGfZlqOhy0JoxnaH5mrezgSFzEJug19bQoje9c5IGp3K7gBBdIatKx9pdY-axs2eIN7fC8--3FeLOO8jBeVqQiGV3IdKuxQPmn6wWrUwcPZSMhHWojGfizcaXlMeS83phIw8lCn5zuvRZAwUMeNz9KQKU_K6OInVmkPjcls73mbbXdf8zNNoPVM5XbEn5DX0i-kMrP1_PqjyrZC-ngPuY3K8h6Cqtk8r1pjpaGPpdQFMFZI29Nl6QuEgMmYSMw_nwV8p1DViJW-liPPo4qqTa7XBUlRuGHFWMhzBW-oO4himlalVtc1aVg7Nato_UlE6hdQOSpq9D4qXGjtZGDnPLI-jJ8FjBhq3-o60fyVfk9p8Jlu7NEXJ1r3-zi4s9wr-xehkD6j7G-f12B9vLtcGkZrCgs9bOnSyiRd_hkjLqU-P899Y-ZDk1VDWiq27k8NYh0A-omnYcnwum7n-nFCmkzfdgepVB5VQ96gPu4HbsLLJuHsSj-V2CqYWxXD4xlPHlK7FYfsjMmvN1ktGkA1V5PEmDErMORcO_anf0QBLgYdkaq5_VPdD-G4C7xSMXRIsRn55N2Jm5VnYbOIkmxcidZxXtkWmPych4_LoFmfbAeQpM9DRvFIPvdy_PxpG-SVAPL6zD-OKEkRpUgS1Rz2PcRd1wm3jNP9qAdMcREThprPYWzSW-5JrqZ1ZJqVwrSYfrWJveVrWqpmhLbDmd0ryoS9H74s53w8K3qdfCH0XsRkbi1vn9fKcBf5N&cid=CAASJeRoC4oVo3jSLk9uBGUb4KxL9xc8DSWDcCxbxkKtHDjpZaN0eZg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame 4ADB 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEHAD6naT1ZwxvW27-nQHe8s&google_cver=1&google_push=AZmPxg9UOfagWowZRug7BRybkSLe-zlur23TpjLVBR7dhdNOPwLvbfZl5xazE6m9zCE1WP1CEu7wNHZzqI11VRyAshNOhVnynDt_SnM7AtqMB4ZTWrKWVRWHMq7DQIjGs7A8EknO1ygxZ6U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9UOfagWowZRug7BRybkSLe-zlur23TpjLVBR7dhdNOPwLvbfZl5xazE6m9zCE1WP1CEu7wNHZzqI11VRyAshNOhVnynDt_SnM7AtqMB4ZTWrKWVRWHMq7DQIjGs7A8EknO1ygxZ6U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76004028cccea949-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ADB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE043Orwpg0s_Um5wEY5YNk&google_cver=1&google_push=AZmPxg9Sao2soP2VjXNEiwhiTt8lGdZzfafH83Hbm2Z9uC6CmJajyM-QkGQLIbJDUB8fY9w-cqhIv_PY9RbNq2DIhr...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTZkMzQwZjgtZjI1Mi00MzgyLWFhNzAtZTk0YzhmMjUwZjg1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e6d340f8-f252-4382-aa70-e94c8f250f85
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTZkMzQwZjgtZjI1Mi00MzgyLWFhNzAtZTk0YzhmMjUwZjg1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e6d340f8-f252-4382-aa70-e94c8f250f85
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTZkMzQwZjgtZjI1Mi00MzgyLWFhNzAtZTk0YzhmMjUwZjg1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e6d340f8-f252-4382-aa70-e94c8f250f85
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 4ADB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg8oAMPV2Dt2tIB2du6UT57MpWFe31jLWEzTjfLNhkF4zLFj75QrFf1yAQKUZFUSe72BJcGxxrhZ...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG2mc6eXEBdCNXqA2nrEfwk&google_cver=1&google_push=AZmPxg8oAMPV2Dt2tIB2du6UT57MpWFe31jLWEzTjfLNhkF4zLFj75QrFf1yAQKUZFUSe72BJcG...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMjkwMjczNjY4NzMzNzA4Ng&google_push=AZmPxg8oAMPV2Dt2tIB2du6UT57MpWFe31jLWEzTjfLNhkF4zLFj75QrFf1yAQKUZFUSe72BJcGxxr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMjkwMjczNjY4NzMzNzA4Ng&google_push=AZmPxg8oAMPV2Dt2tIB2du6UT57MpWFe31jLWEzTjfLNhkF4zLFj75QrFf1yAQKUZFUSe72BJcGxxrhZlh_xyvAdljZp7XR4WYuSggL6lIsMAN_zLWWzOQLuTbDXcq5D3Y7uvD2PHb1OxA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMjkwMjczNjY4NzMzNzA4Ng&google_push=AZmPxg8oAMPV2Dt2tIB2du6UT57MpWFe31jLWEzTjfLNhkF4zLFj75QrFf1yAQKUZFUSe72BJcGxxrhZlh_xyvAdljZp7XR4WYuSggL6lIsMAN_zLWWzOQLuTbDXcq5D3Y7uvD2PHb1OxA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4ADB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_cver=1&google_push=AZmPxg9BnsddJRUhBo4Z5EQbaPZGx1GhVlaETZJjXUsYQxEaeK15LMQTXaGBd1GUSb5Sc2Xc2FZRfndKFBLBJ...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECinFddAdd4UMI0JzqGe-8I&google_push=AZmPxg9BnsddJRUhBo4Z5EQbaPZGx1GhVlaETZJjXUsYQxEaeK15LMQTXaGBd1GUSb5Sc2Xc2FZRfndKFBLBJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9BnsddJRUhBo4Z5EQbaPZGx1GhVlaETZJjXUsYQxEaeK15LMQTXaGBd1GUSb5Sc2Xc2FZRfndKFBLBJoRyI0lwznLFfl6NLHZToA4ubq_0Alp0Ip9--At3hJUZrji...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9BnsddJRUhBo4Z5EQbaPZGx1GhVlaETZJjXUsYQxEaeK15LMQTXaGBd1GUSb5Sc2Xc2FZRfndKFBLBJoRyI0lwznLFfl6NLHZToA4ubq_0Alp0Ip9--At3hJUZrji6oHbXo2i7W0Q&google_hm=Q29fWjVyWUp5b1JRR2ZiUU9KcE4=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9BnsddJRUhBo4Z5EQbaPZGx1GhVlaETZJjXUsYQxEaeK15LMQTXaGBd1GUSb5Sc2Xc2FZRfndKFBLBJoRyI0lwznLFfl6NLHZToA4ubq_0Alp0Ip9--At3hJUZrji6oHbXo2i7W0Q&google_hm=Q29fWjVyWUp5b1JRR2ZiUU9KcE4=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
279
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ADB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE0kdM3XL_vmz85GWrWJnJY&google_cver=1&google_push=AZmPxg_Lj6UHkNHpvCY2icbMZJ1CVnWWZvuWQ_56xERNdjbLI4bVzFmbc5ZLcpToHq73HXhVzdw3TpBfYjQzKgB...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Bl63L--BRQ1LG5GJ-xeZnq310VE&google_push=AZmPxg_Lj6UHkNHpvCY2icbMZJ1CVnWWZvuWQ_56xERNdjbLI4bVzFmbc5ZLcpToHq73HXhVzdw3TpBfYjQzKg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Bl63L--BRQ1LG5GJ-xeZnq310VE&google_push=AZmPxg_Lj6UHkNHpvCY2icbMZJ1CVnWWZvuWQ_56xERNdjbLI4bVzFmbc5ZLcpToHq73HXhVzdw3TpBfYjQzKgB0OB_NxOnCY-Mn9BxQfLk2C3nrAmsLtMXfxQPVMGXCQDKcUgavnocKpnE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Bl63L--BRQ1LG5GJ-xeZnq310VE&google_push=AZmPxg_Lj6UHkNHpvCY2icbMZJ1CVnWWZvuWQ_56xERNdjbLI4bVzFmbc5ZLcpToHq73HXhVzdw3TpBfYjQzKgB0OB_NxOnCY-Mn9BxQfLk2C3nrAmsLtMXfxQPVMGXCQDKcUgavnocKpnE
Date
Wed, 26 Oct 2022 03:54:26 GMT
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 4ADB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ky2rv4L3cNwO7T2S5_Eiw4HPiV0IU6VxVdZrCxLHFyjMlvlrU-jviS6kA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48E8 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B71EIcK9YY_enLeqZssUPnu2DkAEAAAAAOAHgBAI&bg=!lpWlldHNAAaaxvStusY7ACkAdvg8WoT0c_IbmvA_hELTfhLCzFoIYdvgjyGjARVfw_U5DwPaJjrKGgIAAACsUgAAAARoAQcKAEtf0s71HmK2kDXjPSBE0MaYYqsOTwfaCw-tyzIj6RcIYqJEO-cG5T1kKoEv5MgGreW2J3uYRvaxpS6KQ4Z1tnnkwSuC42ufxBqMU4SZAvuleJXzMZbBw0iRBxsNNmBFXzE3hQWs4cabL9Y2MDM3npTsoi_tD4IOK_K4KlwJAgGryve2WtGlg090aNLQwL8VTB10HTi6yE9HBp_KvGh4QPDODDR1dDl_K0xIPpS_sx6ba_nd1jpg8qpyZoLDGQ2l766l5hMxtzWQmT2vJ-5boAnpC0kjW7Kx2-FYlpPfg6ZRRvA6usY20QAo31of3dPq9g7uEkrTeHGriFPhsqzxEHZ6VJjz-UeNCXJfSeap0uVX_wNpEp0VJL6i3qFgwbpxsjVgUkjYKzEa_wwlM_l7waTesyJa0i4LXUjXFQvfrS8D9A5zPbSvxnCoQBaVazY2MbKW04E33qzzsCk59cLiUrpvxutzFAsIPh3j9GF6dxEXJ8wNYs4yJArvHZyo7uSk2ydGcmx6psQKtz7t9OPJMoTfiPjUVVmjeBFO-ItYIFfcbgndEx9NT3tGqda2R-ok8LcaVArBB5i_Vsn-NyZTvAkTLMzj3MflBUkjmRAHQYz3FLWU9QqWIKvdLnmPHu8KMyb_EdM7mgLncx1k0KvgSDorE7gJycp6pDtqOLs5HqD5oXKBfLhMWoUlhbHkpEyCOd6qrkLQUqBONvcoWStltDir3p5FxliuQzXroxdfU6ToaYDOf5kL9DRf5StK90k55m6J1vypTDPz3b6xNMLMcuOLZkar1Kiu_hedKOI0x891f9pJ7SVNY8CV7JnXgTcYiMd0drDpknaaUReoE5YON21n0IMmQkVqFircrB1ZGwV2rlBCE0QYlGLarMjgVylLRQzoe8AmsKjJec_LYfPW-D_z-al6t9cFzZIjcRhVaCZazxxNBiuHguvrSxcx8H395CTkLFMhvxeyrWz7mYA8SlT5tGSSVT__dPtO_itRaOAKurnPekAo2WJj25Vky0sclItT9i5GL5BIMx3x_xlrfbhMBMhzU4Qh8Jg7r-Jg3ifUiF3iVQT1ksbv-dmn13iP9o6IkhTYqQtTAdjskj2-6KaDCCT7lpGoCH43
Requested by
Host: f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
URL: https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 0296
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA5NzU4MDY1NjgyNzMxMjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEEqeaSjf6zhRg-jbbG7TVpE&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEEqeaSjf6zhRg-jbbG7TVpE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 26 Oct 2022 03:54:26 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEEqeaSjf6zhRg-jbbG7TVpE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 0296
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e6d340f8-f252-4382-aa70-e94c8f250f85
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e6d340f8-f252-4382-aa70-e94c8f250f85
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 26 Oct 2022 03:54:26 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e6d340f8-f252-4382-aa70-e94c8f250f85
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
activeview
pagead2.googlesyndication.com/pcs/ Frame 800E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzOYknWwqEQWuhYPaUtDmXmyRUjrRzMgAqgyg2Y99LvKEht-Bz-uVJyEBS7ti8evc7DC5OryLFWgjqMT9vBCpQhRFyXC3Ca4PHCzSnZ9lcxXXck8LFf4TYWN5i6cfImk5Wf0Y&sai=AMfl-YSvSAVnkZsurcdzzK2OrV4h-PfiMpqX-QQaiWTyrFk-cVFqGou2z3t6MriCoSvTX9O6ymb40mh6W3uuAGL8ZY5cZIApjT2SgIGrpxs0YjU85GEWiUWtqutCoEnNExc&sig=Cg0ArKJSzOwbcFbSzsbLEAE&cid=CAASJeRokM37oyCseg_J_9AUrji0yQauVNOfqQU4K1f4yXO0GCBqeK8&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666756464396&rpt=824&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame B362 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 04:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Oct 2022 04:36:26 GMT
truncated
