urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Submission: On September 18 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 8 countries across 66 domains to perform 410 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 583884.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
10 142.251.12.132 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 23.59.168.81 20940 (AKAMAI-ASN1)
5 72.247.81.112 20940 (AKAMAI-ASN1)
2 69.16.175.10 20446 (STACKPATH...)
3 64.120.88.131 133752 (LEASEWEB-...)
13 104.26.2.91 13335 (CLOUDFLAR...)
55 74.125.24.155 15169 (GOOGLE)
16 142.251.12.154 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
2 142.251.10.157 15169 (GOOGLE)
4 172.253.118.155 15169 (GOOGLE)
8 142.251.10.156 15169 (GOOGLE)
2 15 74.125.68.157 15169 (GOOGLE)
2 13.33.33.91 16509 (AMAZON-02)
1 142.251.12.94 15169 (GOOGLE)
6 172.217.194.132 15169 (GOOGLE)
2 6 103.229.10.247 16509 (AMAZON-02)
1 104.16.86.20 13335 (CLOUDFLAR...)
2 104.18.19.126 13335 (CLOUDFLAR...)
3 52.194.84.66 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
2 6 104.254.151.120 29990 (ASN-APPNEX)
1 135.125.163.79 16276 (OVH)
1 182.161.73.145 55569 (CRITEO-AS...)
1 184.51.137.72 16625 (AKAMAI-AS)
1 54.251.15.99 16509 (AMAZON-02)
1 52.210.128.24 16509 (AMAZON-02)
2 145.40.89.200 54825 (PACKET)
1 10 34.98.64.218 15169 (GOOGLE)
2 51.79.234.100 16276 (OVH)
1 34.107.148.139 15169 (GOOGLE)
1 44.230.111.82 16509 (AMAZON-02)
2 142.251.10.97 15169 (GOOGLE)
1 13.33.33.118 16509 (AMAZON-02)
35 142.250.4.132 15169 (GOOGLE)
2 142.251.12.100 15169 (GOOGLE)
1 13.227.254.119 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
11 142.251.12.104 15169 (GOOGLE)
5 74.125.24.157 15169 (GOOGLE)
2 96.17.188.24 16625 (AKAMAI-AS)
1 42.99.128.160 4637 (ASN-TELST...)
4 23.52.112.21 16625 (AKAMAI-AS)
2 6 23.36.48.24 16625 (AKAMAI-AS)
15 45 172.217.194.155 15169 (GOOGLE)
3 7 104.18.18.126 13335 (CLOUDFLAR...)
35 172.217.194.149 15169 (GOOGLE)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 1 18.176.15.61 16509 (AMAZON-02)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 54.169.109.4 16509 (AMAZON-02)
1 1 52.221.119.8 16509 (AMAZON-02)
2 2 202.131.200.84 17941 (BIT-ISLE ...)
9 182.161.73.129 55569 (CRITEO-AS...)
1 1 34.142.175.23 396982 (GOOGLE-CL...)
1 1 52.2.211.96 14618 (AMAZON-AES)
1 1 72.34.250.75 27630 (AS-XFERNET)
1 1 54.251.139.99 16509 (AMAZON-02)
1 54.156.87.203 14618 (AMAZON-AES)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
7 8 35.71.131.137 16509 (AMAZON-02)
1 2 23.73.13.34 ()
4 7 50.116.239.135 6336 (TURN-US-ASN)
6 6 50.31.142.95 23352 (SERVERCEN...)
6 9 213.180.193.90 ()
1 182.161.73.132 55569 (CRITEO-AS...)
1 2 74.125.200.149 15169 (GOOGLE)
6 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
2 103.229.206.241 ()
2 182.161.73.136 ()
2 23.75.85.227 ()
1 151.101.193.108 ()
1 2 52.223.2.229 ()
1 104.19.158.19 ()
410 69
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
10    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.59.168.81 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-168-81.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    72.247.81.112 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-81-112.deploy.static.akamaitechnologies.com
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
13    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
55    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
pagead2.googlesyndication.com
16    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
2    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
partner.googleadservices.com
4    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
adservice.google.com.au
8    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
adservice.google.com
15    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
2    13.33.33.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-91.sin2.r.cloudfront.net
adx.holmesmind.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
d-27024444544096431478.ampproject.net
6    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
5fc11ef87d23e5599d55f28144193363.safeframe.googlesyndication.com
37764eb65ec5a60cdb53450f3b65878b.safeframe.googlesyndication.com
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
6    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
3    52.194.84.66 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-84-66.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    104.254.151.120 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
rtb.adxpremium.services
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    184.51.137.72 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com
a.teads.tv
1    54.251.15.99 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-15-99.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    52.210.128.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
10    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
2    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    44.230.111.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-111-82.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
35    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
2    142.251.12.100 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f100.1e100.net
www.google-analytics.com
1    13.227.254.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-119.sin52.r.cloudfront.net
pxl.qccerttest.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
11    142.251.12.104 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f104.1e100.net
www.google.com
5    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
www.googletagservices.com
2    96.17.188.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-188-24.deploy.static.akamaitechnologies.com
hblg.media.net
1    42.99.128.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-128-160.pacnet.net
qsearch-a.akamaihd.net
4    23.52.112.21 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-21.deploy.static.akamaitechnologies.com
contextual.media.net
6    23.36.48.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
warp.media.net
cs.media.net
lg3.media.net
45    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
cm.g.doubleclick.net
7    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
35    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
s0.2mdn.net
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    18.176.15.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-15-61.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
1    202.232.238.37 (Minato-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    54.169.109.4 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-109-4.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    52.221.119.8 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-119-8.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
9    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    34.142.175.23 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com
um.simpli.fi
1    52.2.211.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-211-96.compute-1.amazonaws.com
fksnk.com
1    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    54.251.139.99 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-139-99.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    54.156.87.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-87-203.compute-1.amazonaws.com
cs.emxdgt.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    23.73.13.34 (None, )

ASN- ()
sync.teads.tv
7    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
6    50.31.142.95 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
9    213.180.193.90 (None, )

ASN- ()
an.yandex.ru
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    74.125.200.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f149.1e100.net
ad.doubleclick.net
6    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
2    103.229.206.241 (None, )

ASN- ()
tags.mathtag.com
2    182.161.73.136 (None, )

ASN- ()
gum.criteo.com
2    23.75.85.227 (None, )

ASN- ()
eus.rubiconproject.com
1    151.101.193.108 (None, )

ASN- ()
acdn.adnxs.com
2    52.223.2.229 (None, )

ASN- ()
eb2.3lift.com
1    104.19.158.19 (None, )

ASN- ()
assets.a-mo.net
Apex Domain
Subdomains		 Transfer
96 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
5fc11ef87d23e5599d55f28144193363.safeframe.googlesyndication.com
37764eb65ec5a60cdb53450f3b65878b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
1 MB
75 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
ad.doubleclick.net — Cisco Umbrella Rank: 178
624 KB
35 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
1 MB
19 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
6 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.as.criteo.net — Cisco Umbrella Rank: 17010
csm.as.criteo.net — Cisco Umbrella Rank: 17365
100 KB
14 bg3.co
www.bg3.co — Cisco Umbrella Rank: 583884
static.bg3.co
187 KB
13 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
hblg.media.net — Cisco Umbrella Rank: 1563
contextual.media.net — Cisco Umbrella Rank: 559
warp.media.net — Cisco Umbrella Rank: 2230
cs.media.net — Cisco Umbrella Rank: 1318
lg3.media.net — Cisco Umbrella Rank: 3643
172 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15327
e3.adpushup.com — Cisco Umbrella Rank: 16605
aplogger.adpushup.com — Cisco Umbrella Rank: 16434
216 KB
10 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13567
us-u.openx.net — Cisco Umbrella Rank: 396
u.openx.net
3 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
217 KB
9 yandex.ru
an.yandex.ru
2 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum.casalemedia.com Failed
7 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
4 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
r.turn.com
3 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com
44 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 97372
2 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
4 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22529
ads.as.criteo.com — Cisco Umbrella Rank: 17083
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17485
gum.criteo.com
46 KB
6 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com
pixel-eu.rubiconproject.com Failed
pixel.rubiconproject.com Failed
13 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
cms.quantserve.com — Cisco Umbrella Rank: 1020
12 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30433
sync.aralego.com — Cisco Umbrella Rank: 3193
4 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
219 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9047
45 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
assets.a-mo.net
18 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
sync.teads.tv
768 B
2 mathtag.com
tags.mathtag.com
sync.mathtag.com Failed
659 B
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3148
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
74 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
2 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 364903
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
1011 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 654
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 14734
11 KB
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 985
67 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 658
468 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1018
786 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4584
612 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
714 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
399 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ups.analytics.yahoo.com Failed
746 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 64791
715 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 157666
358 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
744 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1527
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
550 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
681 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209
519 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1646
public.servenobid.com Failed
552 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7910
396 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 ampproject.net
d-27024444544096431478.ampproject.net
0 bing.com Failed
c.bing.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
0 deployads.com Failed
c.deployads.com Failed
0 lijit.com Failed
ap.lijit.com Failed
0 adform.net Failed
cm.adform.net Failed
0 a-mx.com Failed
id.a-mx.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 pubmatic.com Failed
image8.pubmatic.com Failed
ow.pubmatic.com Failed
0 rlcdn.com Failed
id.rlcdn.com Failed
0 smartadserver.com Failed
ssbsync-global.smartadserver.com Failed
0 ladsp.jp Failed
cr-p3.ladsp.jp Failed
0 socdm.com Failed
tg.socdm.com Failed
0 indexww.com Failed
js-sec.indexww.com Failed
410 66
Domain Requested by
55 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
www.googletagservices.com
45 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
www.bg3.co
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
eb2.3lift.com
35 s0.2mdn.net www.bg3.co
googleads.g.doubleclick.net
s0.2mdn.net
35 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
pagead2.googlesyndication.com
13 static.bg3.co www.bg3.co
12 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
11 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 an.yandex.ru 6 redirects www.bg3.co
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
9 static.criteo.net cdn.adpushup.com
static.criteo.net
ads.as.criteo.com
8 match.adsrvr.org 7 redirects cdn.adpushup.com
eb2.3lift.com
8 adservice.google.com pagead2.googlesyndication.com
cdn.ampproject.org
securepubads.g.doubleclick.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 pix.as.criteo.net ads.as.criteo.com
6 b1sync.zemanta.com 6 redirects eb2.3lift.com
6 ib.adnxs.com 2 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
prebid.a-mo.net
6 e3.adpushup.com www.bg3.co
5 us-u.openx.net 1 redirects googleads.g.doubleclick.net
u.openx.net
5 googleads4.g.doubleclick.net www.bg3.co
5 www.googletagservices.com googleads.g.doubleclick.net
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 ad.turn.com 4 redirects
4 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
4 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 r.turn.com 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
3 cs.media.net 2 redirects contextual.media.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
prebid.a-mo.net
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 eb2.3lift.com 1 redirects cdn.adpushup.com
eb2.3lift.com
2 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
2 gum.criteo.com cdn.adpushup.com
2 tags.mathtag.com 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
www.bg3.co
2 csm.as.criteo.net ads.as.criteo.com
2 ad.doubleclick.net 1 redirects ads.as.criteo.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
2 sync-dsp.ad-m.asia 2 redirects
2 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
2 aplogger.adpushup.com cdn.adpushup.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 onetag-sys.com cdn.adpushup.com
onetag-sys.com
2 prebid.a-mo.net cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 assets.a-mo.net prebid.a-mo.net
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 ads.as.criteo.com 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 cs.emxdgt.com googleads.g.doubleclick.net
1 ads.yieldmo.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 fksnk.com 1 redirects
1 um.simpli.fi 1 redirects
1 match.sharethrough.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects eb2.3lift.com
1 sync.fout.jp 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 px.ads.linkedin.com 1 redirects eb2.3lift.com
1 warp.media.net googleads.g.doubleclick.net
1 qsearch-a.akamaihd.net www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 37764eb65ec5a60cdb53450f3b65878b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 5fc11ef87d23e5599d55f28144193363.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-27024444544096431478.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 c.bing.com Failed eb2.3lift.com
0 s.amazon-adsystem.com Failed eb2.3lift.com
0 ow.pubmatic.com Failed prebid.a-mo.net
0 c.deployads.com Failed prebid.a-mo.net
0 ap.lijit.com Failed prebid.a-mo.net
0 ssum.casalemedia.com Failed prebid.a-mo.net
0 cm.adform.net Failed prebid.a-mo.net
0 id.a-mx.com Failed prebid.a-mo.net
0 x.bidswitch.net Failed onetag-sys.com
prebid.a-mo.net
eb2.3lift.com
0 ups.analytics.yahoo.com Failed onetag-sys.com
prebid.a-mo.net
0 image8.pubmatic.com Failed onetag-sys.com
prebid.a-mo.net
0 id.rlcdn.com Failed onetag-sys.com
0 ssbsync-global.smartadserver.com Failed onetag-sys.com
prebid.a-mo.net
0 pixel.rubiconproject.com Failed onetag-sys.com
prebid.a-mo.net
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
0 sync.mathtag.com Failed onetag-sys.com
0 cr-p3.ladsp.jp Failed u.openx.net
0 tg.socdm.com Failed u.openx.net
0 js-sec.indexww.com Failed cdn.adpushup.com
0 public.servenobid.com Failed cdn.adpushup.com
410 109

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Frame ID: E393F8E318901787AFADEBCDE26DBAB4
Requests: 91 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 8AB7BA6D11E5F624D889CAAFC5DB3162
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 93D80A00DBB599F885E19DC79C883C7F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 03680B98CCECB46701BFBC6214288159
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: AF285D02CB22C3D89A704AA9CD557D57
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 59DDCBFE9D5125DF9921DF2EB25B3AFA
Requests: 7 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 7E7F7F855391004835E5D31B945D7EA4
Requests: 7 HTTP requests in this frame

Frame: https://5fc11ef87d23e5599d55f28144193363.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B74723FC5F96A6B997CD75C98B7DD830
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5386247671147167997&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2769&oid=2&is_amp=5&amp_v=2208242209000&d_imp=1&c=256004062&ga_cid=amp-yxTs2cBIc5SB-MlaeZDT6A&ga_hid=4062&dt=1663501989571&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&bdt=3419&dtd=29&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 5865C2BB1D5421E33A842F3DC0524C82
Requests: 1 HTTP requests in this frame

Frame: https://37764eb65ec5a60cdb53450f3b65878b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F2208D43FD2BA155F36E55719BE0EA3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Frame ID: 5E5CC40BB7A90FFC4C4D89624AF4F447
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Frame ID: 290D60D5F6D56F4C61CFA7FBD35746A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AEA997A067DA03B4250B11EF951AD2CF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AAE1B624F1593045E6C72820BB753267
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F96BE4060C849D9C145956FB4F4B49D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92C449B37B9ED9ECC118FFF4A765DCF0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxCei3sY05iRyAEwAQ&v=APEucNV9pwzSquhteKUiRkLNyvjxq6xUJ6MVagXy9T_hNd8g6nyNwukCQsCGAm99tTOunr5pTPzs4Df4erwaXS5LtNzBbZJPfA
Frame ID: 0CE252B3C6CCD4757FA52426314E2F81
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CInl1fBdEPZpTxqDEAbD_vQEHcz8b2LBry2uC7ZYdjO13wmjcxrUnWzz12Eq-ztoEI1KQQbAdkYw9tFjvhwPIummp3yeEuKZHzv-LCKVNPmvBAWHhMQ8hHsmdOW7V0OmfloqvqlfeLua4JodjD2BtxWXa4oQ&cry=1&dbm_d=AKAmf-AH6EvkmjrR6__4KOozF9qHKULl2z2f2gapRiGBnY4F9d0I5wWZW5lMYRB6TL2hjw5eJGPvmg14KxZoiZBA6rSVHcf0lp_RUazu9oyu-VG6Cw4kkDZ9n6EFeQDbymD4w018jdTOFDZ0pDUA3JFXO5GyZa0-I5T43bnft8-6o3T9BQZRhMrUCMoKmioAs04RlEuFYNMQj-K1KMeM3zeiXCsVIiGnZWwLLdg2bjHgn9y4XD0maWKzEsYeYmycn-RXtez5lXinhVFeiiXCrrUweL653B85qDRPpTQhQYTxmx2_91jBkHbsRQ7GfCyGeE3uW2qqJf7KIhRsebA5AxcYQGiShWBes4Ihqoq1FRxvAMsPsEtkOkWoudWhn--B5v5J_yahyNr0bLc25biguHkKgz0TCgyHEZ-fqXdcoSWiOXRNlahAup2_2qij_njyPXQJ0sZBasxBT14Os6SfBvrdaAsbsckuuJLfJpHG5LAAR_5WPLvsrmmOvLcp9FrNasfWZB2BN-N-BsXfvzFgoMGqDKWymMRolOXqPZdQrSfJ0RqAjiJSTGTQmEr1wG1WwAcYhIOou_BgzsxrGnxWmDJl_ZYB30WNB6BzlydTWSh9_24WupbjYajFyfLzPBMyqPD0NZSqwhoNRLbPhT3xOVUdrIe7DJzmZ-m4qS6quAqvngxsLpRyrFCxHw-0c68QbhkfaGoQQHtTWKNA5tbXIYTxfQleTh7NzKQxRmI49Nrlj259xw85nRebxzZh9fzX_sdEpbbup6APsbniMirPBmDZVjRXBUNUHbzXWEawRTC7CH5d_wv60CrDwtQLsO26zjCA-r0lHa4d9Y4NZO7emHN7DGiSN2UZWF3sGL5wLqPmZvxyjEH9Hb2dZtPV5ariynYt5I7UFCi0XGJ2Qglzj7VCfK7HRXXbQygQ1IxJJShnpCKuZCHG55lY-3nfv3CmSBbYP6yYVi7uzeODV3y8DTao-GKzzkcGWRMlW_Q65_ygEOO7R_PsrSw4DdDt9q_UDwI90qbzpeuCRUaQPv1CSVCZoD1v1pujLm2vJpc4Q36nBS-p6zCHC4XLsdY9f9Yhn8p74HAWSdoOz0A7S1H5W6QFkBIc1zJzVUEhhch3elaJQNwNJCCrQmQ8Ag1QUNXJg2Hy73dXoAB5hFFqGNuHH_TipZE25pSQGJDYjsUVhILm7OFW6jS02MFY2O-Fy_fnZnLY59jSfTs3glzaSQ_7sYng2ljnllKJqs-jOjs9gAnQGGoMr1G5gHyPtHuuo6oXOJdm_1QLsGKMYr8Pxunp3FT_qxracgKCHOlMlqwhEoGpvJfSPWF-xFjceDyeIwkjpCEZ10q4EO98-UBMJpZgO10Raz_kAOLSSiBqPxEKU805ji2Q22yTx4TkoDi8fBd_gC6AYdWdkn8U-VUO334A-3_AC7oqI4N3IHM93TAveYS9rGfjt6R0F190Ix-MEwdTZRQ_0ogCzr1Le5pe25YBSb1QgjiEdZW6ou2fP8NHWpNUN0uo74FopK5yc51UM6YtCX2V--FM1XkQg_D5Sijw5joDP1BGsNl4OWmG36TDhjHuK1jeZG6nF6I3lIs9tyCmxBiZ6aPE_2TpOQ9nSDibWElygFM-_HO2XHQp7GAC0Ln9s9koGOPE87rox-_9QmEJj8P7lib_H5FlJ8JgN9Pzrpd6Ym_OISO7bOu6uaEEKXFHWRqmSE960iwhZyEZsKBMblpxFqr5NuHvLY7P8VLR5vpfKW_IAbY4e5iuygEell3wJiNWp3AWMGKU7oznB5bHhqAEgicY5QrnxZDzLH0xg9mLMIq6EoY-sobf1tQsYvFkInnOJncMdaC2CvuWV2nDyx1cpIvxybpO37MxXFhrHmJ3DUMv2FzN35LqmWYikxe0jc3VsEcEqb76V0akw8rNoOpIk_ZMnCmwoa46rfZHsL5MoXpd0wPaWOSmlf5HevPBmtdA3SzC5OnE-WjSQcCuWZvcTbaedK3gQ23WuYAjL4wupo_kIL7cVmhYIdgLB3xdD98Mz4W_XeOsx8E8XJGTst7DT7loKSVh84YAqHIcyWI-wf5mikuq34XL_ejnP4BKWN5AF2eXS07zsYUGMn14UEJUGD6ZWSpZH0jWh4HVzIY4BN7T15M0pDQ0oEDuIc38kA2LSQJUbwxOW3si7y2FStHKfyaKje463GJCv0yosDAuOFs8R0DrftkK4yh5v1SLzwt1inLby5O-28xBIjk6GyP0ksDQO6MsueI0JbL30VAwxLog_T22sqjK0KSljOKFh3S58O93M1fncv9qsS-XZ5Ood03Fho6XZRB9TOsgSEpgp3jdtjMrCYuWk_pRYmUvZQxo-kbK8oEySVzxpSbx5B4wHrc31h_7tWmEtWjk4QiufZkECPUT2833Cag-dAaE7dMMKUHG5oRKPF1dM1h2w-aCVu4AZr81omWC1x5X5_paFUl3SxYDV-_tNAN1rpDx-75vrCPLc1-UR2VkolRj8J_tJxYppnHUywrJzZOthn0sXx0r6HejL2a2ZqIhJ5b4IehZf_QjqcpCEmIn1xVDT-JuKCsBkMadSoUC-Tc1FPgKGl_DpQdcSTColUjOi7ojj0TYAaEXKiYOZCD2Ev4ZzfukbVyBcjFnaBzZ3nUgWQUxZfoOo4xKWwvWyREHtTHsOWqWAVH2W8qE2glvM5UTEzAvJMQr_W3-IEa6Nlo9pSxz4slVlKZiHtIvXYuUAaTA3TbL4LLxQ_s-TguEur2ozhBnKLAv_whYnWn6k2oYikHK3gib_Pf-HcNlVZ-ltRV4F4f1xrQrvoaHv51jsK6S4tEcxsqHvIFbs4F1Sz0hPry-TICGOXWzBNaHF9LNxtsrLTRi70S5tnhEbv8fk1w44ipnsaNSHBBT5P4yu9gdIovSQvPnkg9Fna21Kh0BGGgrIIGcRl3YM2u1CREIkgHEwIqXNBOwbkXKzLfWkm5S9vv2PtGd0Ywz6x99X-Jz2QF0K20EWiqzeGMcofq9MLeXbwhKdqguN0LxkOxplSiTJE_O3h4NieI2tPgQg5ns-DYdoSJjvSkuon1b3iKgPK0MPCio14uvIvi_DRNRnIhApQzLGh_9BGl4g339sEoNDL8XE4olA8gQ8xCdwWNDTowmdy8oUC6TRsa3eyp9tj5KD9OIaE1G5ZzT3BAIZ5zdtAbnIncVG8GGGuSmqXsqtSpmNO9idNSEQa7Wm0iR2WcGEmGul9MxIyfk1A8gLS0nRjaH-4SXx3NX7Txq79KGFV-jPLlbJ08yp7yjhyKGfBeYNKqkNnABf2QevBDTfgguZHJnd2AweKbisqU2cALN3kt7olBwbbAwt0AoI0hPhDGsfmwuOAacEgY3WBRvbjS3QwLQCuCWfKTqZbRIzSOj9PkR0CigpuMS1wkaKbYXtF6iqbR7i410HkY3u8tSlX-Szq64GwPV_OTzNb8&cid=CAASEuRoAm88AKy9EoWVNR09QqOSzw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Frame ID: 466B3F2302B5D19B343C79B242870E62
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CDjTypwYnY6ndGo7_tOUPsPG9gAms1_3wZLT2qJPiC8CNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoE1QFP0MfTEDWScC9T30bWMWsXXcM5eUjaAS8VRvGRastfIE5HqWI0STEOwk7WTL4LOo5I2TUroVY4oVZOUFqaIfT0Ay2dvKt5ojMnORC2wBZu7J2lbCeQMP98FGPWLi9gALoWJal5W2zEWWAps9GykYUiVHGixELssjW57n6RBAvnVjsUJDSVgV2pHZGC1JsFPMGRFJ_W44qK_m1KEr-H4KlPQjR8N2sx22L-xC3DFb5tJPJezqMX7WIKEWepdYifEwGr3oKqTZsW71W0wK3xEhidAJv1gBSABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=OVx-Hdr_F7E&uach_m=[UACH]&cid=CAQSKQCsnQUxKoLkSD7UOXUt1Ds8VvEFH8H3YfJSOnf21aNt3_w3619byd78GAE
Frame ID: 577043BBE2FD941F2DBE103403C78D9B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB8CA0520AD3CDCD125024C4E96542A5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BF3DF356BDCBC40405AA2C83A61EACA8
Requests: 3 HTTP requests in this frame

Frame: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2F52E91A633F81BA452677E1659C3141
Requests: 1 HTTP requests in this frame

Frame: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 310288E3D32B69D8BBE9924AE8992B1A
Requests: 15 HTTP requests in this frame

Frame: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8C2D5A628D767AD10394829F44CE21DE
Requests: 16 HTTP requests in this frame

Frame: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E62149B18FF576BE81BF72031463C040
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 1CC1714C22D39FA79926D674E2180824
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B7237330DA620B9A45D3D4A1D9C91E49
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVpVSoAFY2n14PNkA4PDtNXy0IHoCcHuQw11_L70jQOy_QstZMJR3A26wKoZnNuFtrIHIM7wC95g4A5Q58uA6KvKbJ2qw
Frame ID: 340BD49D2236B2DB08F4BA2DBA3F6398
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNUV1TNXqS6C1-4__fL8HlOHgJNPztat65mF2Ho-zpDDX-R3dca2C3M2JZbuKnyWJk66dsJtBo5UmCR8400_XmfOOZ5CIQ
Frame ID: 608EAE0EBC46F82C2F9E6E0333A6F7B6
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: B3678BA79C83802465CDD2B0935B934D
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 17C373EBA3BE569440CCB66FF8E60E38
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 89BC55DF39F84ACACC37B80ADD67DB4E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11D5EEFF9CC5F7CD3E4A7AE6F8FD2FEA
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Frame ID: CBB129BDD87DA0941D7CF9BA60ED3511
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31ABC46EB7E7DDE83840418B4033CEBA
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 139B04BE0DD5B2A0AE85C58122E8209F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D6B378DCC960EFAB5BDFD504219A4DC2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/5449675/1662958221883/index.html
Frame ID: DB4CC7237D50948062512730C3F71CC8
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/5449675/1662958233195/index.html
Frame ID: 6A305B963E2D1D614795B043CFB4A5FB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CD54A530881429DFEBF76BE6086FD5D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED029A0B94CBA2E48843067881A419E8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E5C5B3FD0F50D871A1CFF5E5267D330
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA7974422384EA474BFA0BB4E860BD3E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF778A4D81A84B4E9908B495DE6DFBA6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0E3769F2AAF4786F3549C3AF97EEB4ED
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 598244E8924F9D14B240B7DF5551A717
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DE4E5B20581CAB3021CC6F60FE8742C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C75D63A8B7A6E0EC870CE47A6DBCCF28
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 1161B7E0A599443FF1FDF8FF62685E89
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663501990693
Frame ID: E942C3AC7C6A62D1F2CFEAC90C145C00
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 33A42E6B24E7942E0A791AA21001D567
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: F11C5E66AC05D18C3CD5A57BC3EAE214
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 15338A7B3E7A25ABF8AD0864C03757A6
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: D039C67770F31CBFD3DC6C07638B08BD
Requests: 16 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: A5838B935C6F42A884A81F6D2985F0D4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7B5BB64ACA449544A1290D468E945E8D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

電支電票2合1草案有4大效益 開放外籍移工小額匯兌業務 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