/ Frame 0622 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0622 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0622 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 0622 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5304&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QlLXHHi0lLyGOS4X8N6VS5gwoRNkm9fNhiEexZ7zmLlharsgtHAiT-eJjTD9TQTfWzJOWEfCYfH3PQJsI25VLkfkHcOkTNOTs&cme=eWtWNZ7ATZvamr_Pe3xjCe3BQV-plWMnSPo8dqbf5Un98Cimt5SYejBcbJW_5auugTsTYlSj4uRQT7otGdianEF5z19js58ERvbJG7DZFf3fcTMbKgpxqLSYpGQStOhOWi5YbF42dj_Wp-GEKkjoBLDIbmbm4ZD8lUHlFmdxt_6ZgXcpFMBhqdRIpBUtFprk27zz3aJ9BfAWmAL4PI0nxe2Yrmcin8ht%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7Ct9MPFyjImcVEDIhTXWhscRC9k565Az40ehWI76mdHp0InR0cmZBjF6N1lpWdIGQfnXYAvnX4ZK4qJOqGnnxjwwDLAhhUNrCmAuHZFmJ-Bl7LUPWFKJhZ5Ttvc8ya-593lAuxk1H91eYOa_ssrSO3kKqsDwN1pzfK1faQEN2UlUPaWOZyyGki8Rg81H27fxP6sasZxY7xLaaq-3_LJ2w2zTMuAD46N5Ty%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721644&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Best+High+Return+Investments&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=326649050&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.49%7C10%3D6.70%7C63%3D0.05%7C62%3D1.57%7C12%3D1.43%7C60%3D3.14%7C1%3D2.52%7Cps%3D0.989%7C3%3D0.64%7C4%3D4.35&ktd[]=1126174801920256&ktrkt[]=Best+High+Return+Investments&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.49%7C10%3D6.70%7C63%3D0.05%7C62%3D1.74%7C12%3D3.08%7C60%3D0.09%7C1%3D1.05%7Cps%3D0.989%7C3%3D0.50%7C4%3D2.60&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=329544111&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.49%7C10%3D6.70%7C63%3D0.05%7C62%3D1.87%7C12%3D0.43%7C60%3D0.60%7C1%3D0.60%7Cps%3D0.989%7C3%3D0.88%7C4%3D3.27&ktd[]=1126174801920256&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=30111142&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.72%7C10%3D6.70%7C63%3D0.05%7C62%3D0.66%7C12%3D0.90%7C60%3D0.12%7C1%3D0.67%7Cps%3D0.989%7C3%3D0.09%7C4%3D4.69&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Vitamins+for+Memory&kwt[]=390&kbc[]=265%3A%3A41339&kwp[]=5&kid[]=3494166&kbc2[]=fdb_ty%3D391%7Cfdb_bs%3D1224808752%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.97%7C10%3D6.70%7C63%3D0.05%7C62%3D0.61%7C12%3D0.57%7C60%3D0.35%7C1%3D0.48%7Cps%3D0.799%7C3%3D0.25%7C4%3D4.52&ktd[]=1126174802198784&ktrkt[]=Best+Vitamins+for+Memory&cid=8CUABW64L&vi=1666756464322146325&tdAdd[]=ib%3D0&vsid=3097580656827308&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=816&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721644&vgd_nrrv=64005&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1666756464162078275&sttm=1666756465724&upk=1666756466.18959&hvsid=00001666756465724029185682735487&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3097580656827308&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvFuF~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ffu9fXuW~8xLjMGvhuXWu.iF~xLjM7UNvf~Q7Ov~j1Q7v~e8QMxLjMGv9.uA~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vuu9%2Cuu9~J7vh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffu9fXff~e8QMGvuuH.u~xLjMGv9.9u~xLjM7e8vuhuW~QYYMBLvXu.ihH9~xLjMjvX9~yN17vX99iiF~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ffu9fXf9~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBAbYmyuHmJzsHg-~G7OvAfAfFfXAfFfAuHfXXfuAAWuufAfhXHFXFAAAifAFFhHAAhffuHFA9iu9fWifF9fuXHfX9fAXh9iAuiXWu9HfF9F9W~OfEMjvh9~AENkvu.Hi~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.ii~myOfEMGv9.iW~exLjMGv9.uf~QQvIK~x8Bvou~NJv9~LEQMGvuW.hu~exLjMjvX9~%3DVvfhFf~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvW.FF~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.9W~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4RIy6rY%20js7uQIBu5M%3DERjW~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7Lvf.AfuXHWf4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXX&vgd_optout=0&vgd_cfud=220331&vgd_scsver=342&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001666756465724029185682735487&subBdr=186&bdrid=313&rc=0&rand=1666756466452&acid=e79d4c7cc4974d7aa20e5622330dae6e&matm=1666756466452&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2353&vgd_rtime=2349&vgd_etm=10&vgd_l1hcsd=Sx3n5%7C7020&vgd_l1ch=1&vgd_lhl=2818&vgd_pgid=p0384125018t202210260354&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7cc5995b77-g27sf.SG&vgd_sbSup=1&vgd_nrrs=64005&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Wed, 26 Oct 2022 03:54:26 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=60016
content-length
15
log
lg3.media.net/ Frame 8C5E 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUABW64L&vi=1666756464322146325&hvsid=00001666756465724029185682735487&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=634&l2s_downloadTime=71&l2s_total=705&l2s_start=1627&l2s_sslTime=0&l2s_trfSize=33.1&l2s_decSize=90.1&l2s_encSize=32.8&l2s_nhp=h2&l1s_dnsTime=4&l1s_connectionTime=635&l1s_waitTime=982&l1s_downloadTime=608&l1s_total=1591&l1s_start=11&l1s_sslTime=319&l1s_trfSize=56.4&l1s_decSize=164.2&l1s_encSize=56.1&l1s_nhp=h2&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756463246&bpp=11&bdt=250&idt=313&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=8639079947356&frm=8&ife=1&pv=2&ga_vid=1451484357.1666756464&ga_sid=1666756464&ga_hid=680471834&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017&oid=2&pvsid=3611008878919813&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.spwumvexlvlv&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 26 Oct 2022 03:54:26 GMT
null
s0.2mdn.net/sadbundle/16092916223250062225/ Frame B362 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16092916223250062225/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:26 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 26 Oct 2022 03:54:26 GMT
Disclaimer_1.svg
s0.2mdn.net/sadbundle/16092916223250062225/ Frame B362 		80 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16092916223250062225/Disclaimer_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
30593e594e32933bb21f704bd0677d03e1af52ba1b00871e03bb13ecd65f3131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 18:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 18:15:27 GMT
Text_1_1.svg
s0.2mdn.net/sadbundle/16092916223250062225/ Frame B362 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16092916223250062225/Text_1_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
369606c0ab29e7957d29a69f6f9384fb5c3ec86c1b1c26844b3e055deaae8e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 18:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2872
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 18:15:27 GMT
Text_2_1.svg
s0.2mdn.net/sadbundle/16092916223250062225/ Frame B362 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16092916223250062225/Text_2_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
e3f43a898aaf26771fc8f01333277fce7b7e8b361f8fb8c24b4f5c7b8bf80fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 18:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3286
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 18:15:27 GMT
Text_3_1.svg
s0.2mdn.net/sadbundle/16092916223250062225/ Frame B362 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16092916223250062225/Text_3_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
6138df37d8f9103a4de90759d0d94718c0a9d7bf492a4b3d9744677c07448560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 18:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3286
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 18:15:27 GMT
Illustration_2.svg
s0.2mdn.net/sadbundle/16092916223250062225/ Frame B362 		41 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16092916223250062225/Illustration_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
33ea169a4d91ca0a8be1a08f4a25efed3099e6554d74de2c91f0425e3e4522e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 18:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12516
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 18:15:27 GMT
Background_2.svg
s0.2mdn.net/sadbundle/16092916223250062225/ Frame B362 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16092916223250062225/Background_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
66b654e131c69e5a91130dbea071278f0aaf9435812b36986b8a958b5fca49f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16092916223250062225/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 18:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5616
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 18:15:27 GMT
truncated
/ Frame B362 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame BF6A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=14388017653826&bg=!TU6lTgrNAAaaxvStusY7ACkAdvg8WhSj-OX38K8C62z82Aw6ZIT-I22ffpt0-M1E9Nzjpehf9NYDeAIAAACqUgAAAAJoAQcKAMrXg1lH1Qy6scVuVZaQzsqQdKhVZlKwrQT5oqtmcKNliiAmw8mmgmEfWwzQ3aEJ-P68iAysD1hbbvZ5mGT54C6TaF1BBulGniItxoB6F4nySMEYKT2YCqmt4WjI78c26GA5TAvH3Eo0oxUV2LYEG1RzmUuJl7gtRrRrgBRpczpGhTz7cUlIt3B6Bja2ku1tSiMvCkAF4lghTgR4-8pIDplHrI-8uuRDaUCYkki89v47kxX1L3udAOyIj41feFQQjBqZ4TkuuFeEChb2mQK9D65kJZ_SXx9GRPo1Kdu_971VPZOCkjpv-XN7ZWQ4-lD_6fx06RlMZMm7ueifWQmrfGhXozPQf6e8Mxeo93-RjaUV4UbBpo9dPXIxtakAkVRumgsKBaq5SkijVHOSnx9ME_y3VRNj8HEaO3Gi2rVG1SaEKXBi81kEQEoQ3P0Zeyyv6TpZXGqgztWkmsntKUhotF0a3IdWIJCQKHEuRlZdDIL9qNOdZfaM3-q5V_24ov0Hzkc9ZD9wTLIy-L-ahjX5KlzlvJFaY_pwIdFI3DwV2slWHvqySmFUn3fA86Xt0kWehCs8niRgwKDhYaKFL6DfQomH5UDkrjLppuXLKVpbzELnMwOMtJ7U_sTbg2DIEpxVtorevNSoHt7Sno5umD6ZUNHN1wvNUujIbMFgMcYFq1gaAiQCrsLW7KaTaVBufr8gSDkMLUb8Q97i-Wa_elM8TZCKYeXJZS5MRE3nz5ANjZX63_whmW2u0SvPJ5XCc0ZRULwY1CbJRKCslBqc_CgMl_0wIh5H_Cf4fvOg0WN66JPkB-oBajs6UTVBNhLRnx-293EiTXprsg2q5XbOkwRG7U7UGCGjVskpDt4E2GfOSAKiUCZ8CLYrjvGQQpAr-em8sQJGQ0LqtujrYElOdGC32SSr3KQZiSAvnvE5lWvVkZQaV2B8e6UADDH8ZQ9pFX_2IIr3qLOQMLT9UHFo29zDEgbCay-rE6gKOOWmBu4egWVcIKogMXWnYbMvQWkSTiCXDa67WtPTW6I5ETAXn4uiok6qGBQaTNIKucYYlgHTrgiNiwtdY75z5bkYhSm7vmznCdcmMLKlMOpB-SmlxgSrMsrH0tABklL175vYXFyf9TGau_SB_P_j4cIQZCXxAc1yVCTFqpbTPAUPNWziuAydAvuKdMPzhOib2wEgB5dOkxxKbmLeRIir5VUWD8g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 26 Oct 2022 03:54:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