410
Requests

79 %
HTTPS

0 %
IPv6

66
Domains

109
Subdomains

69
IPs

8
Countries

4345 kB
Transfer

11630 kB
Size

53
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 57
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663501989&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501988493&bpp=13&bdt=1482&idt=550&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=255364534115&frm=23&ife=1&pv=2&ga_vid=535325553.1663501989&ga_sid=1663501989&ga_hid=1451752839&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=209518722&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31068920&oid=2&pvsid=157479556674864&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5o7wgt5dlbv4&fsb=1&dtd=566 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 62
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663501989&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501988514&bpp=11&bdt=1487&idt=628&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=255364534115&frm=23&ife=1&pv=1&ga_vid=1834627869.1663501989&ga_sid=1663501989&ga_hid=808022095&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2071&biw=1600&bih=1200&isw=336&ish=280&ifk=4149694898&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773614%2C31069178%2C44771548&oid=2&pvsid=3454223381071077&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aydsf2km2si3&btvi=1&fsb=1&dtd=644 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
Request Chain 143
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YycGqLxojSekcSNyIbgYZQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFCViTPbgoARqQbUcDD_6lk&google_cver=1
Request Chain 145
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxODY0ODg3NjE4OTE0OTkzOQ%3D%3D
Request Chain 165
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENKJLPyydGnr7T2_xgdbLYU&google_cver=1&google_push=AZmPxg_-p8R5nBwBXrnqrwQcJhRStV_ab7DhoRDTfqhQQHYJszoohae-NXQEdL15mSjwClTgYPPIhB8Y_tRGsnkYozmsSygIQr2_pEy3nkFMFfPSRIqY1vkDdGJz9ec3WdnVddG4fgt39dA7YjXJOhNq72o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_-p8R5nBwBXrnqrwQcJhRStV_ab7DhoRDTfqhQQHYJszoohae-NXQEdL15mSjwClTgYPPIhB8Y_tRGsnkYozmsSygIQr2_pEy3nkFMFfPSRIqY1vkDdGJz9ec3WdnVddG4fgt39dA7YjXJOhNq72o
Request Chain 166
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEFYdvXgPLY54YliKnEmpCU4&google_cver=1&google_push=AZmPxg_mZShx0MpFhyOmy5QQ7DskwYppfVGZg_ZNbGLdmUdc5Um0MTvw4wjm632uJUTjEairWlmqodPHl9SdYzIXajmNcMKD2rvDhW-584wBNhD4ll7YtWAFSOfdtZrGX_9J1BNdxGUpshGBuQHNH5jocOo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg_mZShx0MpFhyOmy5QQ7DskwYppfVGZg_ZNbGLdmUdc5Um0MTvw4wjm632uJUTjEairWlmqodPHl9SdYzIXajmNcMKD2rvDhW-584wBNhD4ll7YtWAFSOfdtZrGX_9J1BNdxGUpshGBuQHNH5jocOo
Request Chain 167
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEEplTL5ePFDn4198bvQ5b_c&google_cver=1&google_push=AZmPxg-rpsD3Y76uGw9eSK13WeB_2uIbAxpYM6OEho58CF3ITLmaSTdFJByGA8nWWS5XMCGRSws5ruP48jP69lwfpInu8piCpnpnvN00vt37iMdJABKIatUrUw46YT0xfVnkFXWrY57TAiBckNHrY06P7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-rpsD3Y76uGw9eSK13WeB_2uIbAxpYM6OEho58CF3ITLmaSTdFJByGA8nWWS5XMCGRSws5ruP48jP69lwfpInu8piCpnpnvN00vt37iMdJABKIatUrUw46YT0xfVnkFXWrY57TAiBckNHrY06P7A&google_hm=M29zTzM0WTlkQzl1UVNzMDJZTnI0X21WeUdF&from_google=sp1
Request Chain 168
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ9U5VdyC4DJNVfBLHNxwiQ&google_cver=1&google_push=AZmPxg-MgbK-r6t8_tSfkQVQMcEvgE8WCqAL0esapDZDu-InCKntpJIA5zPSugIGtMvezZOWa-0KUlVbbSiwRT1u9PGT_taRmSTsswD3MbnA1pqGRqu3mpiX9C8rMwU56oGnmxDGN0jC_8MszEkkDPqyGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-MgbK-r6t8_tSfkQVQMcEvgE8WCqAL0esapDZDu-InCKntpJIA5zPSugIGtMvezZOWa-0KUlVbbSiwRT1u9PGT_taRmSTsswD3MbnA1pqGRqu3mpiX9C8rMwU56oGnmxDGN0jC_8MszEkkDPqyGQ&google_hm=NDIxNjE1ODkyNzE1MjkxMjQ0OA%3D%3D
Request Chain 169
  • https://cs.media.net/cksync?type=g&google_gid=CAESEITyfuQsh-AUJFCn6kYu5WA&google_cver=1&google_push=AZmPxg9qd5fjJNBH32U3KyvRIkNkftKR95qxBbdV-Lx6YiMSMA0Z3GlgLJ_ugD85Xj8f9jaSmrfiMyXAE_aaqz6ZyohLxpDbmaBqUxcu_kF9u9oZLYia0jMXq8GPmzUYEV6POOITui7eqNtqSQFv5pJ-XiE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&mn_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9qd5fjJNBH32U3KyvRIkNkftKR95qxBbdV-Lx6YiMSMA0Z3GlgLJ_ugD85Xj8f9jaSmrfiMyXAE_aaqz6ZyohLxpDbmaBqUxcu_kF9u9oZLYia0jMXq8GPmzUYEV6POOITui7eqNtqSQFv5pJ-XiE&gdpr=&gdpr_consent=
Request Chain 170
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJ_74M3YijO7aqdAo4GQuEQ&google_cver=1&google_push=AZmPxg91t_0ot73TQHZXyqImPkF-_599xSdFx0EP2za37qAXXDwoNBll9AF8zlM0PHSPgiH70brni_2idQSeZHApeM22JNJnFvJQwDabMpw6xcAylRIHZh-bQrlMgjjvOPWCjfJtyuznXiK54T07gazw3Zf7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmQzZWY2ZDktYmQ4NS00ODBlLWFlZWQtNWJhZjQwODkwNTU5&google_push=AZmPxg91t_0ot73TQHZXyqImPkF-_599xSdFx0EP2za37qAXXDwoNBll9AF8zlM0PHSPgiH70brni_2idQSeZHApeM22JNJnFvJQwDabMpw6xcAylRIHZh-bQrlMgjjvOPWCjfJtyuznXiK54T07gazw3Zf7
Request Chain 171
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJC-u5tOwIgK1ibFvnOC8lg&google_cver=1&google_push=AZmPxg_0iddUCcRosEu5QO1z-6pRdgNfTjXDWA9HcogxI2KnxP7iksnYCyFkwezobbGpqJk7NXKmFP-Bv16bkOwoHNfXHA5ivt-SPO6UMOgHbBJaH0DuPSSzusFs240-47JcivM1B08iXCyVSPc3UQmlQePZ HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJC-u5tOwIgK1ibFvnOC8lg&google_cver=1&google_push=AZmPxg_0iddUCcRosEu5QO1z-6pRdgNfTjXDWA9HcogxI2KnxP7iksnYCyFkwezobbGpqJk7NXKmFP-Bv16bkOwoHNfXHA5ivt-SPO6UMOgHbBJaH0DuPSSzusFs240-47JcivM1B08iXCyVSPc3UQmlQePZ&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg_0iddUCcRosEu5QO1z-6pRdgNfTjXDWA9HcogxI2KnxP7iksnYCyFkwezobbGpqJk7NXKmFP-Bv16bkOwoHNfXHA5ivt-SPO6UMOgHbBJaH0DuPSSzusFs240-47JcivM1B08iXCyVSPc3UQmlQePZ&google_hm=bFRGYjBSc2s2Qw==&suid-set=1
Request Chain 205
  • https://um.simpli.fi/gp_match?google_gid=CAESEMXlVZrHn4cPkXkw3a8DOgQ&google_cver=1&google_push=AZmPxg9kh9rRKvmQwgdCbwWeAvd94-o2DfnVkP7BUUVSLDUtcjmoek6IammdF9uVmiCUeqqGzgYfnv6AqxcmDiwcN9-JqYF4N_aE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EC78DCF93BB49888AA721027B3C8EE7&google_push=AZmPxg9kh9rRKvmQwgdCbwWeAvd94-o2DfnVkP7BUUVSLDUtcjmoek6IammdF9uVmiCUeqqGzgYfnv6AqxcmDiwcN9-JqYF4N_aE
Request Chain 206
  • https://fksnk.com/cs/google?google_gid=CAESELdgVFXt-k27Ar5d_dk55Mg&google_cver=1&google_push=AZmPxg9LW1UxzMoA2LAuzLEAWYd3e2hzg0tHyt9mKF_JQCka-0AIRut2svKLMvUJLRysXD8d6A9iNobXqs_C1OWNHPQLKEo-UcI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjM1NzlDRDJGNzdFMjFGRQ==
Request Chain 207
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg_PhqB7SXEkPhft_OP47gtaVM5MJ3rCcGdtgPhM4-LEAl_pBSAWYYHFPnxCa5H9xdHbqiVcg9QBHEyRxbZAC5y3wZj0nRJM%26google_hm%3D%5BUID%5D&google_gid=CAESEMNZOrkVbf5PqAlPfMhf31k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg_PhqB7SXEkPhft_OP47gtaVM5MJ3rCcGdtgPhM4-LEAl_pBSAWYYHFPnxCa5H9xdHbqiVcg9QBHEyRxbZAC5y3wZj0nRJM&google_hm=c1e86ae9-3071-4ad4-a118-a3da78b9052c
Request Chain 208
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELeH20p-2eWs8HKtHYvZvHg&google_cver=1&google_push=AZmPxg92ZxBsLuxh42AmZq7FFak7VuJwnLbiGwSWaeIiiM8l7eX35e3-be74flqNYzKspp9OumTAvwhqQMU0jQ1uuJXv8RgibH0I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg92ZxBsLuxh42AmZq7FFak7VuJwnLbiGwSWaeIiiM8l7eX35e3-be74flqNYzKspp9OumTAvwhqQMU0jQ1uuJXv8RgibH0I&google_hm=ZzRkZDI0Y2ZiMWFkYmQyY2MxOGI=
Request Chain 209
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMqthPcL_evvutNPqMl4vw8&google_cver=1&google_push=AZmPxg-ay8DxJPt_cLyFBuSECvZ7E1GXtuEbck9NEOn65bbC52P6mvOSMkb9H_FZAe0TtDtOOMeC9BlcweOon3Ys21Jpu5LSvBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&mn_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-ay8DxJPt_cLyFBuSECvZ7E1GXtuEbck9NEOn65bbC52P6mvOSMkb9H_FZAe0TtDtOOMeC9BlcweOon3Ys21Jpu5LSvBA&gdpr=&gdpr_consent=
Request Chain 221
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
Request Chain 223
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YycGqLxojSekcSNyIbgYZQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFCViTPbgoARqQbUcDD_6lk&google_cver=1
Request Chain 225
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxODY0ODg3NjE4OTE0OTkzOQ%3D%3D
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnQPFsNtFqhT26TCEGBV_g&google_cver=1
Request Chain 227
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZjNmNlMmMtNzg2Yy0yZjhjLWU4MzQtZmQwYmQ3NGFhYjA1
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOHLfa54oOynkH-ezNxViqs&google_cver=1
Request Chain 229
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjFhMWM1OTQtZGM1NS00OThhLWEwZGEtZmJlNTgwNmVkODkz
Request Chain 230
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1&google_push=AZmPxg85gtDutuVDs3ffm-IsNtyvlV-kLhb-ODq5oL5q6ndtLqYl3fn2JH1wVpl-5X66yO5o7lSuXI0b5U_cunyqHAQTFonzehVWkgjzPOra__ca-SMETidfHfUeaavWaWTySjyrNq1x6W5YTzkqmSGV-Io HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzcxNTY2MzMwNTIwNjMzODIyOQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
Request Chain 231
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPZdQuN9m82yrV8aT_d_Huo&google_cver=1&google_push=AZmPxg9UAfcMpBumF5S8-bkgXoqDbAM-q_XH_T-Sg79jIGOqjUEMHHD9zne0w4N0fQiAiUDlSkL1zATW2ruzVU8LwvhvLxcaw7WLOvPNGA9GZLO0EG_adj5j_N3eQBuUo_Z9MOYmptO1RqyECiK0PMWSLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg9UAfcMpBumF5S8-bkgXoqDbAM-q_XH_T-Sg79jIGOqjUEMHHD9zne0w4N0fQiAiUDlSkL1zATW2ruzVU8LwvhvLxcaw7WLOvPNGA9GZLO0EG_adj5j_N3eQBuUo_Z9MOYmptO1RqyECiK0PMWSLA&google_hm=xPg59OkY-VHcCFpZGazY4w
Request Chain 232
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEXRWMT1mYiIW53bIQgdf4w&google_cver=1&google_push=AZmPxg_IR5Ym6RhK9J7LmjgTWd27yccVIloofKbQiGJPAJ2ITW3ajBGWphqs4pYiwHekwJm1HXcu0mCpvSy04uxBMxTtDE0brt4vmLD2haF17g_J98y4b1Dv_2etMzpQUsUCfWhNZkffEPA--aZUpTYj-Jw HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEEXRWMT1mYiIW53bIQgdf4w&google_cver=1&google_push=AZmPxg_IR5Ym6RhK9J7LmjgTWd27yccVIloofKbQiGJPAJ2ITW3ajBGWphqs4pYiwHekwJm1HXcu0mCpvSy04uxBMxTtDE0brt4vmLD2haF17g_J98y4b1Dv_2etMzpQUsUCfWhNZkffEPA--aZUpTYj-Jw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
Request Chain 233
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_cver=1&google_push=AZmPxg9HD7pL56Rb30bs4ixsK9nPF4bXiCGSMjIXiKjDZ8L8Uu4dy1mGIOD9dfL2zeJ_XmOPlK0CnmRToR9aNqJtwLL-GWd9qi-1y7xs_etW8HG6OzElshhLWnbfMwkp4WxY2fIGE7Ii9rxBDDKiMGazrGA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_push=AZmPxg9HD7pL56Rb30bs4ixsK9nPF4bXiCGSMjIXiKjDZ8L8Uu4dy1mGIOD9dfL2zeJ_XmOPlK0CnmRToR9aNqJtwLL-GWd9qi-1y7xs_etW8HG6OzElshhLWnbfMwkp4WxY2fIGE7Ii9rxBDDKiMGazrGA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9HD7pL56Rb30bs4ixsK9nPF4bXiCGSMjIXiKjDZ8L8Uu4dy1mGIOD9dfL2zeJ_XmOPlK0CnmRToR9aNqJtwLL-GWd9qi-1y7xs_etW8HG6OzElshhLWnbfMwkp4WxY2fIGE7Ii9rxBDDKiMGazrGA&google_hm=WmZKZ3NMSGJCNEpEYkdkbGhGVVI=
Request Chain 234
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?ext-param=AZmPxg-TxfTdFDAFHypFoGj3TDlJDEuZknUUhX0xJyYEGMwBl1oJle1keF3rHMqjE6DtSSQC1nkZU0UMFY4izurs5Geh_stsVi557AZS_1OhNTLEgry_zI2eHFdXGhuoMV16snXHxv59fxrq_ORiluTL8OQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?redir-setuniq=1&ext-param=AZmPxg-TxfTdFDAFHypFoGj3TDlJDEuZknUUhX0xJyYEGMwBl1oJle1keF3rHMqjE6DtSSQC1nkZU0UMFY4izurs5Geh_stsVi557AZS_1OhNTLEgry_zI2eHFdXGhuoMV16snXHxv59fxrq_ORiluTL8OQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAb9deHlMXo4pTttEFrAJSA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 259
  • https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=632706a90efdd66aedda031b5f737327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_pre=CP7-_OujnvoCFQQD1QodRtwPDw;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=632706a90efdd66aedda031b5f737327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=
Request Chain 263
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1&google_push=AZmPxg9qsd7u6iRGuJubV5vxWvCuyTxbPWENdzG7VMuctvXo06w6DmouwhwRjHFO6X_J-ePLbzvQtExfBt2wd2sJqwUeN403xMqwmBQ2LNGKXlFxEJADWNbbqCE05H2LUha9FsACHPRIis8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY0MzYwNTcxMTE2ODQxMDI5Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
Request Chain 264
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPZdQuN9m82yrV8aT_d_Huo&google_cver=1&google_push=AZmPxg_XmqkxVIG8-Dfi1wZXbk6YO1PnA6ahJcxWvLUjdPJD_SUYZ_aK9GxR1GaAvirT0WzfK1xFwYWs5RTXbb9kUAu6jUxHuA_kK6KXxdPehyrGWMolH5FaW_dufvuLycI6nQJfrDNdlMY HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg_XmqkxVIG8-Dfi1wZXbk6YO1PnA6ahJcxWvLUjdPJD_SUYZ_aK9GxR1GaAvirT0WzfK1xFwYWs5RTXbb9kUAu6jUxHuA_kK6KXxdPehyrGWMolH5FaW_dufvuLycI6nQJfrDNdlMY&google_hm=xPg59OkY-VHcCFpZGazY4w
Request Chain 265
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEXRWMT1mYiIW53bIQgdf4w&google_cver=1&google_push=AZmPxg-SpQalhyntWaK75iObc5I2OUyvKkRO-hbylDk7riDORVdndOElR2AVX5xyzFJmmcbMHl7vfkuAlbn3jIRLM1u4kaZBceHxFIJEC8bX2QXeF4_rWhw7NObgG0Wg2-MomdBI3oUgHm0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
Request Chain 266
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_cver=1&google_push=AZmPxg-TTUo__pbjrvM-qoRmIM5sbJ6h8CB000teZ-zUoADKPWKkMq6dPb1gjcBDm_hDgN2J73dg2cBBtHBl0ttvekxu2ARF5219-tnu8yvTbNRp1TOPx_FMG8XC53m0QMB7mrDBoc5SXg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_push=AZmPxg-TTUo__pbjrvM-qoRmIM5sbJ6h8CB000teZ-zUoADKPWKkMq6dPb1gjcBDm_hDgN2J73dg2cBBtHBl0ttvekxu2ARF5219-tnu8yvTbNRp1TOPx_FMG8XC53m0QMB7mrDBoc5SXg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-TTUo__pbjrvM-qoRmIM5sbJ6h8CB000teZ-zUoADKPWKkMq6dPb1gjcBDm_hDgN2J73dg2cBBtHBl0ttvekxu2ARF5219-tnu8yvTbNRp1TOPx_FMG8XC53m0QMB7mrDBoc5SXg&google_hm=bUNZZTRpQkIyeWlacXc5MnhUdEY=
Request Chain 267
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?ext-param=AZmPxg-n0X1vyKaIroHjqifWMS9eh1xoIW8NeHpFEJfpoFwGFi0ApTbQG6JSlpIK_hKthNiMXVREDfItKzDjSUTBccNHEt88nfdxd6MvrN0cabpgy_EaTBPo1b3wLewVr2-ATLfkShwbBWZA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?redir-setuniq=1&ext-param=AZmPxg-n0X1vyKaIroHjqifWMS9eh1xoIW8NeHpFEJfpoFwGFi0ApTbQG6JSlpIK_hKthNiMXVREDfItKzDjSUTBccNHEt88nfdxd6MvrN0cabpgy_EaTBPo1b3wLewVr2-ATLfkShwbBWZA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAb9deHlMXo4pTttEFrAJSA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 272
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1&google_push=AZmPxg-ZCj5UNSGpa4JVatZNV1KOoLkqwAEes00Uk4V2UOurx06N5yXz4tBTA6OzuyBjZxejH92Q4eHIcGXautDkM3MxI69zed2wccTCeGWZHjX1CDvKkjUNDXlARBmrUmybaSGU1Gl9aXdow90wMRzemQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg2MDYyMjkxODIxMjMyNjA2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
Request Chain 274
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEXRWMT1mYiIW53bIQgdf4w&google_cver=1&google_push=AZmPxg-sM1ILbKC9cyonbBg6CWDrvGFgc8mltjvRFe-3lSxzFxISq3WFXw47XkAXu_K1YEBuuck2hcbB4Hr9D3VAlGcTuNpEOiaMbm1taY6mNSzJSolbh0USSsTxhv8PbXsetv4_C4LVT_7lm0ETqwEXH8c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
Request Chain 275
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_cver=1&google_push=AZmPxg8g93ioOgYRnzPaFksq_Mf1Eg1h7lrDUBEDLq3HnZjyIEnm5eM2Um1PmpR_QJ7rASAi5iwrJ6ZYO3SgjklapfEea2PSxezyFl-012AfcPNlEetI3UyNjx9ZZ7bVgUYqJk-YDjCoIg0VLLECTQl4gwo HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_push=AZmPxg8g93ioOgYRnzPaFksq_Mf1Eg1h7lrDUBEDLq3HnZjyIEnm5eM2Um1PmpR_QJ7rASAi5iwrJ6ZYO3SgjklapfEea2PSxezyFl-012AfcPNlEetI3UyNjx9ZZ7bVgUYqJk-YDjCoIg0VLLECTQl4gwo&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8g93ioOgYRnzPaFksq_Mf1Eg1h7lrDUBEDLq3HnZjyIEnm5eM2Um1PmpR_QJ7rASAi5iwrJ6ZYO3SgjklapfEea2PSxezyFl-012AfcPNlEetI3UyNjx9ZZ7bVgUYqJk-YDjCoIg0VLLECTQl4gwo&google_hm=aUJmUjhzUnBoc0N0ZFZEbnVvN3c=
Request Chain 276
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?ext-param=AZmPxg-kuelioYDncsBi7i1yZj9BeiQgYQ0nzv5SPaFfoTZO_TAQQmIAe82Om7Iznz-lBMwy_QSx5arxu8MY-RueR-joEf4cX-rj3s5Tw03x8qbHT7NukLfkWsRPkVC5r3vzIzJzmywZmpQblbJIWAovSygX&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?redir-setuniq=1&ext-param=AZmPxg-kuelioYDncsBi7i1yZj9BeiQgYQ0nzv5SPaFfoTZO_TAQQmIAe82Om7Iznz-lBMwy_QSx5arxu8MY-RueR-joEf4cX-rj3s5Tw03x8qbHT7NukLfkWsRPkVC5r3vzIzJzmywZmpQblbJIWAovSygX&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAb9deHlMXo4pTttEFrAJSA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 358
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 369
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3860622918212326069&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 370
  • https://match.adsrvr.org/track/cmf/openx?oxid=a3a91de6-b11b-7128-fdd4-a7b21da86565&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5fe5a090-8256-49b7-b0bb-98ce88478fd1&ttd_puid=a3a91de6-b11b-7128-fdd4-a7b21da86565&gdpr=0&gdpr_consent=
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnQPFsNtFqhT26TCEGBV_g&google_cver=1
Request Chain 382
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7718648876189149939
Request Chain 384
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg1ByEkreSjXOzVGHbfqE7R0iC3QzKlXdyA
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKvVW7t2V21kQvdY3Klx3zA&google_cver=1
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=5fe5a090-8256-49b7-b0bb-98ce88478fd1&gdpr=0&gdpr_consent=

410 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
www.bg3.co/a/ 		53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7aa0008a515b8631d48873598ff309b021b5340033c5136247c9665ec5786155

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 18 Sep 2022 11:53:05 GMT
ETag
"d44e-1lrSggR5JE8juLW/mBlSPUTGeag"
Expires
Sun, 18 Sep 2022 12:53:05 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
b0c35de7e97c6845d33df6e448e10fc57a12dc9029159a609111c6032cc1889d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72615
x-xss-protection
0
server
sffe
date
Sun, 18 Sep 2022 11:53:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"d846f64d6544327b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 18 Sep 2022 11:53:06 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
20ef0d0404e4822f6483958648bb42a50a00bf51775a9e4d99d56cddd12ba986
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9656
x-xss-protection
0
server
sffe
date
Sun, 18 Sep 2022 11:53:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"acc3868951df8a41"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 18 Sep 2022 11:53:06 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
6997292db4f5eefb91b6df8a32cc33f382a9da74890b13d55d9b0263c46f736e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
date
Sun, 18 Sep 2022 11:53:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"2854de22cf21ae71"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 18 Sep 2022 11:53:06 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
c86f041243bcea80e0315fc89fa78a1b81dbc3aec419b11af7302ea2eb3100c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32045
x-xss-protection
0
server
sffe
date
Sun, 18 Sep 2022 11:53:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"41e651644f1ce250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 18 Sep 2022 11:53:09 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634ce6ebcae68cecdd5e4fe82fb7745884b9ee2dbe59a51bc08e1da360cd39c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4750
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43721
last-modified
Wed, 14 Sep 2022 07:31:55 GMT
server
cloudflare
etag
"6321836b-aac9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thW8LN5rOchFPnjad9cnafNUsT%2BSxlW0ozIrrfzqTalzuhJihUuUkc1HgAAT8O1FDMcL30BHwCwQLV8o2kbaVjUh4uWSOy1Fw5G%2BEV9IBjUWGfFummT525BsBj1h9UTcMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74c9e11a5ea63771-MEL

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.81 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-81.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 18 Sep 2022 11:53:06 GMT
content-encoding
br
last-modified
Sun, 18 Sep 2022 07:00:27 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=4
x-cf-geodata
AU
content-type
application/javascript
content-length
9571
expires
Sun, 18 Sep 2022 12:53:06 GMT
adpushup.js
cdn.adpushup.com/42753/ 		477 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
0fa316a9b05961ed4d68109ff3e63a72f33c18792dca892c27bed1527a7b4add