472459
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		341 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f7e96b76c5b204bc5339ca6fd4ab9f2a3baf9cb71a1ede7e2e9cf7b9765b8b53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
548698
expires
0
rid
match.adsrvr.org/track/ 		108 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
cba6806c4948374ec21fe68600ba4d510c37954c36f45ca7499c39382960742c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 03:54:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 25 Nov 2022 03:54:26 GMT
sync
eb2.3lift.com/ Frame CEB9
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
d556dadfba1741b99d7b74b39c0be2ac018ad617c4d405b8aab8a51813307a8e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1083
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 03:54:27 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 26 Oct 2022 03:54:27 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5154 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
84320
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 26 Oct 2022 03:54:26 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
52, 50280
X-Served-By
cache-lga13626-LGA, cache-syd10162-SYD
X-Timer
S1666756467.900565,VS0,VE0
sync.html
public.servenobid.com/ Frame 5008 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.72 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1365
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 26 Oct 2022 03:31:43 GMT
etag
W/"73e6cbdab99355b35d71abf2ea225ccb"
last-modified
Fri, 14 Oct 2022 20:27:38 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 b2e1326b370630a6e99a66735129eb18.cloudfront.net (CloudFront)
x-amz-cf-id
W26-MlgAgCOom7wKLOmJKqoC6sm96b3fXjPlXLQh9HEcF6Fzg071ZQ==
x-amz-cf-pop
MRS52-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:3af1d685-3010-4d5a-b093-b3a07cfff8d4
x-amz-meta-codebuild-content-md5
7549bc6c6d823788ee0fb3e82c36711f
x-amz-meta-codebuild-content-sha256
a4bfb92c455b4ab78db908287ee14cc08cc0080652f1ca29578852e9526e8fda
x-cache
Hit from cloudfront
isyn
prebid.a-mo.net/ Frame D39A 		2 KB
789 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
f3c9962255e03bd78f7a6fbaec84df5cd5c1ce8a8a4b33645ae4380c2985ef16

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
701
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 03:54:26 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
checksync.php
contextual.media.net/ Frame 70D6 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e7540544e1fcaf222ae72ce56517f3c439e059e556cd87e4b552a022a5270c01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11834
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 03:54:26 GMT
expires
Fri, 28 Oct 2022 03:54:26 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame F1C7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Oct 2022 03:54:27 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame CEF6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1195
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7600402e3dd7aaff-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 03:54:26 GMT
expires
Wed, 26 Oct 2022 07:54:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D23D 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1666756462638
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame D6F9 		533 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
564be46d0300ed0f58f4cdd1590bf7da05fdb169fb4f621241c7986fd1ef004d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Wed, 26 Oct 2022 03:54:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sodar
pagead2.googlesyndication.com/getconfig/ Frame 88B5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
225c140b4af3e65d119cb0b20b8579d31f46f418d7c28e3050842fa89fc43cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11103
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8DD5 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js?bust=31070467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
c5a7edd389525b22e18d1f3ae131c5ef0bacbbb9fc1b65ad5cc24063b1bcaf3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11308
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 38E0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunHv1c27s4vapFrVStuhPuo3VkHbeqrqTQXbkvAB1qymTiWzWvezFkR-4htK-4QYuMLqWvMourOWCLsJyomacWPc6VYqrS_aZQ2Gg31hsZT0DvlU5v1nUcPa1OW3YNgPbcMlo&sai=AMfl-YRZ6IlkCszrSY6MwnTtFx64SubCC1tQDEgcw4xGzAEPVO06zYukUECb_9aGvVMYDhrhF3K4P26FNgpX2TMGlTVSw4Dj0wh5M3zBudUK8x8s44_y38ZMwDG-A0b1Beg&sig=Cg0ArKJSzLkBl9LxWdzIEAE&cid=CAASFeRoaRGZ_bZEoykQ8L3-nFyp8ocU9A&id=lidar2&mcvt=1000&p=60,236,310,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666756464392&rpt=1401&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D6F9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8865220097830755215&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8865220097830755215&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8865220097830755215&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame D6F9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=f7bcc2b4-9e79-7d10-e25d-17db10d63042&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e6d340f8-f252-4382-aa70-e94c8f250f85&ttd_puid=f7bcc2b4-9e79-7d10-e25d-17db10d63042&gdpr=0&gdpr_consent=
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e6d340f8-f252-4382-aa70-e94c8f250f85&ttd_puid=f7bcc2b4-9e79-7d10-e25d-17db10d63042&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e6d340f8-f252-4382-aa70-e94c8f250f85&ttd_puid=f7bcc2b4-9e79-7d10-e25d-17db10d63042&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame D6F9
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1ivc8Co8YEAAIhGlnoAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1ivc8Co8YEAAIhGlnoAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
49
Date
Wed, 26 Oct 2022 03:54:28 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":49,"gdpr":false,"ipv4":"173.245.209.81","key":"Y1ivc8Co8YEAAIhGlnoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad198"}
X-SO-Key
Y1ivc8Co8YEAAIhGlnoAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad198
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1ivc8Co8YEAAIhGlnoAAAAA
Cache-Control
private
X-SO-HostName
m-ad198.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
484
Content-Length
0
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
X-SO-IP
173.245.209.81
sd
jp-u.openx.net/w/1.0/ Frame D6F9
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AaIdodanVDvcks8ADv_jCjsLEs8AAAGEEm1b4Q
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AaIdodanVDvcks8ADv_jCjsLEs8AAAGEEm1b4Q
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AaIdodanVDvcks8ADv_jCjsLEs8AAAGEEm1b4Q
cache-control
no-cache
content-length
0
x-amz-cf-id
PZ6j44sLyv5sw9PZTJuCNuRPCtHJPktjIymILntoqbQF9j3ZiTnEWQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame D6F9 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJkMzExN2UtNTcwZS0yM2I0LWY3YmQtNGQ2MmRhMzRmZTIy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D6F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKtucYpv3HlfFDL0WYMqwSc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKtucYpv3HlfFDL0WYMqwSc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKtucYpv3HlfFDL0WYMqwSc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 88B5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:27 GMT
cframe.js
assets.a-mo.net/js/ Frame D39A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.159.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2381c75b309a8f0f82debe714c04654b8132f97178a4f5c5c17ab45073e18aeb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SYD1-C1
age
74
x-cache
Hit from cloudfront
last-modified
Tue, 25 Oct 2022 14:12:32 GMT
server
cloudflare
etag
W/"db5599b3fa3d7ca49738d47a33e922c1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7600403029fea81d-SYD
x-amz-cf-id
w8llQkGYo9XY5YBQhm5BrZuQ1Nw8DtPR2neJzP-Rk6yZOxsgX2whbQ==
expires
Wed, 26 Oct 2022 04:54:27 GMT
async_usersync
ib.adnxs.com/ Frame 5154 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:27 GMT
AN-X-Request-Uuid
fd490a5d-6d47-4edb-b340-c5be39d089c1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CE93 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41388a12db434ac6b0d8be1fa707f914a8128ce259a657522565f9b6c5fd755d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
760040304cfea837-SYD
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 03:54:27 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 8B8A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU_hbHf-fkGtN3HfZfgW57jH6tqEPr30EYaqzKyOPWxLdWuuA0goM1wEeTFwr6ryp4OD3EjgIRK1Ejs2MTRu_Y25GmmHkLbff4d5RLipd9Ec69Rc6pjBaw2ddn3jgnDN1gCwY&sai=AMfl-YQhmhSXYw0ncCSJyXWiCS3IJKFh_k2clSR-qU2Vop5HMwDJeXGYy0haSrOYTB2CRoDTngff61glj0RDam_XhTQ7akhCKUO5S6skiMwfJUmplBygYKUsemwTAGTghfU&sig=Cg0ArKJSzBZGr_W7ulVIEAE&cid=CAASJeRoC4oVo3jSLk9uBGUb4KxL9xc8DSWDcCxbxkKtHDjpZaN0eZg&id=lidar2&mcvt=1005&p=300,5,900,125&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666756464400&rpt=1578&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8DD5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js?bust=31070467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 03:54:27 GMT