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 18 Sep 2022 11:53:06 GMT
content-encoding
br
last-modified
Sun, 11 Sep 2022 10:27:19 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5
x-cf-geodata
AU
content-type
application/javascript
content-length
104716
expires
Sun, 18 Sep 2022 12:53:06 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:07 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1663501987.dop225.la3.t,1663501987.cds108.la3.hn,1663501987.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5078
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SSlChDi1uUeK7dFjTf3MAHQEqoY9mLzCJ8SsFua3Oe0RhCDDTFJS%2FaiS1PAj480y3M2FcH1XDt3%2FG0YKHLcgzsRGUuWLWOR3DZbhpOXtJ3odLiB8rsjYoyBmcAN4agZLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
74c9e11b18623771-MEL
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
669ef49375ab4988f89952a8c17a476c7b4c9e247f65f41852a39dc74f28e508

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 11:53:07 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
669ef49375ab4988f89952a8c17a476c7b4c9e247f65f41852a39dc74f28e508

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 11:53:07 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.46056297286789283&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:07 GMT
x-width
336
x-height
280
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource
PSA
x-adtype
html
connection
close
access-control-allow-credentials
true
content-length
508
x-adstyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.39604577518942996&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:07 GMT
x-width
336
x-height
280
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource
PSA
x-adtype
html
connection
close
access-control-allow-credentials
true
content-length
508
x-adstyle
banner
ca8d57e7508909f9a47ea225233b6755.jpg
static.bg3.co/imgs/202106/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ca8d57e7508909f9a47ea225233b6755.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a484760583bd34f81dbf838ba998f7fb975b40faacd58946e7ef0e6e49cd7313

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 18:43:35 GMT
server
cloudflare
etag
"CA8D57E7508909F9A47EA225233B6755"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qL5Q8G9CgJ8pJsCLbAEvmyO%2B8RclW0zL%2FkwBgUrT71eAJCYH7TBkYOxYqB9wFwhXdHYwTm5xJHoIDaPtqzJbmUwBDurefo6dZr62YW%2BWqRtW12joIC1yaXNcqS4xcF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e11cedbe5a98-MEL
content-length
95289
expires
Sun, 25 Sep 2022 11:53:07 GMT
226f583cc8098580bf00ded60dac8a47.jpg
static.bg3.co/imgs/202204/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/226f583cc8098580bf00ded60dac8a47.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c742f19b966859000b034c1f3447167db53ea75b70f5dec15158097ffe77b23

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:07 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Apr 2022 09:51:22 GMT
server
cloudflare
etag
"226F583CC8098580BF00DED60DAC8A47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bj%2Fn5ilTGpRzrsERLCY5Cc514lh%2BMGcF0MVTIfAOg7JasgYd0YzyDWGk7ZXsvLOXivafQrKZyEQLPlU3GSi34x2eOYO6p8jGuBQzUCTjXYPuKgf2ANwiTlYBOcSVFRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e11cedc25a98-MEL
content-length
10718
expires
Sun, 25 Sep 2022 11:53:07 GMT
9845df997b362625e6f3123121f20405.jpg
static.bg3.co/imgs/202109/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/9845df997b362625e6f3123121f20405.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70400c4b11fb52bc58088b6640cf50352f37a5845b0bdde050f58a9f8f7c30de

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Sep 2021 14:55:17 GMT
server
cloudflare
etag
"9845DF997B362625E6F3123121F20405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHE7ZhOZ8UrBJxMNfV%2Fy%2BuGJMGC1mcSLXB%2BKHGXx05HrhYscQBa%2Futch3jepAVTAhxGMP4uJ%2F6G7eD4BsO5S0KiEYHRnAtM9iVTn%2BCtFkjplY9lzJ9snDiOF0fRpp%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e11cedcc5a98-MEL
content-length
7780
expires
Sun, 25 Sep 2022 11:53:07 GMT
a8cca923f42215a9052fa0ab1a8ab5d2.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/a8cca923f42215a9052fa0ab1a8ab5d2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730e6765f06ea8155a55255cb267c0b90dc0a5039428ce09e0c8179d63c04a9a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:07 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 05:05:54 GMT
server
cloudflare
etag
"A8CCA923F42215A9052FA0AB1A8AB5D2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBQT51zwkXwIqa%2FF60MOEob9G2exGyTT70DylfM23jX%2FJSbo0vZMQipZJ0kuq48cv0v88nTQVOZKy7fjYXVhAQ7MtN2wTN9mhA%2FdUPKauAp08guVlHRYmGrwJ%2Bi%2FOcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e11cedc85a98-MEL
content-length
5258
expires
Sun, 25 Sep 2022 11:53:07 GMT
125670d538281682dfd5863f964b4c2a.jpg
static.bg3.co/imgs/202206/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202206/125670d538281682dfd5863f964b4c2a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1c0bb7ca196b1387492ae02520d76e006e8912011ee954c873703dfd0897e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jun 2022 07:02:48 GMT
server
cloudflare
etag
"125670D538281682DFD5863F964B4C2A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSAahPLU3Q%2Fl%2FdFxKPsRISabHY5AN1hKneVs2fgSXFZS%2BarkBuqrsphM7ODDr9Gdos0RAIL7ysoJFpJb2%2BsPVK7jNMi8cQSnDsN3taHEKjLH2UrB8Yis5b60dh6MOQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1234d125a98-MEL
content-length
5150
expires
Sun, 25 Sep 2022 11:53:08 GMT
9845df997b362625e6f3123121f20405.jpg
static.bg3.co/imgs/202110/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/9845df997b362625e6f3123121f20405.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70400c4b11fb52bc58088b6640cf50352f37a5845b0bdde050f58a9f8f7c30de

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Oct 2021 13:54:50 GMT
server
cloudflare
etag
"9845DF997B362625E6F3123121F20405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xt4%2FTf8nke2qZaIN5bLMbGWqkijXVttRc%2B5wrp0JVbP6e8QrDyZv6BZv%2F57Wy0nVwhd1Tr3I6myo2lPoIHPNDVk2LWb66a%2BuR%2FhtZEOqijzUJ8h9nIaDIATWItx1F9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1240e9b5a98-MEL
content-length
7780
expires
Sun, 25 Sep 2022 11:53:09 GMT
5b339877155a9300bcf85ff4a50503ab.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5b339877155a9300bcf85ff4a50503ab.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f50c6d2e2bc19ec73abb209755b1c0f443cf23e8050396c3281faf04dbc0ba0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 03:49:21 GMT
server
cloudflare
etag
"5B339877155A9300BCF85FF4A50503AB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O69TeOViHp%2F5ssOdAjY6ra7vz3Lk4klaVS6ZK0EQRcviI2AU%2B5jRuALCuYne7MLo6uU%2BQu6PyY7UM8CAbwHofxOte9hUBQXbtxFQeXZAopwXgHBE4E%2FC0pC6sAlmASQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1240e9f5a98-MEL
content-length
4440
expires
Sun, 25 Sep 2022 11:53:08 GMT
867fcc754d74cb5e21acb36cac8312dd.jpg
static.bg3.co/imgs/202112/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/867fcc754d74cb5e21acb36cac8312dd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ad65308e0ded65be49194040c5f3aba74890e35e63c63c1308e46e5c927da8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Dec 2021 12:08:09 GMT
server
cloudflare
etag
"867FCC754D74CB5E21ACB36CAC8312DD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6WG0nO75Pj7Jkt46zfhRxHYS2E72HnNmsjE5LiLaiEoHcVF6tNfJW%2BisK4%2B6WGWJB3VAWzM9bc2Rmi%2FC6aHw3%2BBsHmDdZHq7Durlakms4KcsaGRPr3EIVEkQEpOZCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1240ea05a98-MEL
content-length
6347
expires
Sun, 25 Sep 2022 11:53:08 GMT
d0267ddabf8eaa02b22ce34524995c02.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d0267ddabf8eaa02b22ce34524995c02.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
117348961be5b7d927b76ad1c822f5b0fad6e209b6aacf3bfca6d4e2e1b59788

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 09:32:31 GMT
server
cloudflare
etag
"D0267DDABF8EAA02B22CE34524995C02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKkYkjV4G1MP40o7sus6qsam2Ky60tSy%2FrQXjQKS7zrnxz8j2oUHo%2FEkotvERYsWda4%2FInCvm7l4gaSu5VmudoqJ2jQndQOMvzNFkEQu%2FIjmDWrk0WDY0G9zlSoczQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1240ea35a98-MEL
content-length
4390
expires
Sun, 25 Sep 2022 11:53:08 GMT
f229e68a87c38f4acbefb0898a178ac7.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f229e68a87c38f4acbefb0898a178ac7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a51d0ed9f4bc3b64308bf739927373c15d7f93a58981519afc5f15557cd61b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 12:11:25 GMT
server
cloudflare
etag
"F229E68A87C38F4ACBEFB0898A178AC7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5AUbmQsf0ljQmi03fawe8MmN2lQF3kuA7WkBEgSAJzzqLn32LNgj2LG%2BMAsZzOJLmsCdDfQ4SDg1ltFOK%2FBj7Wr4elpsU%2BSQEQueBm2KCg8KUN%2BcM8CjCFIQHTEerg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1240ea65a98-MEL
content-length
5768
expires
Sun, 25 Sep 2022 11:53:08 GMT
26f20e8c638312ba02e9c45a1d27234a.jpg
static.bg3.co/imgs/202204/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/26f20e8c638312ba02e9c45a1d27234a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5efc88d5c678c1def15682508678dc16cd658d3a1f870619fa950b86f2c4f3b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Apr 2022 07:27:53 GMT
server
cloudflare
etag
"26F20E8C638312BA02E9C45A1D27234A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHxAUOjpyaQrWkkrxxH%2FK418LaqSnHcEyfgviXDt53gM2FUnRThw6QcnLw%2FPcrcyOLcoPbxEWpHqDG97MLEj1HeQVw3pcgPwUKTZVRO%2BHnFDudue8p%2FadIZ86%2FsRa%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1240ea75a98-MEL
content-length
7311
expires
Sun, 25 Sep 2022 11:53:09 GMT
a8020c95a91da8b0c15edc99387e4c2d.jpg
static.bg3.co/imgs/202110/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/a8020c95a91da8b0c15edc99387e4c2d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce15cc8a0d71dee6e6bc055f8f15394a1fc3ae595e78485a3071d7ba3d6a5fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Oct 2021 10:21:08 GMT
server
cloudflare
etag
"A8020C95A91DA8B0C15EDC99387E4C2D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWfswKEFoEywkoBzAZDoYXIwyV0olWFQf4iVOnMsJj6Ja%2B5WZDsbMtaRs2t3%2BrTQ18OwG2KhU08SIn8Mm0d3kxADbBGmfBIETioDH0p9l2hkiwUp7V%2BFdJRX9n1xNMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1240ea95a98-MEL
content-length
6679
expires
Sun, 25 Sep 2022 11:53:08 GMT
2e62d71e7420de4dfd26b67a754b91ec.jpg
static.bg3.co/imgs/202206/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202206/2e62d71e7420de4dfd26b67a754b91ec.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5052a0bb994869ce04f7f9fcfb29042ceb43c525f5503274d6777be2db4b5573

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
cf-cache-status
MISS
last-modified
Sat, 11 Jun 2022 07:04:15 GMT
server
cloudflare
etag
"2E62D71E7420DE4DFD26B67A754B91EC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR13MnTTZ0YgEZ4ZvKZbjjOPb66sIRtiwTKgqiJ4OwrzulR5Y7fu0MHEWWlurG0L0ZKjWSGy6jpVATA56rCyNX0tJy9FtRU9rqiMTFzRb5%2FveiqLL4DbQd%2FaulsmenI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74c9e1240eab5a98-MEL
content-length
4419
expires
Sun, 25 Sep 2022 11:53:08 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
beb04705b4768996852ded7b4cef6e5fcd8bd57b76f289519c95a007d8ab7693
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
288536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2980
x-xss-protection
0
server
sffe
date
Thu, 15 Sep 2022 03:44:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9dad1bb78ff989b7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Sep 2023 03:44:12 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
095348d33dfcfa5ed1de252a53bff7ecda596451ce782f98ad45970c44f6ca5e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
281231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23012
x-xss-protection
0
server
sffe
date
Thu, 15 Sep 2022 05:45:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c6500572c835440"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Sep 2023 05:45:57 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
963 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
92cf38050a7628764acdeb5cf06d516685fe812598746fbf087a2d6818338c03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
45d8a1c989f3fb759ada706bcba787b1d492dfce7b9f2494c9ca704aae6133b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
281162
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3839
x-xss-protection
0
server
sffe
date
Thu, 15 Sep 2022 05:47:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e713e5c0fef433e3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Sep 2023 05:47:06 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1663501988.dop225.la3.t,1663501988.cds108.la3.hn,1663501988.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e325e7ac2e5f7158a7ed69054a0a07a499f2af228d98fca31b039b875ae11e85
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
577430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10232
x-xss-protection
0
server
sffe
date
Sun, 11 Sep 2022 19:29:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0872f735faca1dbc"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Sep 2023 19:29:18 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8AB7 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
f247ff1a627759ccf64ef0a9accf46d41fe6ee5a9746088c33183a9d5c862a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40761
x-xss-protection
0
server
cafe
etag
4873357181094690769
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 11:53:08 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 93D8 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
540b000a18ee1446ade50f214f0b84e6e2b5147e18a77dc6a55b072108bbfa23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40758
x-xss-protection
0
server
cafe
etag
13586511407796366825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 11:53:08 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 0368 		714 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1598
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74c9e1203ce6df30-MEL
content-encoding
br
content-type
text/html
date
Sun, 18 Sep 2022 11:53:07 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03WGwyQv1hAY33mMNXG2BPkP8p1xqnDkfN3BmklzgRnbkRxx0%2FEaYiQK4Zgwltv3EUeMXJs9Bq63%2BHDMZE4a%2FWcmnkk1hw%2F28ynG2sPuF%2FR2YThlxiW%2F%2FeFCQrTVFcmguQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 11:53:08 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame AF28 		714 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1598
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74c9e1206d3adf30-MEL
content-encoding
br
content-type
text/html
date
Sun, 18 Sep 2022 11:53:07 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYdX%2FrYaqAXvvRU%2Fz5UXJvIelkcklgsaOKmddJ1k5CGy5rFFMMJanHMOiZYRMib3fdj6tmIgdshbDpS3Wcmi7u1SOwEH8v0%2B%2BUmi%2FIz7KVElsz5VUps9eF2nEbEOx6DQNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0368 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
2e9f641648d07fa7b1d0681c2dfd16202c42ede250d099a82f35ab994399eafc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27862
x-xss-protection
0
server
sffe
etag
"1337 / 159 of 1000 / last-modified: 1663366039"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 18 Sep 2022 11:53:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AF28 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
aadb3043f0db277c623091028f7a4f24e1dd821aca8d3562bc0e976170dd5008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27864
x-xss-protection
0
server
sffe
etag
"1337 / 518 of 1000 / last-modified: 1663366203"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 18 Sep 2022 11:53:08 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1663501988051
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.81 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-81.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 18 Sep 2022 11:53:08 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Sun, 18 Sep 2022 12:53:08 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 8AB7 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
bffbe10af19b2848ac863f352c3d68cc4192adc88e11382417132df6431c9d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124737
x-xss-protection
0
server
cafe
etag
7420510614699953264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 11:53:08 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 93D8 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e0b749d12ca70250f97cc4aac7ac1b7f03445e60787ae9ace0d60d2d513cc4af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124736
x-xss-protection
0
server
cafe
etag
17962091811605782234
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 11:53:08 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ Frame AF28 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 10:54:03 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ Frame 0368 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Sep 2023 16:00:17 GMT
pb.42753.1662648504901.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
7c0b90fe6a2f1f5380a33c83ccd0fc9ead3520adfe057f55f784c12b49fab4be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
br
last-modified
Thu, 08 Sep 2022 14:48:36 GMT
server
nginx/1.18.0
etag
W/"631a00c4-5597e"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=14
content-type
application/javascript
content-length
93736
expires
Mon, 18 Sep 2023 11:53:09 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-type
application/javascript
content-length
211
expires
Mon, 18 Sep 2023 11:53:09 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=12
content-type
application/javascript
content-length
17440
expires
Sun, 18 Sep 2022 12:53:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
2e9f641648d07fa7b1d0681c2dfd16202c42ede250d099a82f35ab994399eafc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27862
x-xss-protection
0
server
sffe
etag
"1337 / 381 of 1000 / last-modified: 1663366039"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 18 Sep 2022 11:53:09 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:09 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjM1MDE5ODkwMDMsInBhY2tldElkIjoiMDAwMEE3MDEtZTA3MzhhZjAtYTdlNS00MGFjLThhYmYtZjAyZTU4ZWExNTYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpYW4temhpLWRpYW4tcGlhby0yaGUtMWNhby1hbi15b3UtNGRhLXhpYW8teWkta2FpLWZhbmctd2FpLWppLXlpLWdvbmcteGlhby1lLWh1aS1kdWkteWUtd3UuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:09 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjM1MDE5ODkwMDMsInBhY2tldElkIjoiMDAwMEE3MDEtZTA3MzhhZjAtYTdlNS00MGFjLThhYmYtZjAyZTU4ZWExNTYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpYW4temhpLWRpYW4tcGlhby0yaGUtMWNhby1hbi15b3UtNGRhLXhpYW8teWkta2FpLWZhbmctd2FpLWppLXlpLWdvbmcteGlhby1lLWh1aS1kdWkteWUtd3UuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:09 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjM1MDE5ODkwMDMsInBhY2tldElkIjoiMDAwMEE3MDEtZTA3MzhhZjAtYTdlNS00MGFjLThhYmYtZjAyZTU4ZWExNTYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpYW4temhpLWRpYW4tcGlhby0yaGUtMWNhby1hbi15b3UtNGRhLXhpYW8teWkta2FpLWZhbmctd2FpLWppLXlpLWdvbmcteGlhby1lLWh1aS1kdWkteWUtd3UuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:09 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjM1MDE5ODkwMDgsInBhY2tldElkIjoiMDAwMEE3MDEtZTA3MzhhZjAtYTdlNS00MGFjLThhYmYtZjAyZTU4ZWExNTYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpYW4temhpLWRpYW4tcGlhby0yaGUtMWNhby1hbi15b3UtNGRhLXhpYW8teWkta2FpLWZhbmctd2FpLWppLXlpLWdvbmcteGlhby1lLWh1aS1kdWkteWUtd3UuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:09 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjM1MDE5ODkwMTEsInBhY2tldElkIjoiMDAwMEE3MDEtZTA3MzhhZjAtYTdlNS00MGFjLThhYmYtZjAyZTU4ZWExNTYwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpYW4temhpLWRpYW4tcGlhby0yaGUtMWNhby1hbi15b3UtNGRhLXhpYW8teWkta2FpLWZhbmctd2FpLWppLXlpLWdvbmcteGlhby1lLWh1aS1kdWkteWUtd3UuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:09 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame 8AB7 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
91f9d271fdb7e6e30c73c7f8588def2cc70b7bc3222291bb7f5baa5adb270255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 8AB7 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8AB7 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 59DD
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663501989&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
3
content-length
673
content-type
text/html
date
Sun, 18 Sep 2022 11:53:08 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-id
81PlCN1gSjzoiPyi6iMjuqPTlb7HvNdaxmKxHdaY6TSu8QaVVyRBvg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:09 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
923bfe4249cc964c58e87df66b351ebb93c6fc54f658fda2c259e2ffc089ddd7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
268794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57876
x-xss-protection
0
server
sffe
date
Thu, 15 Sep 2022 09:13:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"396e090561abbfd0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Sep 2023 09:13:15 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 93D8 		379 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
30be234a7ce66794d92c06f6644fe04d29734326d2632d916becb3bc9644e5b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 93D8 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 93D8 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 7E7F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663501989&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
3
content-length
673
content-type
text/html
date
Sun, 18 Sep 2022 11:53:08 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-id
wWLFpllcgSGp41MdsRA9Ita2p9XTtVHWe15N738WN1tRUBsMzDNRog==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:09 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-27024444544096431478.ampproject.net/2208242209000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-27024444544096431478.ampproject.net/2208242209000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Sep 2023 16:00:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 18 Sep 2022 11:53:09 GMT
integrator.js
adservice.google.com.au/adsid/ Frame AF28 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AF28 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AF28 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2084231679577438&correlator=1122868856244990&eid=31068929%2C31069626%2C31062930%2C31068920&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1663501989521&lmt=1644386353&dlt=1663501988032&idt=1430&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=r8igeajk8tqg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1574612212.1663501990&ga_sid=1663501990&ga_hid=783555286&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
95d897dd9cd9fa61b18e302cb7f55eb488c3160769ed19f272473e056a80c1f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5fc11ef87d23e5599d55f28144193363.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B747 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fc11ef87d23e5599d55f28144193363.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:09 GMT
expires
Mon, 18 Sep 2023 11:53:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 25 Sep 2022 11:53:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5865 		603 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5386247671147167997&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2769&oid=2&is_amp=5&amp_v=2208242209000&d_imp=1&c=256004062&ga_cid=amp-yxTs2cBIc5SB-MlaeZDT6A&ga_hid=4062&dt=1663501989571&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&bdt=3419&dtd=29&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:09 GMT
expires
Sun, 18 Sep 2022 11:53:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 0368 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0368 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0368 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4341867622059985&correlator=3415021743404772&eid=21065724&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1663501989664&lmt=1644386353&dlt=1663501987957&idt=1686&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=9b8ofa6mq0o0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=733304381.1663501990&ga_sid=1663501990&ga_hid=3836357&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
8679779e3f67e29382568ab644aa2b19f0752260fca818c2ef873eaa08795d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
37764eb65ec5a60cdb53450f3b65878b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F220 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://37764eb65ec5a60cdb53450f3b65878b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:10 GMT
expires
Mon, 18 Sep 2023 11:53:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220918
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ad453724c0341ec9909ee08835a034afbde60d8c733bb97509683aa8692792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31876
x-jsd-version
1.0.1466
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19163-FRA, cache-itm18841-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-Y57RKRIUL64gEXQ4pnWfvYedxQE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xH0y38d5grCO3wUo%2BRl8OYnCV6U15sNfZbF7XhK6x%2F1nRI%2FArakK6XWQ0DJP03scQsfOJROWKu8478LieM%2BXVvQQkYNmXQH57mxkQjyyx64cvG8x7L%2FAez3JxFe1HHKlbU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74c9e12dee345a55-MEL
cygnus
htlb.casalemedia.com/ 		36 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221836a3f238b356%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2289500188f976fd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2211447732dbfc304%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22120d5baa2f2ab9f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22700522bf-189c-4edf-a702-6f5a798f5698%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53613565f94251410710ac2683b7a6980ef086102e3c3d4ae9e8430490ffd8dc