sync
gum.criteo.com/ Frame 70D6 		61 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
686937
expires
60
usync.html
eus.rubiconproject.com/ Frame 0A97
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
0
0
cksync.html
contextual.media.net/ Frame 70B1
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Drkt%26refUrl%3D%26vid%3D675646707530975806568273080...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3097580656827308000V10&type=rkt&refUrl=&vid=67564670753097580656827308000V10&ovsid=1972928490758014420
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 065D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dpba%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=22068
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 03:54:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 26 Oct 2022 10:02:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 70D6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dapx%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=apx&refUrl=&vid=67564670753097580656827308000V10&ovsid=4251134718965978439
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=apx&refUrl=&vid=67564670753097580656827308000V10&ovsid=4251134718965978439
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 03:54:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 26 Oct 2022 03:54:27 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:27 GMT
AN-X-Request-Uuid
29549d6e-051a-4c03-beaa-7f6c9241366c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=apx&refUrl=&vid=67564670753097580656827308000V10&ovsid=4251134718965978439
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 70D6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3097580656827308...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3097580656827308000V10&type=opx&refUrl=&vid=67564670753097580656827308000V10&ovsid=3f90ab2b-3579-47f0-8112-69b5a239a29e
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3097580656827308000V10&type=opx&refUrl=&vid=67564670753097580656827308000V10&ovsid=3f90ab2b-3579-47f0-8112-69b5a239a29e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 03:54:27 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Wed, 26 Oct 2022 03:54:27 GMT

Redirect headers

date
Wed, 26 Oct 2022 03:54:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3097580656827308000V10&type=opx&refUrl=&vid=67564670753097580656827308000V10&ovsid=3f90ab2b-3579-47f0-8112-69b5a239a29e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 70D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dmma%26refUrl%3D%26vid%3D675646707530975806568273...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=mma&refUrl=&vid=67564670753097580656827308000V10&ovsid=c1156358-af73-4f00-a2c4-b465787f34e4
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=mma&refUrl=&vid=67564670753097580656827308000V10&ovsid=c1156358-af73-4f00-a2c4-b465787f34e4
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 03:54:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 26 Oct 2022 03:54:28 GMT

Redirect headers

Date
Wed, 26 Oct 2022 03:54:27 GMT
Server
MT3 4539 98cc2da master hkg-pixel-x1 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=mma&refUrl=&vid=67564670753097580656827308000V10&ovsid=c1156358-af73-4f00-a2c4-b465787f34e4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 Oct 2022 03:54:26 GMT
RX-9d536ec9-5e82-4aa8-920d-5845863682bd-004
sync.targeting.unrulymedia.com/csync/ Frame 70D6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D67564670753097580656...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D67564670753097...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2761916041
  • https://sync.1rx.io/usersync/tradedesk/e6d340f8-f252-4382-aa70-e94c8f250f85
  • https://sync.targeting.unrulymedia.com/csync/RX-9d536ec9-5e82-4aa8-920d-5845863682bd-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dr1%2...
0
0
cksync.php
contextual.media.net/ Frame 70D6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Ddxu%26refUrl%3D%26vid%3D67564670753097580656827...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Ddxu%26refUrl%3D%26vid%3D67564670753097580...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=dxu&refUrl=&vid=67564670753097580656827308000V10&ovsid=hxBWbXHw1ONxuP5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=dxu&refUrl=&vid=67564670753097580656827308000V10&ovsid=hxBWbXHw1ONxuP5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 03:54:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 26 Oct 2022 03:54:28 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-062a250e8c9e3d8af@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3097580656827308000V10&type=dxu&refUrl=&vid=67564670753097580656827308000V10&ovsid=hxBWbXHw1ONxuP5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 70D6 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
193753
expires
Wed, 26 Oct 2022 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame 70D6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D0a108aa2-95c5-4b82-a319-50c903275a...
0
0
23178
stags.bluekai.com/site/ Frame 70D6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dzem%26refUrl%3D%26vid%3D67564670753097580656827308...
  • https://stags.bluekai.com/site/23178?id=Co_Z5rYJyoRQGfbQOJpN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0
sync
rtb.mfadsrvr.com/ Frame 70D6 		0
0
um
cs.emxdgt.com/ Frame 70D6 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Demx%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.43.227 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:28 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 800E 		0
30 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqu3pyv-whc1MvurvtcTkhbBeiuVrsC4cW5Dr8n_RMGooI5mc85M7Xj4CoeHh-menixA3bN8zSvICES0Y4O3EQhPoY_OmB9wwaG4VaAUY6veKBfNDROBo-x9GqTuDOMjYZXK2v4KZ4a3jLtXxqBxnRvbDVLkozKD9w9dInK7yd5dTrqlmrfVLz8W9HRLdh0IEpvE0uqWCM4b4K40HtYNWtiWSu17uqyBqHGYHU-Jtxit86VL6t6LvLZqUAPk870NB74_OImxJ8o7fRYJBzwIoeCuDn8ybrL7KIZV5FSbqCGUlzCaDSZO-nw6b1Gm07M0ptNKFG7B0VekArJUc9NLMdGKdsWxpMrIYZqKXSxhzL1Q2umjIa1Me_N5IWuJEtvo4H3Sx7Z8FCT0tl16wwFxijGrx3ntj-76qtKmW1ovv3dtXXkq_IqToE3UurcLpmcmX7AMAwbqJ-boVrV_9tiUAuAKWuo3QE0jxb1Gxa_D6Zs1grbR7xSHlsZnCJpRA5vKcHtNtFMF1vZd-3DtRxhknaXASYjdqKJs1xLIrNbBFNRfuOIbLhkuu3b8b58CpDI7J40j28hLrN8_q2-eaFyDpSf2qREbEU66j3caRPeGT6YxAqJdMdhcF8UnBJD5EmVA9v83rl03v6aD0OGUD_vT-NIX3eP1Aulf5uGcGcxdcUGjFhkzWyrogXBt6QY7GgLdQpK4LcyXJt1CiupFlz_mHllBjEwwCby2zi8m2aw6gbItAddSDMxDj99lFUdm01clrG7HqaJh4vuRXno0DOTvJxu0xcu277nYUEtzHySmKhGRQpM3uFynjZDaTtvnaezEkvCcgjVKMWXJiTR6rMCR6OpMiDlDT2RB-fabMFK0utvKrIOqc0fgVjRceXme3RAXfh9sgUhIG5i7cXwjOwqUr5McwkX-cPBV22ibHWFmwJ7Dj4sMX03qmo5IWaf4um1UHmcvaO99Hep9xUxDcEQUdRoQYm05bFCVF0dnegOgVPZyp7ceHJjRVB6UbCx-MHd3NNqDxjuRwUmMcxfwY95yvC_bA92aRUYjWabi7vF1ebhWRtKaimKxk_RVoMfv0uSElWHil5xsG_prNAl7coA-dW2PdjeODO6tGSCSJSPkwj7OJrJW59hIn8iimuLV07rjbAxvhE-ngJ80_TtJgkXPyvzJZBZ-R-NEtYMJFyNaMmftI5DPWwAfgOcZtLMoPS12yVao_QDgah29PQ4Q&sai=AMfl-YR-cge5heJe5R7B8YqAjV5N_NYUTW2z-IurxoI3fc1ezSI-xdf_ok8OklwKhTe7EzCLsh4rpCs7vMe3jbNuJtMCrrTp0VBdLLtWyPgO5I17MSyPqP1hDBq3j9VsUmiZaxMga8wtIb3AzJ0Tv34-qgmUNMRIG6DN-b2TrYmt9XyItw5LDmfJN4sIoZlH6yvwROwmyo5g_Xz68yJHrmoo6BPb1iW8Fw&sig=Cg0ArKJSzMHEkHnKwaqAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2192&vt=11&dtpt=1314&dett=3&cstd=874&cisv=r20221020.76746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
usync
id.a-mx.com/ Frame D39A 		0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.154.71 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
AU
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seeNsPEms%2F6Q2eXra4rmbytFjzHWacwE2tyZ%2FB%2F0FKTX23sBZpWE5wYBhtI21fWXryaLeRDCfCiahSVILU3OK7VOxJT8GRgVZ17gHrGfwnzIsFBw30Y81ctcbDORhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
7600403239a7a95b-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync
x.bidswitch.net/ul_cb/ Frame D39A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&gdpr=0&gdpr_consent=&us_privacy=
0
0
yahoo
prebid.a-mo.net/setuid/ Frame D39A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-YlgjY2xE2uGWCT2Bxf5M3u0AAt4iR4tbWjCYWqQ-~A&gdpr=0&gdpr_consent=
0
0
magnite
prebid.a-mo.net/setuid/ Frame D39A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L9P3RHNQ-1L-GOHY&gdpr=0
0
0
cookie
cm.adform.net/ Frame D39A 		0
0
setuid
prebid.a-mo.net/ Frame D39A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dtriplelift%26uid%3D%24UID&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=triplelift&uid=3297528069470816787454
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=triplelift&uid=3297528069470816787454
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=triplelift&uid=3297528069470816787454
date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
prebid.a-mo.net/ Frame D39A
Redirect Chain
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dzeta%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=zeta&uid=ua-4c9af021-d090-30cc-901b-1499eb913dff
0
0
setuid
prebid.a-mo.net/ Frame D39A
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%...