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh2eqiYxcKt80tbuWHV%2BI1g8a8umYm2ZffsOfR3OGgrjpVaHL08c46MXwAuLqxmMVywbBmtyR8xnwBe9EaR7keYMWv8Hc0mhan6WUZOFpI4bcvGNn2mcQlusmKGQeUjsLmCH2gmn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74c9e12e0b0717c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221836a3f238b356%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211447732dbfc304%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22120d5baa2f2ab9f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22700522bf-189c-4edf-a702-6f5a798f5698%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53613565f94251410710ac2683b7a6980ef086102e3c3d4ae9e8430490ffd8dc

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dfDBua%2BpzL9F7iAvblkFm8WQZ2JP54jq3npvPyQweQqYMX3KBMQ6MzCeecFjsqYexqQ8DG%2FWn6K7EV9UxBNStiknCg9QHCXffWAOlDhc%2BjOfjc5Hwr%2B324TUQBamm2%2FAWxB%2FICv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74c9e12e0b1017c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.84.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-84-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3d3d040ee5154175d259f21ee2ef15ccd21be7e002cd70e46c7c9adfb1a4e707

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.84.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-84-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7ffc2e6e6f036f16d52f62307d6da74d63835fec9b02153be38458137032d975

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.84.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-84-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6cabec65aaa7483e095c1c5ab582e793d085bc044c5b05a30f12d8f29a32bd0f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=700522bf-189c-4edf-a702-6f5a798f5698%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=2e66b4fb-b1f9-4293-a25b-1a7e02adf277%3B271671d2-9e87-41fb-aead-0006ce5f4319%3B7f065234-f870-4fb3-9d1e-e70987c1614e&l_pb_bid_id=14635d93c114db5%3B156275a91f48b34%3B16e63f6fce2eab3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.6954562092737131
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
31027622fa367286d0775461327661597b6932085c2af50fa859abfe22fd3130

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2f259e77f75bb0df1b03b51533afd3703ea4d3e75e46648e5d38f26cdf1d7916
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 18 Sep 2022 11:53:10 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.52; 103.209.254.52; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5d654489-b3fd-4ff0-b8d2-700647c3038c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		59 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:12 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=68290807344
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 11:53:09 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.137.72 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 18 Sep 2022 11:53:10 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.15.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-15-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
accept-ch
sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ 		405 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4898
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		25 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
104152f8c46d886355096a86e9f8cf65741b77ae686cae3a4b9d444a5ca7f7cc

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
294
content-length
13119
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2994b115-a706-43f3-bc37-e62a064c432b%2C4a894d67-2851-48a5-9019-6f13605e887f%2Cc50e0e20-2853-448c-98cf-93feee395c00&nocache=1663501989866&pubcid=700522bf-189c-4edf-a702-6f5a798f5698&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e2abfceccbe4dbb32e381cc2c03ae836956d4502de207f58d70062407b8503c1