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=smartadserver&uid=3530166902386920020
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=smartadserver&uid=3530166902386920020
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=smartadserver&uid=3530166902386920020
date
Wed, 26 Oct 2022 03:54:27 GMT
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D39A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVEMkQyM0ItNDYyRi00NzhGLUJDOEUtQTk1NkIyNDhGNTRE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
setuid
prebid.a-mo.net/ Frame D39A
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=index_rtb&uid=Y1ivcTwsNC697faFC7nUTQAA%264897
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=index_rtb&uid=Y1ivcTwsNC697faFC7nUTQAA%264897
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=index_rtb&uid=Y1ivcTwsNC697faFC7nUTQAA%264897
cache-control
no-cache
cf-ray
760040324b0baad8-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
ap.lijit.com/ Frame D39A
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
0
0
setuid
prebid.a-mo.net/ Frame D39A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=appnexus&uid=4251134718965978439
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=appnexus&uid=4251134718965978439
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:27 GMT
AN-X-Request-Uuid
82a4ac17-b461-4d15-a66e-4f5c855d178f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=appnexus&uid=4251134718965978439
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame D39A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:28 GMT
AN-X-Request-Uuid
230d2678-c3a4-4527-8d62-ed2c3c1d6b80
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame D39A 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.114.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-114-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
setuid
ow.pubmatic.com/ Frame D39A 		0
0
setuid
pb.vuukle.com/ Frame D39A 		0
0
setuid
pbs.nextmillmedia.com/ Frame D39A 		0
0
setuid
prebid-server.rubiconproject.com/ Frame D39A 		86 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.121.116 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8457 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
268686
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 01:16:21 GMT
expires
Mon, 23 Oct 2023 01:16:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8079 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
ca9b0642e35904ae1a815d54a062b5555e517201a808a2fa63fdca28d0dbe442
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1SBXcaFr4TUd1VofA8fHuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-1SBXcaFr4TUd1VofA8fHuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:27 GMT
expires
Wed, 26 Oct 2022 03:54:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FCD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
268686
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 01:16:21 GMT
expires
Mon, 23 Oct 2023 01:16:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6597 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
9ff853fa2544fa0734d9f32ae36a8c5a7022d388a4b63b3851fb4b56d24def6c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R0gplDAQ1B7wIXuuSIbvRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-R0gplDAQ1B7wIXuuSIbvRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 03:54:27 GMT
expires
Wed, 26 Oct 2022 03:54:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
xuid
eb2.3lift.com/ Frame CEB9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e6d340f8-f252-4382-aa70-e94c8f250f85&dongle=0cfd
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e6d340f8-f252-4382-aa70-e94c8f250f85&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=e6d340f8-f252-4382-aa70-e94c8f250f85&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame CEB9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI5NzUyODA2OTQ3MDgxNjc4NzQ1NA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CEB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA1IGet2w8FsPl-kLruFOKQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA1IGet2w8FsPl-kLruFOKQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA1IGet2w8FsPl-kLruFOKQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CEB9
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI5NzUyODA2OTQ3MDgxNjc4NzQ1NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI5NzUyODA2OTQ3MDgxNjc4NzQ1NA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzI5NzUyODA2OTQ3MDgxNjc4NzQ1NA%3D%3D
date
Wed, 26 Oct 2022 03:54:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame CEB9
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3297528069470816787454&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3297528069470816787454&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ced6bb0d-1051-44af-8688-e26339de7ade&_noobservation=1
0
0
sync
x.bidswitch.net/ Frame CEB9 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3297528069470816787454&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 03:54:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame CEB9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3297528069470816787454?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ITqPQtNE2oQEN8MTfqeUpcx.t26TmvBKX3WNUXyGWA--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ITqPQtNE2oQEN8MTfqeUpcx.t26TmvBKX3WNUXyGWA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 26 Oct 2022 03:54:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 26 Oct 2022 03:54:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ITqPQtNE2oQEN8MTfqeUpcx.t26TmvBKX3WNUXyGWA--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame CEB9 		0
0
c.gif
c.bing.com/ Frame CEB9 		42 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3297528069470816787454&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DFC087E536F34B9582E3DEBDBA4BFFDD Ref B: SYD03EDGE1621 Ref C: 2022-10-26T03:54:27Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
23178
stags.bluekai.com/site/ Frame CEB9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=Co_Z5rYJyoRQGfbQOJpN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8079 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=3611008878919813&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6597 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=3618108874669302&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 8457 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:48:54 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 3FCD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:48:54 GMT
rum
dsum-sec.casalemedia.com/ Frame CE93
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e6d340f8-f252-4382-aa70-e94c8f250f85&expiration=1669348467&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e6d340f8-f252-4382-aa70-e94c8f250f85&expiration=1669348467&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e6d340f8-f252-4382-aa70-e94c8f250f85&expiration=1669348467&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame CE93 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame CE93
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBFnrf1nt9YAJbXejH114c4&google_cver=1
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBFnrf1nt9YAJbXejH114c4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
760040348d886a4b-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 03:54:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBFnrf1nt9YAJbXejH114c4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CE93 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.172.143 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame CE93
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0c3b6358-af73-4300-b840-d9d9fe4e94ad
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0c3b6358-af73-4300-b840-d9d9fe4e94ad
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 26 Oct 2022 03:54:27 GMT
Server
MT3 4539 98cc2da master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0c3b6358-af73-4300-b840-d9d9fe4e94ad
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 Oct 2022 03:54:26 GMT
crum
dsum-sec.casalemedia.com/ Frame CE93
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4251134718965978439
0
0
crum
dsum.casalemedia.com/ Frame CE93
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4251134718965978439
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4251134718965978439
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:27 GMT
AN-X-Request-Uuid
d29fe850-3239-4241-b5ea-362ae650ee7d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4251134718965978439
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame CE93 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame CE93 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1ivcTwsNC697faFC7nUTQAA%264897
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
19529
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76004034a99eaade-SYD
content-length
43
expires
Thu, 27 Oct 2022 03:54:27 GMT
usync.js
eus.rubiconproject.com/ Frame F1C7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 03:54:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34299
Connection
keep-alive
Content-Length
9455
Expires
Wed, 26 Oct 2022 13:26:06 GMT
generate_204
tpc.googlesyndication.com/ Frame 3FCD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?a6exgw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8457 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iISrnQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:54:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 065D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73720715&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dpba%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 03:54:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C55F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=22067
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 03:54:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 26 Oct 2022 10:02:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame D3DC 		0
0
/
onetag-sys.com/usync/ Frame FE61 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame AB83 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame 7924 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f98d226fe5d77f97a78a82746fde4c36e751763f9a932824f66590ffc7ec2ab

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76004034fde66a4b-SYD
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 03:54:28 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B23E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A21 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=22067
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 03:54:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 26 Oct 2022 10:02:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
x.yieldlift.com/ Frame 5008
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9P3RHNQ-1L-GOHY&gdpr=0&us_privacy=1YN-
0
0
sync
ads.servenobid.com/ Frame 5008
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4251134718965978439
0
0
merge
ce.lijit.com/ Frame 5008 		0
0
pixel
ap.lijit.com/ Frame 5008
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
0
0
getuid
x.yieldlift.com/ Frame 5008 		0
0
RX-9d536ec9-5e82-4aa8-920d-5845863682bd-004
sync.targeting.unrulymedia.com/csync/ Frame 5008
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2287944550
  • https://sync.1rx.io/usersync/tradedesk/e6d340f8-f252-4382-aa70-e94c8f250f85
  • https://sync.targeting.unrulymedia.com/csync/RX-9d536ec9-5e82-4aa8-920d-5845863682bd-004
0
0
cm
p.rfihub.com/ Frame 5008 		0
0
usa
sync.go.sonobi.com/ Frame 5008 		0
0
pixel
ap.lijit.com/ Frame 5008
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F6102%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D2cf117da-bf66-4c8e-b4a...
0
0
sync
ads.servenobid.com/ Frame 5008
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-XXT5rqFE2uHgcU_xXLmcrkZxYHcIJeC4CXCLn5c-~A
0
0
0
prebid.a-mo.net/cchain/ Frame 5008
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00YzlhZjAyMS1kMDkwLTMwY2MtOTAxYi0xNDk5ZWI5MTNkZmYqU2h0dHBzOi8vYWRz...