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cf1ec720-92f9-4934-8f71-7ae8bf9dbd59&nocache=1663501989867&pubcid=700522bf-189c-4edf-a702-6f5a798f5698&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c5b39702-188a-468e-9383-cd892a1cf277&nocache=1663501989867&pubcid=700522bf-189c-4edf-a702-6f5a798f5698&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3f2eb3da-8cdb-4ac0-9ba0-6fb52946232e&nocache=1663501989867&pubcid=700522bf-189c-4edf-a702-6f5a798f5698&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
prebid
prebid.media.net/rtb/ 		338 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9d47f96bde187b905335eeb37e4fa883e10d8d016132d624fdb97a280ebca5e0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
clear
via
1.1 google
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.111.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-111-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 11:53:11 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
504
vary
Accept-Encoding
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
gtag.json
cdn.ampproject.org/rtv/012208242209000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
77261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Sat, 17 Sep 2022 14:25:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7eb7066936b4d634"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Sep 2023 14:25:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AF28 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
3e1a7a4f074a877c80b6e229243793abd6e343e8befb03397df5a8d9a46553e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11207
x-xss-protection
0
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 10:57:42 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
age
3329
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
bj9NS4hmToX1xg_EMxRglFfaCZdFbFeFIpBuR2rzXQvZmJ5Ia2G3pg==
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0368 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
f1820a36574c0af92d6bc34bc72cc41f0e5f40abb8615506e03a0c3660cd78b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11227
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7E7F 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
540b000a18ee1446ade50f214f0b84e6e2b5147e18a77dc6a55b072108bbfa23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40758
x-xss-protection
0
server
cafe
etag
13586511407796366825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 11:53:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 59DD 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9bfb09346727b0acf83c70667e11ed4a2f804d266fc5d6bf3f59086d79073e84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40758
x-xss-protection
0
server
cafe
etag
9176212275843601249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 11:53:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AF28 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:11 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E9%9B%BB%E6%94%AF%E9%9B%BB%E7%A5%A82%E5%90%881%E8%8D%89%E6%A1%88%E6%9C%894%E5%A4%A7%E6%95%88%E7%9B%8A%E3%80%80%E9%96%8B%E6%94%BE%E5%A4%96%E7%B1%8D%E7%A7%BB%E5%B7%A5%E5%B0%8F%E9%A1%8D%E5%8C%AF%E5%85%8C%E6%A5%AD%E5%8B%99%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-yxTs2cBIc5SB-MlaeZDT6A&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.5036325229175203&gjid=0.9777527688965204&_r=1&a=4062&z=0.6924720759960366&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 7E7F 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
bffbe10af19b2848ac863f352c3d68cc4192adc88e11382417132df6431c9d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124737
x-xss-protection
0
server
cafe
etag
7420510614699953264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 11:53:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0368 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:11 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 59DD 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
748917abe22241e86d07017f8f285739c7a10d6306d15d6fa0c83f3d0622cac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124737
x-xss-protection
0
server
cafe
etag
1735209870657692122
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 11:53:10 GMT
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=157626188;fpan=1;fpa=P0-1811075626-1663501990681;pbc=700522bf-189c-4edf-a702-6f5a798f5698;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1663501990681;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 22:05:19 GMT
via
1.1 e458de70cfe2237c659d4e5f2ae84564.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
49673
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
p8wMXY3EpZ8d2IUlzCAVKnpIS90ucu1v_SlG0nISM1rrBCMo8i_dCw==
pixel;r=570690945;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html;uh=e51ed67dfb8d91dc24b15...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=570690945;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1811075626-1663501990681;pbc=700522bf-189c-4edf-a702-6f5a798f5698;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1663501990684;tzo=0;ogl=;ses=8b11c534-46dc-44cd-ab65-cc589619be8c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIzMzUzMjhfMTY2MzUwMTk5MDkwNyIsInVzZXJJZCI6IjMxMzgyMl8xNjYzNTAxOTkwOTA3Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNTUwODQ0XzE2NjM1MDE5OTA5MDciLCJwYWdlUGF0aCI6IiUyRmElMkZkaWFuLXpoaS1kaWFuLXBpYW8tMmhlLTFjYW8tYW4teW91LTRkYS14aWFvLXlpLWthaS1mYW5nLXdhaS1qaS15aS1nb25nLXhpYW8tZS1odWktZHVpLXllLXd1Lmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGZGlhbi16aGktZGlhbi1waWFvLTJoZS0xY2FvLWFuLXlvdS00ZGEteGlhby15aS1rYWktZmFuZy13YWktamkteWktZ29uZy14aWFvLWUtaHVpLWR1aS15ZS13dS5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2MzUwMTk5MDkwN30=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:11 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvZGlhbi16aGktZGlhbi1waWFvLTJoZS0xY2FvLWFuLXlvdS00ZGEteGlhby15aS1rYWktZmFuZy13YWktamkteWktZ29uZy14aWFvLWUtaHVpLWR1aS15ZS13dS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvZGlhbi16aGktZGlhbi1waWFvLTJoZS0xY2FvLWFuLXlvdS00ZGEteGlhby15aS1rYWktZmFuZy13YWktamkteWktZ29uZy14aWFvLWUtaHVpLWR1aS15ZS13dS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-112.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 18 Sep 2022 11:53:11 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=226
content-type
text/html
content-length
555
expires
Sun, 18 Sep 2022 12:53:11 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 7E7F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7E7F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5E5C 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
8cf96c4dc7d3657d849b7451e7d8b3a1f35043d354c5ebaef09eb2b88d39d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
15756
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:11 GMT
expires
Sun, 18 Sep 2022 11:53:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 59DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 59DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 290D 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
6d940c550686adac74ce7d51befa3cc2d5a2d0721c1a21d3e9114f5fa39c1c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:11 GMT
expires
Sun, 18 Sep 2022 11:53:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
98f47b8f3bd986c221797db915261a911d3ace69ee79558d480a8c9a2c65d44c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75016
x-xss-protection
0
expires
Sun, 18 Sep 2022 11:53:11 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9kaWFuLXpoaS1kaWFuLXBpYW8tMmhlLTFjYW8tYW4teW91LTRkYS14aWFvLXlpLWthaS1mYW5nLXdhaS1qaS15aS1nb25nLXhpYW8tZS1odWktZHVpLXllLXd1Lmh0bWwiLCJ0aW1lIjoxNjYzNTAxOTkxMzE5fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:11 GMT
server
nginx/1.14.0 (Ubuntu)
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AEA9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
246042
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:32:30 GMT
expires
Fri, 15 Sep 2023 15:32:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AAE1 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
cb83133ef54f55286a20892f5773c87ce09a499ecb954f0c2e2bbf2001940c5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Rau8pQ9l9zGvgHXYDbajpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Rau8pQ9l9zGvgHXYDbajpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:12 GMT
expires
Sun, 18 Sep 2022 11:53:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F96B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
246042
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:32:30 GMT
expires
Fri, 15 Sep 2023 15:32:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 92C4 		783 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
ab827c127c50743283dad7e2b7a3e13c08ece6108850e572c49c958ccc8bd38e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8Xi9aQ6YaVE3bWMwSv8G8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-8Xi9aQ6YaVE3bWMwSv8G8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:12 GMT
expires
Sun, 18 Sep 2022 11:53:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0CE2 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxCei3sY05iRyAEwAQ&v=APEucNV9pwzSquhteKUiRkLNyvjxq6xUJ6MVagXy9T_hNd8g6nyNwukCQsCGAm99tTOunr5pTPzs4Df4erwaXS5LtNzBbZJPfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 466B 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CInl1fBdEPZpTxqDEAbD_vQEHcz8b2LBry2uC7ZYdjO13wmjcxrUnWzz12Eq-ztoEI1KQQbAdkYw9tFjvhwPIummp3yeEuKZHzv-LCKVNPmvBAWHhMQ8hHsmdOW7V0OmfloqvqlfeLua4JodjD2BtxWXa4oQ&cry=1&dbm_d=AKAmf-AH6EvkmjrR6__4KOozF9qHKULl2z2f2gapRiGBnY4F9d0I5wWZW5lMYRB6TL2hjw5eJGPvmg14KxZoiZBA6rSVHcf0lp_RUazu9oyu-VG6Cw4kkDZ9n6EFeQDbymD4w018jdTOFDZ0pDUA3JFXO5GyZa0-I5T43bnft8-6o3T9BQZRhMrUCMoKmioAs04RlEuFYNMQj-K1KMeM3zeiXCsVIiGnZWwLLdg2bjHgn9y4XD0maWKzEsYeYmycn-RXtez5lXinhVFeiiXCrrUweL653B85qDRPpTQhQYTxmx2_91jBkHbsRQ7GfCyGeE3uW2qqJf7KIhRsebA5AxcYQGiShWBes4Ihqoq1FRxvAMsPsEtkOkWoudWhn--B5v5J_yahyNr0bLc25biguHkKgz0TCgyHEZ-fqXdcoSWiOXRNlahAup2_2qij_njyPXQJ0sZBasxBT14Os6SfBvrdaAsbsckuuJLfJpHG5LAAR_5WPLvsrmmOvLcp9FrNasfWZB2BN-N-BsXfvzFgoMGqDKWymMRolOXqPZdQrSfJ0RqAjiJSTGTQmEr1wG1WwAcYhIOou_BgzsxrGnxWmDJl_ZYB30WNB6BzlydTWSh9_24WupbjYajFyfLzPBMyqPD0NZSqwhoNRLbPhT3xOVUdrIe7DJzmZ-m4qS6quAqvngxsLpRyrFCxHw-0c68QbhkfaGoQQHtTWKNA5tbXIYTxfQleTh7NzKQxRmI49Nrlj259xw85nRebxzZh9fzX_sdEpbbup6APsbniMirPBmDZVjRXBUNUHbzXWEawRTC7CH5d_wv60CrDwtQLsO26zjCA-r0lHa4d9Y4NZO7emHN7DGiSN2UZWF3sGL5wLqPmZvxyjEH9Hb2dZtPV5ariynYt5I7UFCi0XGJ2Qglzj7VCfK7HRXXbQygQ1IxJJShnpCKuZCHG55lY-3nfv3CmSBbYP6yYVi7uzeODV3y8DTao-GKzzkcGWRMlW_Q65_ygEOO7R_PsrSw4DdDt9q_UDwI90qbzpeuCRUaQPv1CSVCZoD1v1pujLm2vJpc4Q36nBS-p6zCHC4XLsdY9f9Yhn8p74HAWSdoOz0A7S1H5W6QFkBIc1zJzVUEhhch3elaJQNwNJCCrQmQ8Ag1QUNXJg2Hy73dXoAB5hFFqGNuHH_TipZE25pSQGJDYjsUVhILm7OFW6jS02MFY2O-Fy_fnZnLY59jSfTs3glzaSQ_7sYng2ljnllKJqs-jOjs9gAnQGGoMr1G5gHyPtHuuo6oXOJdm_1QLsGKMYr8Pxunp3FT_qxracgKCHOlMlqwhEoGpvJfSPWF-xFjceDyeIwkjpCEZ10q4EO98-UBMJpZgO10Raz_kAOLSSiBqPxEKU805ji2Q22yTx4TkoDi8fBd_gC6AYdWdkn8U-VUO334A-3_AC7oqI4N3IHM93TAveYS9rGfjt6R0F190Ix-MEwdTZRQ_0ogCzr1Le5pe25YBSb1QgjiEdZW6ou2fP8NHWpNUN0uo74FopK5yc51UM6YtCX2V--FM1XkQg_D5Sijw5joDP1BGsNl4OWmG36TDhjHuK1jeZG6nF6I3lIs9tyCmxBiZ6aPE_2TpOQ9nSDibWElygFM-_HO2XHQp7GAC0Ln9s9koGOPE87rox-_9QmEJj8P7lib_H5FlJ8JgN9Pzrpd6Ym_OISO7bOu6uaEEKXFHWRqmSE960iwhZyEZsKBMblpxFqr5NuHvLY7P8VLR5vpfKW_IAbY4e5iuygEell3wJiNWp3AWMGKU7oznB5bHhqAEgicY5QrnxZDzLH0xg9mLMIq6EoY-sobf1tQsYvFkInnOJncMdaC2CvuWV2nDyx1cpIvxybpO37MxXFhrHmJ3DUMv2FzN35LqmWYikxe0jc3VsEcEqb76V0akw8rNoOpIk_ZMnCmwoa46rfZHsL5MoXpd0wPaWOSmlf5HevPBmtdA3SzC5OnE-WjSQcCuWZvcTbaedK3gQ23WuYAjL4wupo_kIL7cVmhYIdgLB3xdD98Mz4W_XeOsx8E8XJGTst7DT7loKSVh84YAqHIcyWI-wf5mikuq34XL_ejnP4BKWN5AF2eXS07zsYUGMn14UEJUGD6ZWSpZH0jWh4HVzIY4BN7T15M0pDQ0oEDuIc38kA2LSQJUbwxOW3si7y2FStHKfyaKje463GJCv0yosDAuOFs8R0DrftkK4yh5v1SLzwt1inLby5O-28xBIjk6GyP0ksDQO6MsueI0JbL30VAwxLog_T22sqjK0KSljOKFh3S58O93M1fncv9qsS-XZ5Ood03Fho6XZRB9TOsgSEpgp3jdtjMrCYuWk_pRYmUvZQxo-kbK8oEySVzxpSbx5B4wHrc31h_7tWmEtWjk4QiufZkECPUT2833Cag-dAaE7dMMKUHG5oRKPF1dM1h2w-aCVu4AZr81omWC1x5X5_paFUl3SxYDV-_tNAN1rpDx-75vrCPLc1-UR2VkolRj8J_tJxYppnHUywrJzZOthn0sXx0r6HejL2a2ZqIhJ5b4IehZf_QjqcpCEmIn1xVDT-JuKCsBkMadSoUC-Tc1FPgKGl_DpQdcSTColUjOi7ojj0TYAaEXKiYOZCD2Ev4ZzfukbVyBcjFnaBzZ3nUgWQUxZfoOo4xKWwvWyREHtTHsOWqWAVH2W8qE2glvM5UTEzAvJMQr_W3-IEa6Nlo9pSxz4slVlKZiHtIvXYuUAaTA3TbL4LLxQ_s-TguEur2ozhBnKLAv_whYnWn6k2oYikHK3gib_Pf-HcNlVZ-ltRV4F4f1xrQrvoaHv51jsK6S4tEcxsqHvIFbs4F1Sz0hPry-TICGOXWzBNaHF9LNxtsrLTRi70S5tnhEbv8fk1w44ipnsaNSHBBT5P4yu9gdIovSQvPnkg9Fna21Kh0BGGgrIIGcRl3YM2u1CREIkgHEwIqXNBOwbkXKzLfWkm5S9vv2PtGd0Ywz6x99X-Jz2QF0K20EWiqzeGMcofq9MLeXbwhKdqguN0LxkOxplSiTJE_O3h4NieI2tPgQg5ns-DYdoSJjvSkuon1b3iKgPK0MPCio14uvIvi_DRNRnIhApQzLGh_9BGl4g339sEoNDL8XE4olA8gQ8xCdwWNDTowmdy8oUC6TRsa3eyp9tj5KD9OIaE1G5ZzT3BAIZ5zdtAbnIncVG8GGGuSmqXsqtSpmNO9idNSEQa7Wm0iR2WcGEmGul9MxIyfk1A8gLS0nRjaH-4SXx3NX7Txq79KGFV-jPLlbJ08yp7yjhyKGfBeYNKqkNnABf2QevBDTfgguZHJnd2AweKbisqU2cALN3kt7olBwbbAwt0AoI0hPhDGsfmwuOAacEgY3WBRvbjS3QwLQCuCWfKTqZbRIzSOj9PkR0CigpuMS1wkaKbYXtF6iqbR7i410HkY3u8tSlX-Szq64GwPV_OTzNb8&cid=CAASEuRoAm88AKy9EoWVNR09QqOSzw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a9d5f885fb7fb6239cc249220ee273e416ddd243bb1acef38440f83cc3e1d66e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34047
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 466B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:30:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 466B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:00:43 GMT
l
www.google.com/ads/measurement/ Frame 466B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRX3Cxipcuws5-_bEQRLsgluo4oGrOqHfp28TWiXQfrDdJMJdXfFd4SOopzTHPR5ZhyPTRo1PU-FWd7PjNw1tOPYRgrg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 466B 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 466B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjGfk20l6xB4hn_NYZGx9_7PLdUHkdAFle2ALYbasX1Iu0v4Il_b_vfSGSAv3OnXIx0gwQhZru9zRC54U-qgwEtDwmx8oczm8V5aksH7SU4C7y_CM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5770 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDjTypwYnY6ndGo7_tOUPsPG9gAms1_3wZLT2qJPiC8CNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoE1QFP0MfTEDWScC9T30bWMWsXXcM5eUjaAS8VRvGRastfIE5HqWI0STEOwk7WTL4LOo5I2TUroVY4oVZOUFqaIfT0Ay2dvKt5ojMnORC2wBZu7J2lbCeQMP98FGPWLi9gALoWJal5W2zEWWAps9GykYUiVHGixELssjW57n6RBAvnVjsUJDSVgV2pHZGC1JsFPMGRFJ_W44qK_m1KEr-H4KlPQjR8N2sx22L-xC3DFb5tJPJezqMX7WIKEWepdYifEwGr3oKqTZsW71W0wK3xEhidAJv1gBSABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=OVx-Hdr_F7E&uach_m=[UACH]&cid=CAQSKQCsnQUxKoLkSD7UOXUt1Ds8VvEFH8H3YfJSOnf21aNt3_w3619byd78GAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 18 Sep 2022 11:53:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 5770 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.408188E-4&viewability=-1&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=746fe0522e424e53a2bd4ba0d2291e31&ugd=4&size=250x250&pvid=4&csip=rtb-common-istio-76c566558b-5jl9t.SG&ogbdp=0.02&prvReqId=48119552365215_770219503_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1663501991606&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:12 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 18 Sep 2022 11:53:12 GMT
log
qsearch-a.akamaihd.net/ Frame 5770 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=0.0&adtyp=0&req_id=YycGpwAHWYAEwsfs_gl8Pw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=-0.0100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-VIC&send_erpm=false&sd=1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1663501991606&cc=AU&strg=no_strategy&ss=&current_hour=11&time_stamp=2022-09-18+11%3A53%3A11&rvshhon=&bdp=0.0200&ct=Melbourne&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=746fe0522e424e53a2bd4ba0d2291e31&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=2&totalTime=2318620&dmm_m1=2022-09-18+11%3A53%3A11.608590393&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-76c566558b-5jl9t.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=4_BID_API&cliIP=1741815296&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:12 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 18 Sep 2022 11:53:12 GMT
nmedianet.js
contextual.media.net/ Frame 5770 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.112.21 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cd68ab2c2400c62b9c390599c3c5c3df6e417caf6891161d3ca96418a51fee2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"035debfb5eae1bf026d72923ed67eecf"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sun, 18 Sep 2022 11:53:12 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-31
expires
Sun, 18 Sep 2022 11:58:12 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 5770 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sun, 18 Sep 2022 11:53:12 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=40262
access-control-allow-credentials
true
content-length
62892
expires
Sun, 18 Sep 2022 23:04:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 5770 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:30:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 5770 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:00:43 GMT
l
www.google.com/ads/measurement/ Frame 5770 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaThdWUgDxSikL6XuYO9nMXHqqx1E-tzkFD6Yef960TbM6J7yWGENfKJeGpzko2lzhWudtI4MRZU53A3Fikwl5Mmp4y0uQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5770 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:14 GMT
rum
dsum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxCei3sY05iRyAEwAQ&v=APEucNV9pwzSquhteKUiRkLNyvjxq6xUJ6MVagXy9T_hNd8g6nyNwukCQsCGAm99tTOunr5pTPzs4Df4erwaXS5LtNzBbZJPfA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74c9e13eef605a98-MEL
pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qO22vQh4eZvG2lc9T%2Buxviy5n7HK%2F56qMOlu%2Bvi13C7%2FS1%2BkgevUl4Y2yVlpwL2IfOho4uNHXiOilcBbvUnqd6sEFcEAaaHzMPhrk310s7rli%2BiLIDS6KSGfuRl%2BC7LoalM%2BCEVWhcDgaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YycGqLxojSekcSNyIbgYZQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxCei3sY05iRyAEwAQ&v=APEucNV9pwzSquhteKUiRkLNyvjxq6xUJ6MVagXy9T_hNd8g6nyNwukCQsCGAm99tTOunr5pTPzs4Df4erwaXS5LtNzBbZJPfA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74c9e142984f5a98-MEL
pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4joRBGximwDTT%2BeJLkUIZeJ25z4dKrKcaAxKd%2B4gxjogWvg6dI3yuGTsWbTzFww6LOpZ%2FqgFI3B6WsxrITqOHC44OAICfiqtSoo7Z9fMffKvleq4G5FxQ%2BLiGDsCIgFU72dsNgjKgjP9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0CE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFCViTPbgoARqQbUcDD_6lk&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFCViTPbgoARqQbUcDD_6lk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxCei3sY05iRyAEwAQ&v=APEucNV9pwzSquhteKUiRkLNyvjxq6xUJ6MVagXy9T_hNd8g6nyNwukCQsCGAm99tTOunr5pTPzs4Df4erwaXS5LtNzBbZJPfA
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:12 GMT
X-Proxy-Origin
103.209.254.52; 103.209.254.52; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4dc018de-e547-41b9-ba1b-1d2cad47bfaa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFCViTPbgoARqQbUcDD_6lk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0CE2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxODY0ODg3NjE4OTE0OTkzOQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxODY0ODg3NjE4OTE0OTkzOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxCei3sY05iRyAEwAQ&v=APEucNV9pwzSquhteKUiRkLNyvjxq6xUJ6MVagXy9T_hNd8g6nyNwukCQsCGAm99tTOunr5pTPzs4Df4erwaXS5LtNzBbZJPfA
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:12 GMT
X-Proxy-Origin
103.209.254.52; 103.209.254.52; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
998acd28-f42a-4a3d-87d8-182fb7ed1b41
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxODY0ODg3NjE4OTE0OTkzOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9e0&_p=4062&cid=725392520.1663501992&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663501992&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&dt=%E9%9B%BB%E6%94%AF%E9%9B%BB%E7%A5%A82%E5%90%881%E8%8D%89%E6%A1%88%E6%9C%894%E5%A4%A7%E6%95%88%E7%9B%8A%E3%80%80%E9%96%8B%E6%94%BE%E5%A4%96%E7%B1%8D%E7%A7%BB%E5%B7%A5%E5%B0%8F%E9%A1%8D%E5%8C%AF%E5%85%8C%E6%A5%AD%E5%8B%99%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 466B 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 06:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 06:55:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 466B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CInl1fBdEPZpTxqDEAbD_vQEHcz8b2LBry2uC7ZYdjO13wmjcxrUnWzz12Eq-ztoEI1KQQbAdkYw9tFjvhwPIummp3yeEuKZHzv-LCKVNPmvBAWHhMQ8hHsmdOW7V0OmfloqvqlfeLua4JodjD2BtxWXa4oQ&cry=1&dbm_d=AKAmf-AH6EvkmjrR6__4KOozF9qHKULl2z2f2gapRiGBnY4F9d0I5wWZW5lMYRB6TL2hjw5eJGPvmg14KxZoiZBA6rSVHcf0lp_RUazu9oyu-VG6Cw4kkDZ9n6EFeQDbymD4w018jdTOFDZ0pDUA3JFXO5GyZa0-I5T43bnft8-6o3T9BQZRhMrUCMoKmioAs04RlEuFYNMQj-K1KMeM3zeiXCsVIiGnZWwLLdg2bjHgn9y4XD0maWKzEsYeYmycn-RXtez5lXinhVFeiiXCrrUweL653B85qDRPpTQhQYTxmx2_91jBkHbsRQ7GfCyGeE3uW2qqJf7KIhRsebA5AxcYQGiShWBes4Ihqoq1FRxvAMsPsEtkOkWoudWhn--B5v5J_yahyNr0bLc25biguHkKgz0TCgyHEZ-fqXdcoSWiOXRNlahAup2_2qij_njyPXQJ0sZBasxBT14Os6SfBvrdaAsbsckuuJLfJpHG5LAAR_5WPLvsrmmOvLcp9FrNasfWZB2BN-N-BsXfvzFgoMGqDKWymMRolOXqPZdQrSfJ0RqAjiJSTGTQmEr1wG1WwAcYhIOou_BgzsxrGnxWmDJl_ZYB30WNB6BzlydTWSh9_24WupbjYajFyfLzPBMyqPD0NZSqwhoNRLbPhT3xOVUdrIe7DJzmZ-m4qS6quAqvngxsLpRyrFCxHw-0c68QbhkfaGoQQHtTWKNA5tbXIYTxfQleTh7NzKQxRmI49Nrlj259xw85nRebxzZh9fzX_sdEpbbup6APsbniMirPBmDZVjRXBUNUHbzXWEawRTC7CH5d_wv60CrDwtQLsO26zjCA-r0lHa4d9Y4NZO7emHN7DGiSN2UZWF3sGL5wLqPmZvxyjEH9Hb2dZtPV5ariynYt5I7UFCi0XGJ2Qglzj7VCfK7HRXXbQygQ1IxJJShnpCKuZCHG55lY-3nfv3CmSBbYP6yYVi7uzeODV3y8DTao-GKzzkcGWRMlW_Q65_ygEOO7R_PsrSw4DdDt9q_UDwI90qbzpeuCRUaQPv1CSVCZoD1v1pujLm2vJpc4Q36nBS-p6zCHC4XLsdY9f9Yhn8p74HAWSdoOz0A7S1H5W6QFkBIc1zJzVUEhhch3elaJQNwNJCCrQmQ8Ag1QUNXJg2Hy73dXoAB5hFFqGNuHH_TipZE25pSQGJDYjsUVhILm7OFW6jS02MFY2O-Fy_fnZnLY59jSfTs3glzaSQ_7sYng2ljnllKJqs-jOjs9gAnQGGoMr1G5gHyPtHuuo6oXOJdm_1QLsGKMYr8Pxunp3FT_qxracgKCHOlMlqwhEoGpvJfSPWF-xFjceDyeIwkjpCEZ10q4EO98-UBMJpZgO10Raz_kAOLSSiBqPxEKU805ji2Q22yTx4TkoDi8fBd_gC6AYdWdkn8U-VUO334A-3_AC7oqI4N3IHM93TAveYS9rGfjt6R0F190Ix-MEwdTZRQ_0ogCzr1Le5pe25YBSb1QgjiEdZW6ou2fP8NHWpNUN0uo74FopK5yc51UM6YtCX2V--FM1XkQg_D5Sijw5joDP1BGsNl4OWmG36TDhjHuK1jeZG6nF6I3lIs9tyCmxBiZ6aPE_2TpOQ9nSDibWElygFM-_HO2XHQp7GAC0Ln9s9koGOPE87rox-_9QmEJj8P7lib_H5FlJ8JgN9Pzrpd6Ym_OISO7bOu6uaEEKXFHWRqmSE960iwhZyEZsKBMblpxFqr5NuHvLY7P8VLR5vpfKW_IAbY4e5iuygEell3wJiNWp3AWMGKU7oznB5bHhqAEgicY5QrnxZDzLH0xg9mLMIq6EoY-sobf1tQsYvFkInnOJncMdaC2CvuWV2nDyx1cpIvxybpO37MxXFhrHmJ3DUMv2FzN35LqmWYikxe0jc3VsEcEqb76V0akw8rNoOpIk_ZMnCmwoa46rfZHsL5MoXpd0wPaWOSmlf5HevPBmtdA3SzC5OnE-WjSQcCuWZvcTbaedK3gQ23WuYAjL4wupo_kIL7cVmhYIdgLB3xdD98Mz4W_XeOsx8E8XJGTst7DT7loKSVh84YAqHIcyWI-wf5mikuq34XL_ejnP4BKWN5AF2eXS07zsYUGMn14UEJUGD6ZWSpZH0jWh4HVzIY4BN7T15M0pDQ0oEDuIc38kA2LSQJUbwxOW3si7y2FStHKfyaKje463GJCv0yosDAuOFs8R0DrftkK4yh5v1SLzwt1inLby5O-28xBIjk6GyP0ksDQO6MsueI0JbL30VAwxLog_T22sqjK0KSljOKFh3S58O93M1fncv9qsS-XZ5Ood03Fho6XZRB9TOsgSEpgp3jdtjMrCYuWk_pRYmUvZQxo-kbK8oEySVzxpSbx5B4wHrc31h_7tWmEtWjk4QiufZkECPUT2833Cag-dAaE7dMMKUHG5oRKPF1dM1h2w-aCVu4AZr81omWC1x5X5_paFUl3SxYDV-_tNAN1rpDx-75vrCPLc1-UR2VkolRj8J_tJxYppnHUywrJzZOthn0sXx0r6HejL2a2ZqIhJ5b4IehZf_QjqcpCEmIn1xVDT-JuKCsBkMadSoUC-Tc1FPgKGl_DpQdcSTColUjOi7ojj0TYAaEXKiYOZCD2Ev4ZzfukbVyBcjFnaBzZ3nUgWQUxZfoOo4xKWwvWyREHtTHsOWqWAVH2W8qE2glvM5UTEzAvJMQr_W3-IEa6Nlo9pSxz4slVlKZiHtIvXYuUAaTA3TbL4LLxQ_s-TguEur2ozhBnKLAv_whYnWn6k2oYikHK3gib_Pf-HcNlVZ-ltRV4F4f1xrQrvoaHv51jsK6S4tEcxsqHvIFbs4F1Sz0hPry-TICGOXWzBNaHF9LNxtsrLTRi70S5tnhEbv8fk1w44ipnsaNSHBBT5P4yu9gdIovSQvPnkg9Fna21Kh0BGGgrIIGcRl3YM2u1CREIkgHEwIqXNBOwbkXKzLfWkm5S9vv2PtGd0Ywz6x99X-Jz2QF0K20EWiqzeGMcofq9MLeXbwhKdqguN0LxkOxplSiTJE_O3h4NieI2tPgQg5ns-DYdoSJjvSkuon1b3iKgPK0MPCio14uvIvi_DRNRnIhApQzLGh_9BGl4g339sEoNDL8XE4olA8gQ8xCdwWNDTowmdy8oUC6TRsa3eyp9tj5KD9OIaE1G5ZzT3BAIZ5zdtAbnIncVG8GGGuSmqXsqtSpmNO9idNSEQa7Wm0iR2WcGEmGul9MxIyfk1A8gLS0nRjaH-4SXx3NX7Txq79KGFV-jPLlbJ08yp7yjhyKGfBeYNKqkNnABf2QevBDTfgguZHJnd2AweKbisqU2cALN3kt7olBwbbAwt0AoI0hPhDGsfmwuOAacEgY3WBRvbjS3QwLQCuCWfKTqZbRIzSOj9PkR0CigpuMS1wkaKbYXtF6iqbR7i410HkY3u8tSlX-Szq64GwPV_OTzNb8&cid=CAASEuRoAm88AKy9EoWVNR09QqOSzw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:21:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 466B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CInl1fBdEPZpTxqDEAbD_vQEHcz8b2LBry2uC7ZYdjO13wmjcxrUnWzz12Eq-ztoEI1KQQbAdkYw9tFjvhwPIummp3yeEuKZHzv-LCKVNPmvBAWHhMQ8hHsmdOW7V0OmfloqvqlfeLua4JodjD2BtxWXa4oQ&cry=1&dbm_d=AKAmf-AH6EvkmjrR6__4KOozF9qHKULl2z2f2gapRiGBnY4F9d0I5wWZW5lMYRB6TL2hjw5eJGPvmg14KxZoiZBA6rSVHcf0lp_RUazu9oyu-VG6Cw4kkDZ9n6EFeQDbymD4w018jdTOFDZ0pDUA3JFXO5GyZa0-I5T43bnft8-6o3T9BQZRhMrUCMoKmioAs04RlEuFYNMQj-K1KMeM3zeiXCsVIiGnZWwLLdg2bjHgn9y4XD0maWKzEsYeYmycn-RXtez5lXinhVFeiiXCrrUweL653B85qDRPpTQhQYTxmx2_91jBkHbsRQ7GfCyGeE3uW2qqJf7KIhRsebA5AxcYQGiShWBes4Ihqoq1FRxvAMsPsEtkOkWoudWhn--B5v5J_yahyNr0bLc25biguHkKgz0TCgyHEZ-fqXdcoSWiOXRNlahAup2_2qij_njyPXQJ0sZBasxBT14Os6SfBvrdaAsbsckuuJLfJpHG5LAAR_5WPLvsrmmOvLcp9FrNasfWZB2BN-N-BsXfvzFgoMGqDKWymMRolOXqPZdQrSfJ0RqAjiJSTGTQmEr1wG1WwAcYhIOou_BgzsxrGnxWmDJl_ZYB30WNB6BzlydTWSh9_24WupbjYajFyfLzPBMyqPD0NZSqwhoNRLbPhT3xOVUdrIe7DJzmZ-m4qS6quAqvngxsLpRyrFCxHw-0c68QbhkfaGoQQHtTWKNA5tbXIYTxfQleTh7NzKQxRmI49Nrlj259xw85nRebxzZh9fzX_sdEpbbup6APsbniMirPBmDZVjRXBUNUHbzXWEawRTC7CH5d_wv60CrDwtQLsO26zjCA-r0lHa4d9Y4NZO7emHN7DGiSN2UZWF3sGL5wLqPmZvxyjEH9Hb2dZtPV5ariynYt5I7UFCi0XGJ2Qglzj7VCfK7HRXXbQygQ1IxJJShnpCKuZCHG55lY-3nfv3CmSBbYP6yYVi7uzeODV3y8DTao-GKzzkcGWRMlW_Q65_ygEOO7R_PsrSw4DdDt9q_UDwI90qbzpeuCRUaQPv1CSVCZoD1v1pujLm2vJpc4Q36nBS-p6zCHC4XLsdY9f9Yhn8p74HAWSdoOz0A7S1H5W6QFkBIc1zJzVUEhhch3elaJQNwNJCCrQmQ8Ag1QUNXJg2Hy73dXoAB5hFFqGNuHH_TipZE25pSQGJDYjsUVhILm7OFW6jS02MFY2O-Fy_fnZnLY59jSfTs3glzaSQ_7sYng2ljnllKJqs-jOjs9gAnQGGoMr1G5gHyPtHuuo6oXOJdm_1QLsGKMYr8Pxunp3FT_qxracgKCHOlMlqwhEoGpvJfSPWF-xFjceDyeIwkjpCEZ10q4EO98-UBMJpZgO10Raz_kAOLSSiBqPxEKU805ji2Q22yTx4TkoDi8fBd_gC6AYdWdkn8U-VUO334A-3_AC7oqI4N3IHM93TAveYS9rGfjt6R0F190Ix-MEwdTZRQ_0ogCzr1Le5pe25YBSb1QgjiEdZW6ou2fP8NHWpNUN0uo74FopK5yc51UM6YtCX2V--FM1XkQg_D5Sijw5joDP1BGsNl4OWmG36TDhjHuK1jeZG6nF6I3lIs9tyCmxBiZ6aPE_2TpOQ9nSDibWElygFM-_HO2XHQp7GAC0Ln9s9koGOPE87rox-_9QmEJj8P7lib_H5FlJ8JgN9Pzrpd6Ym_OISO7bOu6uaEEKXFHWRqmSE960iwhZyEZsKBMblpxFqr5NuHvLY7P8VLR5vpfKW_IAbY4e5iuygEell3wJiNWp3AWMGKU7oznB5bHhqAEgicY5QrnxZDzLH0xg9mLMIq6EoY-sobf1tQsYvFkInnOJncMdaC2CvuWV2nDyx1cpIvxybpO37MxXFhrHmJ3DUMv2FzN35LqmWYikxe0jc3VsEcEqb76V0akw8rNoOpIk_ZMnCmwoa46rfZHsL5MoXpd0wPaWOSmlf5HevPBmtdA3SzC5OnE-WjSQcCuWZvcTbaedK3gQ23WuYAjL4wupo_kIL7cVmhYIdgLB3xdD98Mz4W_XeOsx8E8XJGTst7DT7loKSVh84YAqHIcyWI-wf5mikuq34XL_ejnP4BKWN5AF2eXS07zsYUGMn14UEJUGD6ZWSpZH0jWh4HVzIY4BN7T15M0pDQ0oEDuIc38kA2LSQJUbwxOW3si7y2FStHKfyaKje463GJCv0yosDAuOFs8R0DrftkK4yh5v1SLzwt1inLby5O-28xBIjk6GyP0ksDQO6MsueI0JbL30VAwxLog_T22sqjK0KSljOKFh3S58O93M1fncv9qsS-XZ5Ood03Fho6XZRB9TOsgSEpgp3jdtjMrCYuWk_pRYmUvZQxo-kbK8oEySVzxpSbx5B4wHrc31h_7tWmEtWjk4QiufZkECPUT2833Cag-dAaE7dMMKUHG5oRKPF1dM1h2w-aCVu4AZr81omWC1x5X5_paFUl3SxYDV-_tNAN1rpDx-75vrCPLc1-UR2VkolRj8J_tJxYppnHUywrJzZOthn0sXx0r6HejL2a2ZqIhJ5b4IehZf_QjqcpCEmIn1xVDT-JuKCsBkMadSoUC-Tc1FPgKGl_DpQdcSTColUjOi7ojj0TYAaEXKiYOZCD2Ev4ZzfukbVyBcjFnaBzZ3nUgWQUxZfoOo4xKWwvWyREHtTHsOWqWAVH2W8qE2glvM5UTEzAvJMQr_W3-IEa6Nlo9pSxz4slVlKZiHtIvXYuUAaTA3TbL4LLxQ_s-TguEur2ozhBnKLAv_whYnWn6k2oYikHK3gib_Pf-HcNlVZ-ltRV4F4f1xrQrvoaHv51jsK6S4tEcxsqHvIFbs4F1Sz0hPry-TICGOXWzBNaHF9LNxtsrLTRi70S5tnhEbv8fk1w44ipnsaNSHBBT5P4yu9gdIovSQvPnkg9Fna21Kh0BGGgrIIGcRl3YM2u1CREIkgHEwIqXNBOwbkXKzLfWkm5S9vv2PtGd0Ywz6x99X-Jz2QF0K20EWiqzeGMcofq9MLeXbwhKdqguN0LxkOxplSiTJE_O3h4NieI2tPgQg5ns-DYdoSJjvSkuon1b3iKgPK0MPCio14uvIvi_DRNRnIhApQzLGh_9BGl4g339sEoNDL8XE4olA8gQ8xCdwWNDTowmdy8oUC6TRsa3eyp9tj5KD9OIaE1G5ZzT3BAIZ5zdtAbnIncVG8GGGuSmqXsqtSpmNO9idNSEQa7Wm0iR2WcGEmGul9MxIyfk1A8gLS0nRjaH-4SXx3NX7Txq79KGFV-jPLlbJ08yp7yjhyKGfBeYNKqkNnABf2QevBDTfgguZHJnd2AweKbisqU2cALN3kt7olBwbbAwt0AoI0hPhDGsfmwuOAacEgY3WBRvbjS3QwLQCuCWfKTqZbRIzSOj9PkR0CigpuMS1wkaKbYXtF6iqbR7i410HkY3u8tSlX-Szq64GwPV_OTzNb8&cid=CAASEuRoAm88AKy9EoWVNR09QqOSzw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:45:35 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame AEA9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame F96B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 466B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 18:33:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BB8C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
62051
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame AAE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=2084231679577438&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 466B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1673c2e2b86d16ac0dc7db467168697b45902ed53cd76b309a39f8a19001beff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 92C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=4341867622059985&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BF3D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
438261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 10:08:51 GMT
expires
Wed, 13 Sep 2023 10:08:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame AEA9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wH-WBA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame F96B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4D6LFA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=topics_debug&api=0&signalVal=undefined&signal=null&signalResolved=1&signalFlag=0&nonBlockingFlag=0&iframe=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2921428250901360&correlator=3066922745845068&eid=31068458%2C31068500%2C31069634%2C31068884%2C31068366%2C44774044&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D82b076a94a1150f%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D83697898989abe6%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D84ac12aaea39ef4%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D7b4a7fa8791a6134-2297dafe99d60093%3AT%3D1663501989%3ART%3D1663501989%3AS%3DALNI_MbjyjwLHW7RkrBpADHbU86mqXIA-A&gpic=UID%3D000009cd279ff3db%3AT%3D1663501989%3ART%3D1663501989%3AS%3DALNI_MZBTc0Um2CrJmP9JYc28UQC_zwZpQ&arp=1&abxe=1&dt=1663501992795&lmt=1663501992&dlt=1663501986152&idt=3730&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=725392520.1663501992&ga_sid=1663501993&ga_hid=4062&ga_fc=true&ga_cid=amp-yxTs2cBIc5SB-MlaeZDT6A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