0
0
sync
ads.servenobid.com/ Frame 5008
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-XXT5rqFE2uHgcU_xXLmcrkZxYHcIJeC4CXCLn5c-~A
0
0
async_usersync
ib.adnxs.com/ Frame 5154 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 03:54:28 GMT
AN-X-Request-Uuid
87403cfc-2252-4bab-a27d-6fbe1eabc8a1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
token
token.rubiconproject.com/ Frame F1C7 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame F1C7 		0
0
tap.php
pixel.rubiconproject.com/ Frame F1C7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e6d340f8-f252-4382-aa70-e94c8f250f85&gdpr=0&gdpr_consent=&expires=30
0
0
token
token.rubiconproject.com/ Frame F1C7 		0
0
tap.php
pixel.rubiconproject.com/ Frame F1C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHRLyoTrkrbAmfRG6zhDAUU&google_cver=1
0
0
dcm
s.amazon-adsystem.com/ Frame F1C7 		0
0
token
token.rubiconproject.com/ Frame F1C7 		0
0
token
token.rubiconproject.com/ Frame F1C7 		0
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 7924 		0
0
rum
dsum-sec.casalemedia.com/ Frame 7924
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8865220097830755215
0
0
ie
match.prod.bidr.io/cookie-sync/ Frame 7924 		0
0
Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7924
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB
0
0
pm_match
um.simpli.fi/ Frame 7924 		0
0
tp_out
d.adroll.com/cm/index/ Frame 7924 		0
0
/
b1sync.zemanta.com/usersync/index/ Frame 7924 		0
0
rum
dsum-sec.casalemedia.com/ Frame 7924
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e6d340f8-f252-4382-aa70-e94c8f250f85&expiration=1669348468&gdpr=0&gdpr_consent=
0
0
sync
ads.servenobid.com/ Frame 7924 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DD5 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 88B5 		0
0
match
c1.adform.net/serving/cookie/ Frame C682 		0
0
img
sync.mathtag.com/sync/ Frame 3B54 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame F2A4 		0
0
send
cm.ambientdsp.com/cm/ Frame 8B85 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=medianet
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.html?cs=8&vsid=3097580656827308000V10&type=rkt&refUrl=&vid=67564670753097580656827308000V10&ovsid=1972928490758014420
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-9d536ec9-5e82-4aa8-920d-5845863682bd-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3097580656827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D67564670753097580656827308000V10%26ovsid%3DRX-9d536ec9-5e82-4aa8-920d-5845863682bd-004
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D0a108aa2-95c5-4b82-a319-50c903275a37&gdpr=0&gdpr_consent=
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=Co_Z5rYJyoRQGfbQOJpN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDN5PVUNLSLFFHS32SKFDWMYSRJ5FHATRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DONJWGQ3DOMBXGUZTAOJXGU4DANRVGY4DENZTGA4DAMBQKYYTAJTWONUWIPJTGA4TONJYGA3DKNRYGI3TGMBYGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3097580656827308000V10
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&gdpr=0&gdpr_consent=&us_privacy=
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-YlgjY2xE2uGWCT2Bxf5M3u0AAt4iR4tbWjCYWqQ-~A&gdpr=0&gdpr_consent=
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid/magnite?uid=L9P3RHNQ-1L-GOHY&gdpr=0
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dadform%26uid%3D%24UID
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid?A=2cf117da-bf66-4c8e-b4aa-a84e4bb40887&bidder=zeta&uid=ua-4c9af021-d090-30cc-901b-1499eb913dff
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
Domain
ow.pubmatic.com
URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887
Domain
pb.vuukle.com
URL
https://pb.vuukle.com/setuid?bidder=amx&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887
Domain
pbs.nextmillmedia.com
URL
https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=2cf117da-bf66-4c8e-b4aa-a84e4bb40887
Domain
p.adsymptotic.com
URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ced6bb0d-1051-44af-8688-e26339de7ade&_noobservation=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3297528069470816787454
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=Co_Z5rYJyoRQGfbQOJpN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5INXV6WRVOJMUU6LPKJIUOZTCKFHUU4CO&gdpr=0
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4251134718965978439
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9P3RHNQ-1L-GOHY&gdpr=0&us_privacy=1YN-
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=312&uid=4251134718965978439
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-9d536ec9-5e82-4aa8-920d-5845863682bd-004
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F6102%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D2cf117da-bf66-4c8e-b4aa-a84e4bb40887%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=337&uid=y-XXT5rqFE2uHgcU_xXLmcrkZxYHcIJeC4CXCLn5c-~A
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00YzlhZjAyMS1kMDkwLTMwY2MtOTAxYi0xNDk5ZWI5MTNkZmYqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNGM5YWYwMjEtZDA5MC0zMGNjLTkwMWItMTQ5OWViOTEzZGZmMgEGOAE=%26buyeruid%3D
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=339&uid=y-XXT5rqFE2uHgcU_xXLmcrkZxYHcIJeC4CXCLn5c-~A
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=36584
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e6d340f8-f252-4382-aa70-e94c8f250f85&gdpr=0&gdpr_consent=&expires=30
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHRLyoTrkrbAmfRG6zhDAUU&google_cver=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8865220097830755215
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e6d340f8-f252-4382-aa70-e94c8f250f85&expiration=1669348468&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=333&uid=Y1ivcTwsNC697faFC7nUTQAAEyEAAAAB
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=3618108874669302&bg=!pqWlpeHNAAaaxvStusY7ACkAdvg8WtrWHqlGwhU8NuB-0CszkeIFR929foq_hH5-YFN_4DetwHe_FwIAAACbUgAAAANoAQeZArht2LAd8jnX6mXuZiaNkOwbvDg4xTKcpgpisyCttNue31BoKsmBFxRB6R6sFLUhtRxaNnqqgpFZs3uESFn7Lw9qMQWAPER9jC5XO_6tlV3qk4txEsycKkmks9_f4tcUq-2rIVWL5jMZTJC_AEp6-HBj2lX5D7rTRyi0L6MIWxctMz366ehowo6Mqpq4LFygZQm3AkWKk-zveyfDeGafGYH8Z-YjUuhcg1OKcakjjctQnSiApF9s7TTRfz8N2Tpg-KbKlVxwFk2W5x3Y59AB4N9h0SfsBH0mjWYzfwtoD10SFLhGs4AtvT4bw6CW0hkI-hqfAkWDnFDcxzLuzA8xZ5CYxcItpsnQlKm0xeY6ZMV4F9qcl8uw5gwKcvVtUcq8t1tgzI7rbHHxgyGhc04erAN24NFsAsXDj7Qj-HdHHyXpVao3BgBp64o6_qJosVt31avcbv8j6jmEeZBYTaTkxDW_q5c5a91bmz3p84TVmcwsZoIhGZQjKFSKeK7e1eLHwauds74oI-tRXoHkZl0r9anYiRuoQC8Z3CpS778Z0wLmpCT3XUHIPoj16JljSXKVB2Qbq6nF0C5dzuSmDJHWzwkDyzkJjzGS3E9TNDuKaqeqCN-_zHoAmzdv-EDmmcZlz_qF7i5ys4oIQbzcuA0vjKA6cOOQWKqqwv7Iu-L4fy_UT8DQmHIdCZRIO-HaZ8bct8DGwfVUyttBUL17UHen6Z1L4yNCC26pbxC85LjlGAnvsuiIF5Bl9U7jatRmlVzxW2Sk9IgKCxO8ttIQb0-vaovLmeO5lqQgoAfx0TloNvVhI20QIOV5W2NU0laZRyb5Un7zJqjk-BdX45jqEiA0-_PSuskaxbuXV0SuTiLCT4NDBeXUMxv09sxcmK4Xckh1KqBoJoEPngijKmnGrYACwGpPg7ru1DWjd-w
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=3611008878919813&bg=!jo2ljcnNAAaaxvStusY7ACkAdvg8Wp7n4bBlj4-qw-3095p2R5hS_tTevxKkRCv1wUBts3DVwAcTngIAAAChUgAAAANoAQeZAtEacWflnlE9GYtiTfZk_mqPW4izrypOLUsen_mytnqVBfxnvAB_kPJFeaXanpV4CjFIJzfwhq6pWlv1ivtbO0qnioOIF91jkwPZLyYS7wIPDbkHPbUmhEfhNFyRuea9s3Suo1WsrEnl-koHUThmBQvOCr9xOM1DxbcouN-rXX7ErzG7N6ZZxyD8WXlpVu_387HSMFnAA7wFCCt8VRzhRSwGmbrwOm-VFqcO3MvfNJ8ulF3CCG7IRNxtMowsBAWZCwNrnPIa0CxctbuyO2jgQLd4fLd3NIXJQemDj_vIKCrCLBVAkpSMyoIU_ajvRFClJFLlGh6yw3nhTXEMP8ntlndHZt3Fd9CS7sQNuErOutLrYk2FR_3x4KXAXKxEwZJdp6i21vQBIx9QJdi7xZJI2tDF-_GDK_aXhaZxyAXWpj_6vBbn3epk1iwl9kdlvp2KaPELkTDD4Nr4lQzkVumyLhZcDlsOtH30XFMiaFJQttzn9JXzsvZNH8BtFO-2DhGVheUjUqAQpC6rNFTit9d4TMskHfqHO0P9bCSsLB0w7W0jfxR4IsEPT0uxu6ypgd9Ph9RLrThBj2ukYMiM3ZE8FHyfdjhLeq5ecPFksbVrXPO5R0WjDceLgYIqeuEBSG2i5jEFJD1_L1ajiBnVdEv15qc6Utw3zLF5HtPUDQLebQ70MmLsMtjGtW9Fy8H0ISeJBjyvzRVo8vvJvQV3QcXDNzluVZ-rFh-Bk0hsL_zthTopTa-N94NZBZL7rwaJosa_wd6E7U-rfTcuG94w6dsqgMEXWgluBG0mVYJu-I4q6sW6YmHfKegSNkZzRH0HrlZznMaMFdexAkA7DKuJ524pmgdc2Ygud0M5scDWki-9dyG0vBQQYN1IgQx6sZnKiawhN_5nmZFF821NLQ4DpmrSuaz_gBk9Dr46of7ZnnrAT01azDu9WwglOplQeNWmxEk_32FE
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=F6E64D17-59CE-4968-82C7-B3F8762F8F61
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
cm.ambientdsp.com
URL
https://cm.ambientdsp.com/cm/send?vc=pmj

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString undefined| $ undefined| jQuery function| jqAlias object| google_reactive_ads_global_state number| ampAdSlotIdCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing boolean| noPreviewPage function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

63 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQn7S1k8EwCgoIgQIQn7S1k8EwCgoI4gEQn7S1k8EwCgoI5gEQn7S1k8EwCgoIhwIQn7S1k8EwCgkICRCftLWTwTAKCQg6EJ-0tZPBMAoJCAsQn7S1k8EwCgoIjAIQn7S1k8EwCgkIXxCftLWTwTA=
.aralego.com/ Name: sspid
Value: 89d39cdf-fce4-3d5d-a947-bd82e01b93d5
www.bg3.co/ Name: __AP_SESSION__
Value: 33627e2a-16ab-4643-bfa3-c887e0797268
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 2410fded-37fe-42e7-b88b-df3374f103bf
.doubleclick.net/ Name: IDE
Value: AHWqTUleHJoYuqEZxUGrQIE-UHRWujVI5Uf1vP0KtubadmBBIMoAPR9kgW1M808X0sY
.openx.net/ Name: i
Value: 2410fded-37fe-42e7-b88b-df3374f103bf|1666756462
.adpushup.com/ Name: ap_uid
Value: e03974b0-54e1-11ed-948d-00224859fe65
.adpushup.com/ Name: ap_usid
Value: e03974b1-54e1-11ed-948d-00224859fe65
.bg3.co/ Name: __gpi
Value: UID=00000b6d1852f6bd:T=1666756462:RT=1666756462:S=ALNI_MYvKPGlI6PNDk5VLdDfEDPwe1RjHw
.rubiconproject.com/ Name: khaos
Value: L9P3RHNQ-1L-GOHY
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJqFRY0d2g7XLUyebV3a1stpkIUjt0AsjvgrMePjGHDpC5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw7t7imgY4AUABSAEQ7t7imgYYAA..
.adnxs.com/ Name: uuid2
Value: 4251134718965978439
.ctnsnet.com/ Name: cid_2869d073f7ec4b11ac6e7a9d8d7e1245
Value: 1
.ctnsnet.com/ Name: gid_CAESEBNZb5JGLmmpMceYQWrZye4
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1666756462_1666756462
.a-mo.net/ Name: amuid2
Value: 2cf117da-bf66-4c8e-b4aa-a84e4bb40887
.prebid.a-mo.net/ Name: sd_amuid2
Value: 2cf117da-bf66-4c8e-b4aa-a84e4bb40887
.send.microad.jp/ Name: TR
Value: 97cf11fdfdcf3b1e5b6baf1d7d9e442549320342f022c35e
.fout.jp/ Name: uid
Value: VHeDJ3FAp7D-svKbrJ7ZLQxQgck
.teads.tv/ Name: tt_viewer
Value: 98161ed4-5748-40b5-8569-95a7eb28ef2d
.quantserve.com/ Name: mc
Value: 6358af6f-9ec7d-0cc96-3b8f4
.bg3.co/ Name: __qca
Value: P0-1953832090-1666756463542
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1666756464.1.0.1666756464.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1892847822.1666756464
.inmobi.com/ Name: idsp_c
Value: c27e5e34-8faf-4f4d-bf9d-8bbe3a7bfd29
.bg3.co/ Name: __gads
Value: ID=9e183c5cdf590016:T=1666756462:S=ALNI_MZT9vWVT7LTgsdaJsLOqJqoWc3v9g
.adkernel.com/ Name: ADKUID
Value: A2276093351435623372
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A2276093351435623372
.id5-sync.com/ Name: id5
Value: 9ac7be78-3c7c-482f-8e52-83ac12326368#1666756464580#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Iles)W:#!]tbPl1M>e)ZlrFUfJ+tGXxoyDCoIIFm?n/M^wb8EZg(PK1x%/YZStxS*T]l3If)y3KL9D3I?+QEjvhW
.adsrvr.org/ Name: TDID
Value: e6d340f8-f252-4382-aa70-e94c8f250f85
.casalemedia.com/ Name: CMID
Value: Y1ivcTwsNC697faFC7nUTQAA
.casalemedia.com/ Name: CMPS
Value: 4897
.casalemedia.com/ Name: CMPRO
Value: 4897
.tribalfusion.com/ Name: ANON_ID
Value: aOntuJSyZaRGRT8vnQ1f15mW5nn5AwCuKfZcArhFGq9CCYrV1bXaiTjWwoP8Q8KrmgpEmU6gPdhd1DvbWbGMwElSVD
.adform.net/ Name: C
Value: 1
.media.net/ Name: visitor-id
Value: 3097580656827308000V10
.media.net/ Name: data-ttd
Value: e6d340f8-f252-4382-aa70-e94c8f250f85~~1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-065eb72f-ef81-450d-4b1b-9189fb17999e.%2FlyK5PxpBKoBWNzOb0%2FLi%2FlDX8pe5N06MySzszaip5k
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ABl63L--BRQ1LG5GJ-xeZnq310VE.pRXPm9L7tnUn6DXKlywyV8jE25eQyR%2FI9vgQ4DRYkEU
.media.net/ Name: data-g
Value: CAESEEqeaSjf6zhRg-jbbG7TVpE~~6
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e6d340f8-f252-4382-aa70-e94c8f250f85%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-26T03%3A54%3A26%22%7D
.zemanta.com/ Name: zuid
Value: Co_Z5rYJyoRQGfbQOJpN
.adform.net/ Name: uid
Value: 4932902736687337086
.openx.net/ Name: pd
Value: v2|1666756466|jElYiuvOiahI
.3lift.com/ Name: tluid
Value: 3297528069470816787454
.openx.net/ Name: univ_id
Value: 537072971|e6d340f8-f252-4382-aa70-e94c8f250f85|1666756467069646
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI2vvW7fnDmzsQBRIWCgdzdng5dDUwEgsIxv7H-vnDmzsQBRgBIAEoAjILCMb2yqeQxJs7EAU4AVoHc3Z4OXQ1MGAC
.ladsp.com/ Name: cr
Value: 1
.casalemedia.com/ Name: CMTS
Value: 4706
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjJjZjExN2RhLWJmNjYtNGM4ZS1iNGFhLWE4NGU0YmI0MDg4NyIsImV4cGlyZXMiOiIyMDIyLTExLTA5VDAzOjU0OjI3LjQzODg0NzgwNFoifSwicnViaWNvbiI6eyJ1aWQiOiJMOVAzUkhOUS0xTC1HT0hZIiwiZXhwaXJlcyI6IjIwMjItMTEtMDlUMDM6NTQ6MjcuNDM2OTg0MDM0WiJ9fSwiYmRheSI6IjIwMjItMTAtMjZUMDM6NTQ6MjcuNDM2OTgyNzE4WiJ9

4 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666756461&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchang-ze-ya-mei-kui-wei-4nian-ban-zhong-fan-xiao-ying-mu-zhu-yan-da-dang-2ji-rou-nan-shen-zhui-yuan-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666756459233&bpp=15&bdt=1649&idt=2277&shv=r20221020&mjsv=m202210170101&ptt=5&saldr=sa&correlator=4935527175479&frm=23&ife=1&pv=1&ga_vid=191318710.1666756462&ga_sid=1666756462&ga_hid=1728113457&ga_fc=0&ga_cid=amp-JMpm2PFr2QOokQC6DhCKBQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3709292435&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C42531706%2C44774292%2C44775016&oid=2&pvsid=14388017653826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q4ndqskqbprq&fsb=1&dtd=2291
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvY2hhbmctemUteWEtbWVpLWt1aS13ZWktNG5pYW4tYmFuLXpob25nLWZhbi14aWFvLXlpbmctbXUtemh1LXlhbi1kYS1kYW5nLTJqaS1yb3UtbmFuLXNoZW4temh1aS15dWFuLWFuLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/sadbundle/16092916223250062225/null
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad6d7095e9b3fbb668a951e5b126aafb.safeframe.googlesyndication.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
aid.send.microad.jp
ap.lijit.com
aplogger.adpushup.com
assets.a-mo.net
b1sync.zemanta.com
bd434c13192b0ba3801f7c67ab0b5479.safeframe.googlesyndication.com
bidder.criteo.com
c.bing.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.ambientdsp.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
d-20671926272823164609.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
f6af52a5102bc0fcb905a5d842da468b.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.prod.bidr.io
mweb.ck.inmobi.com
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.vuukle.com
pbs.nextmillmedia.com
pix.as.criteo.net
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
qsearch-a.akamaihd.net
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.aralego.com
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
us-u.openx.net
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
aax-eu.amazon-adsystem.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
c1.adform.net
ce.lijit.com
cm.adform.net
cm.ambientdsp.com
contextual.media.net
d.adroll.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
g2.gumgum.com
gu.dyntrk.com
hb-api.omnitagjs.com
image2.pubmatic.com
match.prod.bidr.io
ow.pubmatic.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pb.vuukle.com
pbs.nextmillmedia.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
rtb.mfadsrvr.com
s.amazon-adsystem.com
ssbsync.smartadserver.com
stags.bluekai.com
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
um.simpli.fi
x.bidswitch.net
x.yieldlift.com
103.229.10.171
103.229.206.241
103.254.153.160
104.16.85.20
104.17.24.14
104.18.12.76
104.18.13.76
104.18.18.126
104.18.19.126
104.18.25.173
104.19.159.19
104.211.156.162
104.254.151.60
104.26.2.91
104.26.5.103
104.45.178.220
104.83.196.24
104.83.197.63
124.146.215.44
13.107.21.200
13.228.121.143
13.33.33.91
13.33.88.41
13.33.88.98
13.76.45.37
139.5.84.243
142.250.4.149
142.250.4.155
142.251.10.101
142.251.10.132
142.251.10.155
142.251.10.94
142.251.12.147
142.251.12.154
142.251.12.157
142.251.12.94
145.40.89.200
15.197.193.217
151.101.65.108
162.19.138.82
172.67.154.71
174.137.133.49
175.41.187.173
18.161.111.72
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.31.5.52
185.84.60.20
20.127.253.7
202.232.238.37
202.233.84.1
209.58.188.181
23.106.127.38
23.36.252.26
23.72.44.196
34.107.148.139
35.186.193.173
35.213.117.18
35.213.12.39
35.244.159.8
42.99.140.144
42.99.140.161
42.99.140.216
50.116.239.135
50.31.142.191
51.79.234.100
52.2.255.108
52.223.2.229
52.74.172.143
54.171.114.234
54.249.121.116
54.80.43.227
67.199.150.81
69.16.175.42
69.173.158.65
74.125.200.156
74.125.200.95
74.125.200.97
74.125.24.154
74.125.24.157
84.17.37.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02c8b43aeb928d29f42d1fbaf7cd782b6a567a349028ab60f8cc48e8aa089557
03defe788c487bc9974d219a7f4c511b37b3107036e9fea400bcf3c8e4e92458
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
0899e7dab5846e89079360c2a30ab99fbf0d330e36e2771c5de6a8266b7c9f49
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0999499279570edeb602db248e1c0f9ef2c345dc919b8c2f054f03c9fb9ca671
0a726284f6362626b72a3c5bb70fd9b35b306ca323fc74ac05b4b6752be4b38a
0b4a7f405b8ac41af5f67109eef04604ef18be4ef4401ddc1fbb3e625fd0de0f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1953c66074d7eb7705ca4778e482e89a497e503f27e52bb0d05fdeac0f3430d0
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1a12e03c6e7368771df0045c0d29660585881ec9e385b5cc885351c2a0bc3905
1a5804df02c6ba88fcddcc37b09d4d8433fea367bef4fe2e9df850866b122c95
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1c7a175843b9b8b8516b8facc3c7db87e62dcabe9748f7101a61c55bec2d4c73
1c8e16104b0e6422af2018a70f1a3c8698cee105f42f716edced33249b004096
1d8eca1ffbccb7a95d58861b8bc730be026f794d70d8d008899fad9eda58ad43
1dad43954a6b675a0a6e65e37b92836675264c06d09fc4f0ec1472cc6c950bce
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
2217681f6d9558c2fab7e3ec0f40051276138880c76082503a33a699bc1accde
225c140b4af3e65d119cb0b20b8579d31f46f418d7c28e3050842fa89fc43cd6
2381c75b309a8f0f82debe714c04654b8132f97178a4f5c5c17ab45073e18aeb
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
280f65f41d5c1f1c884ca450563c5830c78c3157ca8ae30083d52f653f672997
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4
2a3110deafe5e90662d96980e2dc86fef54ab6c222e9b9305e9fd72c1de8a0bb
2cb9c123035209c64ecedd08a8d96307a1ce3e4a5a195e0494c56aa98fa925c5
2f923f5180774f6599bd88ec540004557c15443b015fb8458c39bb0338505047
30593e594e32933bb21f704bd0677d03e1af52ba1b00871e03bb13ecd65f3131
3123b687869e2f9fb8303d1b4363be6f18e9f2a701ae6f515d43532d2343aeea
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
33cf47e41bf8ec192949d3fb5dab90f082d3702d3f655adf0035e30f8f0767da
33ea169a4d91ca0a8be1a08f4a25efed3099e6554d74de2c91f0425e3e4522e3
369606c0ab29e7957d29a69f6f9384fb5c3ec86c1b1c26844b3e055deaae8e7e
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
373016ccf45bdd69b18669c757317a28e52c35cf381bbb79e851b3b8b7bb401d
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b17e5d516f9bd51ed05461dcca0a156e97a77768ff453f678a493de698783ec
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f98d226fe5d77f97a78a82746fde4c36e751763f9a932824f66590ffc7ec2ab
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41388a12db434ac6b0d8be1fa707f914a8128ce259a657522565f9b6c5fd755d
4434cbf25a585ae04dd4bfe478e2b99dddfbf46151f8e88bdd3f2416cbc8d082
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a56008264e9e21036617404d7077a032aa3d09921d80d1e3b873272f851145a
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c30a663f0048881b008b54e1c8ed14ffa153b6e43c9b78f36fffe3a635df84d
4c46f7fadb683c44c08212442b5b1af83da52fd88bda523456fc4e6d72dc70a8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1d86cccd80a12a938b7ae1b5ba32ba9c261f0ab0b155b3cf661251ae8919d0
4f09e22efc805bed870cf0765df49eb4d0404617fff40ff58957f810df822dc8
4fff63a70e66a84003bf0102066ebb0a83f95dc277e60ca3fbf4588d12546578
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
530ada81665d4f8f68e14afba4d6ae64128d80240dda6ddc8919b31d65a69702
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
564be46d0300ed0f58f4cdd1590bf7da05fdb169fb4f621241c7986fd1ef004d
56df0a279f759f13bf5024aaf4547c82d47fad55498ba1473aece0f2c9587531
5707c61eea9e2e9a128ce265780189bcd389478b2a2ec96bc8df37c589781567
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6138df37d8f9103a4de90759d0d94718c0a9d7bf492a4b3d9744677c07448560
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620acf54bfa7499b88ebdbdba63537f7c2fbf1e1998388fcc2a88052fc4c7026
64e5cf05f6b216c8356ce80da947f05e99ad5ace0ab6d12357b70ae0984f8993
65b21379200b0ceb76a01a7a858f9481563b5dc5a8abd51918e8bab455fccc27
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66b654e131c69e5a91130dbea071278f0aaf9435812b36986b8a958b5fca49f1
69ad90299bb9a247097a75a43af64aab91cea0d01d37ee27d84d7d3007b64740
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fea6aabf1c7acfc49527aecbc75c28e26ee13ebebf75c8cd029f7eb74b973
6ba9cdab4db860aed530576f7fbf693f20e6ed1f44867614c552b01f123e7575
6c017bc85fd93ded1244d1a721c8d5fd5a52441092a4ce44cd1902ecbe90e34b
6c6be8c4182d09db3dfd3dd01bc0b1c3842ab6a0b9d6e6ba6d2b57132b96f48b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7412f2123229e885f3085e2b0fc6a05cc0058c4f54a58c3301bd94076af79ade
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7cd6da6ff2b5c7f3061f874463cd7fc2cc3e52940c5d24b750424a4bd7b5f35f
7d8e6039c97598be9f5e7e83c7a1d3290441bb9221bd5df605ce1e35d58adf85
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8302bd622828fa309784460cc3e186d87c72558b21b8f23045ee71e40ec73723
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f79007ac7b66b48f57e153953d895b7aa81317ce743d054f93ba26a865a9fd
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
84b97a0ec417d10ab212f6e288a3f29c15fca46837a8550b4699d066c39967ae
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c61aad8a31bf9566c57c01d3e897b3a6104c29122a04b1c443a4ae1caa7637a
8d16088079db948faa5c25430593d7b2c1d9e440d3eeb98844b485792ec5db19
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f8b049f33bce362740d852a19b932331730133039584237848a2abc51b75c86
9031fb6394636040da43903f24c6d58e9af4986b8042124b7a02b26feb5a7081
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d22eae55760b086559a9853b402289fbaefd27b7d855336b3664933bff0fd2c
9f5785e81528a785379bfceed212a1a43fead337b5bae5106c6e4d1c9bb13bab
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff853fa2544fa0734d9f32ae36a8c5a7022d388a4b63b3851fb4b56d24def6c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aed5d6070276dcbf847b073b7d275ae9fce1b5759926b8486938019f13223a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1c9094879060bcad1478a6b5df25524b026944b304816e8fe99a722979f622e
a23695cc5fc59b33dd647e7d5c19b02a1665506a0edbf24aa5c67af7329155f2
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73373991eac312472337b27e27d0afcca20b5102b0dccff89cf502d1f705d36
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a9af27e29acfea4a046869073069d58d65a71334ea90da8b2c8034d9b4708f5d
aa6c0c7befcf40d513b597bf466c8658c6e156947e2ef47aefa3ff0bb90b0e1a
acec5eacb1b4d876d6ead9a4bca74986cd7f25528ba09f3bb1a55b050a189eca
adae8601f8b502d542dc2b8df517b323e3625a1e4190763aa2b7127cb5aa6004
ae38c7bd7de2c868380fd86067b03523b0c4eaa06330ca33086af84df3cff44d
aecd275db55084f011e0c856ff9479acba68d2e1e1b42c6f08e6cc9414dfda12
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b577dd6b2f12f4f6e1f7a2b9de4802e1b5e6d80f456de52ccb793796ba9ff2c2
b961f3e5429f6cba42937515ec75515393c936905bf2d1d3da51056398f1b4d5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd68ae623feacb1b3e15fc6612cd2bda123e7da4d0d3b27163cff14244298a48
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe
c139d35943417f3eade49de19306cdb485ee8e9edcd4ed7fb8096ed14a63c4cb
c13f94db3214035ccc4cce69e43e994319ed1daff55f367b14bac9a9e0242f14
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c47932788a148087fd2b8bb922beef7d03f01fea24ee797b5a97799d8ccc9527
c5a7edd389525b22e18d1f3ae131c5ef0bacbbb9fc1b65ad5cc24063b1bcaf3e
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8ae663f3fd81d1a020e65ffc0b69251736602e28017350edb65fad173d35409
c952428572a65c0feb8905f62a92a6feb65108e86708a2a92d896f93c6531858
ca9b0642e35904ae1a815d54a062b5555e517201a808a2fa63fdca28d0dbe442
cba6806c4948374ec21fe68600ba4d510c37954c36f45ca7499c39382960742c
cd5d4fee62738f10c317a80daf4aa02b6facd86efd5d47df2e3a91299b1ed434
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2ed3fd545568285345130ea7f5bb020dc63073584458309435e74476ffa462a
d4375c1ebe02a95a7e37975e519ab3a6a7908fdd07884716745fd816475690de
d54633573668b4703db3bdccede99c1076819aa2bb287773cf8ef5d2bebae418
d556dadfba1741b99d7b74b39c0be2ac018ad617c4d405b8aab8a51813307a8e
d5bf286259d1886d01420abec20b85e9858f1179ae5a47d96fcb32cbdb45b978
dd077349a06d9c21c75ffc7b287de576f506a262b218d8a9926dc10145ccf4df
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfeb10b1ca3323529b0871057cf8b475f728b3f3d4fa5df33d0329aec32f8daa
e07bcfe5be714693a093c0dd1e3d6ab073f8a1bbd124095ee0b7631750cd9221
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f43a898aaf26771fc8f01333277fce7b7e8b361f8fb8c24b4f5c7b8bf80fe7
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59c9ea2bc851e8467476e2d30f1406c16bb0000ebfcdff7674e8fab43e2d2a5
e6e1ce5759089356f735fdde922a67a450135ae257f474d91f3c6f21789a81d9
e7540544e1fcaf222ae72ce56517f3c439e059e556cd87e4b552a022a5270c01
e806aeed209a3d575a7fc70ef9f4377b31bb2471f7808902482b5ce134313664
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e82981683cdae3ed153560d63861f3b4bff2b6083117662f0efb62e8dc431b40
e843075b4de1b815c512b135f360fe4674f55dca31ce715241f670b4131353bf
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed031b57f5675a0baf10f35fb2183729eb7d339f9c153aba931de54fc0bf43d0
ed3c51bd1b4bf9c15cef0a9ed85c7e76f216467179db5fdf492961c00c0eb36a
edac349b96c6c62e0513d7a0a819e8fdb1167eafa680956220b0403bc074023c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a9f141054817013d6def3c02cca28a5dee0b7a181eb53a11e5eaa6d8e9788a
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3c9962255e03bd78f7a6fbaec84df5cd5c1ce8a8a4b33645ae4380c2985ef16
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7e96b76c5b204bc5339ca6fd4ab9f2a3baf9cb71a1ede7e2e9cf7b9765b8b53
f9723d3f41444061b801c833bb798bd89f1c4e1333612c639c347d2284ccc3dd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e