3a10e5fdd6f423bb8f50e19211eae63c55bed3349d13b7de6cadfb1c4a878b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22252
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F52 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:12 GMT
expires
Mon, 18 Sep 2023 11:53:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame BB8C
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENKJLPyydGnr7T2_xgdbLYU&google_cver=1&google_push=AZmPxg_-p8R5nBwBXrnqrwQcJhRStV_ab7DhoRDTfqhQQHYJszoohae-NXQEdL15mSjwClTgYPPIh...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_-p8R5nBwBXrnqrwQcJhRStV_ab7DhoRDTfqhQQHYJszoohae-NXQEdL15mSjwClTgYPPIhB8Y_tRGsnkYozmsSygIQr2_pEy3nkFMFfPSRIqY1vkDdGJz9ec3Wd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_-p8R5nBwBXrnqrwQcJhRStV_ab7DhoRDTfqhQQHYJszoohae-NXQEdL15mSjwClTgYPPIhB8Y_tRGsnkYozmsSygIQr2_pEy3nkFMFfPSRIqY1vkDdGJz9ec3WdnVddG4fgt39dA7YjXJOhNq72o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 18 Sep 2022 11:53:13 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BFD4111F57634B3DB091F5A3B9E5C265 Ref B: MEL01EDGE1813 Ref C: 2022-09-18T11:53:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_-p8R5nBwBXrnqrwQcJhRStV_ab7DhoRDTfqhQQHYJszoohae-NXQEdL15mSjwClTgYPPIhB8Y_tRGsnkYozmsSygIQr2_pEy3nkFMFfPSRIqY1vkDdGJz9ec3WdnVddG4fgt39dA7YjXJOhNq72o
x-li-proto
http/2
content-length
0
x-li-uuid
AAXo8j1iUBbACwDVeKTd2w==
pixel
cm.g.doubleclick.net/ Frame BB8C
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEFYdvXgPLY54YliKnEmpCU4&google_cver=1&google_push=AZmPxg_mZShx0MpFhyOmy5QQ7DskwYppfVGZg_ZNbGLdmUdc5Um0MTvw4wjm632uJUTjEairWlmqodPHl9SdYzIXajmNcMKD...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg_mZShx0MpFhyOmy5QQ7DskwYppfVGZg_ZNbGLdmUdc5Um0MTvw4wjm632uJUTjEairWlmqodPHl9SdYzIXajmNcMKD2rvDhW-584wBNhD4ll7YtWAFSOfdtZrGX_9J1B...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg_mZShx0MpFhyOmy5QQ7DskwYppfVGZg_ZNbGLdmUdc5Um0MTvw4wjm632uJUTjEairWlmqodPHl9SdYzIXajmNcMKD2rvDhW-584wBNhD4ll7YtWAFSOfdtZrGX_9J1BNdxGUpshGBuQHNH5jocOo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg_mZShx0MpFhyOmy5QQ7DskwYppfVGZg_ZNbGLdmUdc5Um0MTvw4wjm632uJUTjEairWlmqodPHl9SdYzIXajmNcMKD2rvDhW-584wBNhD4ll7YtWAFSOfdtZrGX_9J1BNdxGUpshGBuQHNH5jocOo
Date
Sun, 18 Sep 2022 11:53:13 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame BB8C
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEEplTL5ePFDn4198bvQ5b_c&google_cver=1&google_push=AZmPxg-rpsD3Y76uGw9eSK13WeB_2uIbAxpYM6OEho58CF3ITLmaSTdFJByGA8nWWS5XMCGRSws5r...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-rpsD3Y76uGw9eSK13WeB_2uIbAxpYM6OEho58CF3ITLmaSTdFJByGA8nWWS5XMCGRSws5ruP48jP69lwfpInu8piCpnpnvN00vt37iMdJABKIatUrUw46YT0xfV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-rpsD3Y76uGw9eSK13WeB_2uIbAxpYM6OEho58CF3ITLmaSTdFJByGA8nWWS5XMCGRSws5ruP48jP69lwfpInu8piCpnpnvN00vt37iMdJABKIatUrUw46YT0xfVnkFXWrY57TAiBckNHrY06P7A&google_hm=M29zTzM0WTlkQzl1UVNzMDJZTnI0X21WeUdF&from_google=sp1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:13 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-rpsD3Y76uGw9eSK13WeB_2uIbAxpYM6OEho58CF3ITLmaSTdFJByGA8nWWS5XMCGRSws5ruP48jP69lwfpInu8piCpnpnvN00vt37iMdJABKIatUrUw46YT0xfVnkFXWrY57TAiBckNHrY06P7A&google_hm=M29zTzM0WTlkQzl1UVNzMDJZTnI0X21WeUdF&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame BB8C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ9U5VdyC4DJNVfBLHNxwiQ&google_cver=1&google_push=AZmPxg-MgbK-r6t8_tSfkQVQMcEvgE8WCqAL0esapDZDu-InCKntpJIA5zPSugIGtMvezZOWa-0KUlVbbSiwRT1u9PGT_ta...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-MgbK-r6t8_tSfkQVQMcEvgE8WCqAL0esapDZDu-InCKntpJIA5zPSugIGtMvezZOWa-0KUlVbbSiwRT1u9PGT_taRmSTsswD3MbnA1pqGRqu3mpiX9C8rMwU56oGnm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-MgbK-r6t8_tSfkQVQMcEvgE8WCqAL0esapDZDu-InCKntpJIA5zPSugIGtMvezZOWa-0KUlVbbSiwRT1u9PGT_taRmSTsswD3MbnA1pqGRqu3mpiX9C8rMwU56oGnmxDGN0jC_8MszEkkDPqyGQ&google_hm=NDIxNjE1ODkyNzE1MjkxMjQ0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 18 Sep 2022 11:53:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-MgbK-r6t8_tSfkQVQMcEvgE8WCqAL0esapDZDu-InCKntpJIA5zPSugIGtMvezZOWa-0KUlVbbSiwRT1u9PGT_taRmSTsswD3MbnA1pqGRqu3mpiX9C8rMwU56oGnmxDGN0jC_8MszEkkDPqyGQ&google_hm=NDIxNjE1ODkyNzE1MjkxMjQ0OA%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame BB8C
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEITyfuQsh-AUJFCn6kYu5WA&google_cver=1&google_push=AZmPxg9qd5fjJNBH32U3KyvRIkNkftKR95qxBbdV-Lx6YiMSMA0Z3GlgLJ_ugD85Xj8f9jaSmrfiMyXAE_aaqz6ZyohLxpDbm...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&mn_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9qd5fjJNBH32U3KyvRIkNkftK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&mn_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9qd5fjJNBH32U3KyvRIkNkftKR95qxBbdV-Lx6YiMSMA0Z3GlgLJ_ugD85Xj8f9jaSmrfiMyXAE_aaqz6ZyohLxpDbmaBqUxcu_kF9u9oZLYia0jMXq8GPmzUYEV6POOITui7eqNtqSQFv5pJ-XiE&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&mn_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9qd5fjJNBH32U3KyvRIkNkftKR95qxBbdV-Lx6YiMSMA0Z3GlgLJ_ugD85Xj8f9jaSmrfiMyXAE_aaqz6ZyohLxpDbmaBqUxcu_kF9u9oZLYia0jMXq8GPmzUYEV6POOITui7eqNtqSQFv5pJ-XiE&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Sun, 18 Sep 2022 11:53:13 GMT
pixel
cm.g.doubleclick.net/ Frame BB8C
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJ_74M3YijO7aqdAo4GQuEQ&google_cver=1&google_push=AZmPxg91t_0ot73TQHZXyqImPkF-_599xSdFx0EP2za37qAXXDwoNBll9AF8zlM0PHSPgiH70brni_2idQSeZHApe...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmQzZWY2ZDktYmQ4NS00ODBlLWFlZWQtNWJhZjQwODkwNTU5&google_push=AZmPxg91t_0ot73TQHZXyqImPkF-_599xSdFx0EP2za37qAXXDwoNBll9AF8zlM0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmQzZWY2ZDktYmQ4NS00ODBlLWFlZWQtNWJhZjQwODkwNTU5&google_push=AZmPxg91t_0ot73TQHZXyqImPkF-_599xSdFx0EP2za37qAXXDwoNBll9AF8zlM0PHSPgiH70brni_2idQSeZHApeM22JNJnFvJQwDabMpw6xcAylRIHZh-bQrlMgjjvOPWCjfJtyuznXiK54T07gazw3Zf7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmQzZWY2ZDktYmQ4NS00ODBlLWFlZWQtNWJhZjQwODkwNTU5&google_push=AZmPxg91t_0ot73TQHZXyqImPkF-_599xSdFx0EP2za37qAXXDwoNBll9AF8zlM0PHSPgiH70brni_2idQSeZHApeM22JNJnFvJQwDabMpw6xcAylRIHZh-bQrlMgjjvOPWCjfJtyuznXiK54T07gazw3Zf7
date
Sun, 18 Sep 2022 11:53:13 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame BB8C
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJC-u5tOwIgK1ibFvnOC8lg&google_cver=1&google_push=AZmPxg_0iddUCcRosEu5QO1z-6pRdgNfTjXDWA9HcogxI2KnxP7iksnYCyFkwezo...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJC-u5tOwIgK1ibFvnOC8lg&google_cver=1&google_push=AZmPxg_0iddUCcRosEu5QO1z-6pRdgNfTjXDWA9HcogxI2KnxP7iksnYCyFkwezo...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg_0iddUCcRosEu5QO1z-6pRdgNfTjXDWA9HcogxI2KnxP7iksnYCyFkwezobbGpqJk7NXKmFP-Bv16bkOwoHNfXHA5ivt-SPO6UMOgHbBJaH0DuPSSzusFs24...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg_0iddUCcRosEu5QO1z-6pRdgNfTjXDWA9HcogxI2KnxP7iksnYCyFkwezobbGpqJk7NXKmFP-Bv16bkOwoHNfXHA5ivt-SPO6UMOgHbBJaH0DuPSSzusFs240-47JcivM1B08iXCyVSPc3UQmlQePZ&google_hm=bFRGYjBSc2s2Qw==&suid-set=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:14 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg_0iddUCcRosEu5QO1z-6pRdgNfTjXDWA9HcogxI2KnxP7iksnYCyFkwezobbGpqJk7NXKmFP-Bv16bkOwoHNfXHA5ivt-SPO6UMOgHbBJaH0DuPSSzusFs240-47JcivM1B08iXCyVSPc3UQmlQePZ&google_hm=bFRGYjBSc2s2Qw==&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame BB8C 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IoTKMrFRLA635p11MlLASd6yK0vbZqVZCYXq__F4y2FILlyvN3xU-ywy4yKtcm6I2JQIBonok
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:13 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 19 Sep 2022 11:53:13 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame BF3D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 466B 		0
397 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCTlsrhJicMMrrJL-ZcoakjAg3jyfTXFwjpx5_Cfzj3D634_2L9OhY02OYM9EuxU2YmyY5LtaR549rBjD9k41CmzX5lWNrT2PzCAN_GniptWl_RCcvt6vD3us6C9KbcvjJsyw327t1AXr3PS_94IZ5t-rEcEB6IupibIteuW-_rIJdKMnGixW-thhRknC1HazH58yqstue-BuenfYKoyxHHz0AIfx0QXHj7n7oHM4-DqBKjZGN-JleX8rQX3czNAyg99_bxMDPHAQuOhNSsV6T-jE4vhGoWe7pUAfD56nkzy-zbo6vBJxl6ZYmq4eqFJqBvPlGxdXOyDXykzedoyA9s44aTn_m5YHn3TmqXUmlmfKqiGsiX3tWxOSRz-iqVCUaf8-M3W3cG2czB548XvUkn3TX-wNUt4mTnBcjDaQtNftOq1mWHwba-LorNozvK_Mf7s-dZ8MrdxW8veEfli1XltMs9Rp9d-mwiLpPhAPzIMxmjh6XJLyNs0GzBH2xQaCVxFT-kMU8kmd1V2kQqHuOYnIXvb8lRKqPVrFfxviBe8aJ2Gk1vm2O04wRHgGYXTqd3jBgOe8t-PEBW4vuZ4eq2QFvA2_eIHWXBNrb4J4RImF8ABoc39qrJrWsMXd2IuVM79tsSpdKQnqTO6SBGDgn96tLhZSctfhPApV-Q7-BtD2ragOLoOriXPF_EyzGbG7jQGl8OehzItJ9DMVyjNjqFGnfa0C5q_oezMfA_HjihZ3MnGAmifGK3DFK4Lg0u8MmUQsasyTCqOj7DVgoXRWd3TaTBiVCKYlHKzucpPoEmQINYR5NeqgOxqLuHMsX-03cF0Z6RyawcoWB6b35Nz2QDjLuS3HBTmebMAqDBrWRdEEyjpOu-ntxJL1-BjGm13LOWz7VnhyzDHISUmHQVlXZjBEspdnvpgjCpqBOwMArECKqUt6-YUL_Xt39wsg8By8G_zL-FvaQOsaY4A0adPJQ7OMwS3AP7FvKFhic7A4rpLb885VCPeIHrO5oS2M03ec4K-nyGVKg5wTpZZfbrUXNkv9NFB3v_TvfTN0Q_StqVWHu7lJKpoYNY0msmXREwr9RFb3O5LSyW2Fuu9S0uMmr-v05yST7H2F-jKzBBzWUeo7VLU_xisQgihaWZdPnaxSL-dvGg1KxfdN5zfEBouyRhP_PM9BOcD9qsdVB6OWV0B4WmoidiTAeroAJeD4AVJMJm6IWnG99ir8pog&sai=AMfl-YTnkcIiS2WC_FSaQQnW3h0zYTTu7rIsIt8wCUu82A1gd1jVSeW7ZxcsqWgy7zYc73fVFhUbEfCQann4QgBpTYpiFwfcw3NkhmSDQyHA0JFM6xgL3VYuBPqWLVgu7vjAcIlUhzPDLv6-nthEIA4-su1SeEgFrQ&sig=Cg0ArKJSzBm4TVakWJCiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=754&cbvp=1&cisv=r20220914.07063&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 18 Sep 2022 11:53:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
8814982303167421476
s0.2mdn.net/simgad/ Frame 466B 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8814982303167421476
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
0808a6a9a35ebf7ca390964b57dd0a047fb2f8e4d105432d22117869b07335ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 08:34:19 GMT
x-content-type-options
nosniff
age
530334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44221
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:03:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 08:34:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF3D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxhR3pwYnY5u-O4Hz3LUPovudsA0AAAAAOAHgBAI&bg=!1Nel15PNAAZqQh0mSkI7ACkAdvg8WqP4hUWSKvWgzHp7A7DJd0yx1TSbFtH4f2vfugMz47NmjPGqRAIAAABTUgAAAAJoAQeZAyOZ-QyhMTaKV1Trxk00-F6ejotLXyyo1BKVAlpzvV3bFC0Aed8ejUfCUhIjwm1N4YunOuomeKA96F3BrXi4vJc-ppuozEtdCmpNkmo-_qwBXlDnzSiETQHe6o3Pngq_QP8PY0MjND79_1TE9zq3wdRFyHAJtZZcuSpfH0cswEINCzBPZqWvXSyRwzeVWJC6R_GSaF373TOSo35OivIxj5cbYCZV8YW-4D3fWeVDWsmiB5YwAgL8jFmFaHE7-qwHZi4a_dX0qzBLyG9Elmw1I4Fosu3VkxUxH5CU_EnMlu1rALzo8i3ZmlK7eVN-tAUU6BRWa9mKemfdh7mPTVruJGPkOua28s8qts4ySU3zBepn4nQIAAwsenL22HR1vE9Hy4tRnjFsxPcd9PCL2GKnLpAgY7eO_PNZTHAju_ejZQfs59s3hOPYEEfGZQXW3eW4UyGX9rH9ZnxEgDGv4AaIIxGNQJHtPWFDImU_0u_NlLE34qsKso_8tQP-D9DDDjog-4dCUcv_f3NOMsEybttb4LBFGaa7I2yqCQKiowZXO3SLOb_xuzdUgFjP2nKcmdEVk-EmqgLjYNNdhuPsIcdACrVykzfaRntjRsaOgsAfBu6r0MdjD3AyJmtfSUn9L0HwDLrkI4Pcf1G_cUIo-W2hJAEpOErJk_eFeGcAeU6htGEcGaq0rnu3d9ShO2tlNuUbUfWSNrfawVb48YOAMeq11GNJtH7qaRD3xdsD0IaGzd4Q4GRoA4m-pF-YY6cbRoIFIKYd8Rjn6gZFwmXefv-dR7aqxl2CjEWDxzR5jTMY3l6gxh4qQTefPYP5-O1Yew9l0p5BaukSqT-SPuzOa7yaccFif-HH3dM9RcwR3K1bkLBmehXoOVq-lmR24dL-doTcCaBHY8AC_jtpnVK0hBcGvfQu65wml9XtMgPLxIkAuWB0h-tS70bh0pd292lgs_QVq9i_4ke6wiOOuH3kpPbHUV-vob2UTbAgT-7ZmaB-c1nRYwaV7ZcZDPwcPi_v5ElxrLcmLjZIMlM_vdHbW0lRlzDwhxh6xaRVoi-uWKRx4iZUIFiuqw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990666&bpp=12&bdt=238&idt=389&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3389483088911&frm=8&ife=1&pv=2&ga_vid=1436293627.1663501991&ga_sid=1663501991&ga_hid=1057183914&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069511%2C21066428%2C31069178%2C31062930%2C31068919&oid=2&pvsid=1640336907108955&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.t46lo1vqvfsk&fsb=1&dtd=403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AF28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=2084231679577438&bg=!JySlJGDNAAZqQh0mSkI7ACkAdvg8WhoYNrAPsNEYFDWtntalodW5dBhQmnEqPyqtTKwTvRd8LTDmxgIAAADwUgAAAAFoAQcKADaX4U4Um5pC_Hz-pHjgtPEtyeVQi0ovKphOpJWRo_SzzNG4zvVqxtL0IyOHLtnvG_SyftD1weGZAqvbIME0ZolbJ75O1b4hJNRENdJcveitfhK1s4eK_rM8PJ_okLzUUCXo6YDPXz-JIFtl9BpcN4bhVznxUiJ9E41puDes4jdOCo1n8gZ-e0oOelAaRPsWo_-OsqGyHSLf03_nAgDcUZiG8wCxGpU1nFAmIgiWaUXm2o0bsbHd3HjwEdAHuac8mtV45MUMqcJyXcKy2qlPvaPiY8mBuwwQpglK1Py4pz4J14pIs1xNw9XEFNrriZXje4BcPrWydOtT4hECMxBMCYl5BOgS07ISPIVuWTIt7d6W54etGS4sgqqjLskb8-3f8vEpwjzyJN_lrLXHi6nsOx1qCKGrRsd7ogw4xavosOSh_Dei6g2wHGr5js4S0WgrgGcfcOzTyV0iXmm26DN7z-4n-nS6j9CB79-910ZnD_-9kyoqo6_zyAiwrTu-ds8vFEUnvS_KHzYV8zlbr2cAGIIYZM7uZT4gWffQUZksiVCCDO657sZkXMRHBhyEPBIKWBonixVX-yjup4jbPHyuZ81IuSsP2qnmRLc3FzUdu1673la9flsKrzmriHwaWQWksqHq3oTNVo_mf7BVG1e-lyfCgzeIOXXzLNZHNIvED6FUISVDUlY9RsDkAv9o1HBx_Ak86aGiCW2ViF-WCMXsuSa_7d6-dMXxx0UzfpoFYr_5V4EUC0of9agWccDankfsUr9GajufBhL_3RF1AuB--VQ-iuD41-lyzLCqsUgSieTbUvPzGT93n0EQ3eOPY-0KH33SDeO3sN8T6Fe5TvkyGwJw7TIFh-jl_QG9Ez06NuDYsbX8hAMsEyXlSQZoPSMuJtaMK2Ljzo-V6mEv2idp2NAQG8J7W8LQxNXCvtoKonW_iHBQY_-M7dJK4jbDPV27TbIQaDX5NOhIVlX1vTkYtC5q-jqBSg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0368 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=4341867622059985&bg=!JiWlJWHNAAZqQh0mSkI7ACkAdvg8Wsq8DVljqImbrbDk-6qlHldJHq2g6W5WXA8_O5u-UuMCBvJ9MAIAAAD1UgAAAAFoAQeZAqkCMajPROxMmsqEZ2cmM1bIJkSGYBh1_I7MgAJt6gveeIrhRCmV7fLqL0M-jZ7WOLAv0zrN-BSXiCAtVfGpmr1otSg4D-X2VCEkkN_4YIKRLTlMsg24gZC3rx9PxNmLuDuLdnc4ulGhyviXtweuMoARryYBbb-8CjJk4yWV8V1UKk-Tu6JV2pPkq13Piqr3JUTvsjMcJV15YVfz6RdXRBbjNLQypRkH5ooJccUOwScdrTtKY42nqVO9Gg1myVtQNZjtwfSayNHgkmk6D2JgWF8cTatE_6NbFKsADgFHyowAXlpU7pEtfC1LGsyS9uuSKXcmMI9UfA9fyhlS49s9HURwyCkAK_7FdL__3LZ3Jb4Y3xo4ybqpv8sheWPoBxqNFzZSRvJL9EoTii2BmFt8xJ8xa6Qw9HWVgWemPudpLN6C9OHqxqIZTZtJ-QWQOFsF0xr0qre-WbJq6O6Jr20eAMTxq2aqE9xHnXSn85E-kYdB5hTEat0DV0X2Xzl7KTdEsbh8WCWmYcFxxTt7c43Ee04fcBM_HsPfhGSQUOPZHGNQsKBrFrEWwvjU53iWQ0SorFW3WoRau6EpDSYEgdkiyMhc65hJJiRZTgH4SeSM2Or1x4Ly1nykV7MQcYoWnwk5yijYZWASveTrlSCfDR1fnOERQ0wywJ6YgKWiPGHLoByuqoT7clhAWmH-EDoZNut5JD2mbT11GDsL5A6XzMd19gCM-cXV3mXnEUA7HVvzGgfvs6U3hRI_XT0UIrnbe3I3UR9FPa9D65Vf9exrXjUCloFBAv2wNv9IA0I_I4U1F7wDZjX7D4NuQjfMA_OsOIe_suTqKrOSZ6NYHFYaYKtRUFF_z3FxE2iH5lueMWNN7wJyNeF_2UuwMaMCrjm_ahFF4PqdYfXUDRfsTdA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3102 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:12 GMT
expires
Mon, 18 Sep 2023 11:53:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C2D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:12 GMT
expires
Mon, 18 Sep 2023 11:53:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E621 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:12 GMT
expires
Mon, 18 Sep 2023 11:53:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:13 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 19 Sep 2022 11:53:13 GMT
smtr
contextual.media.net/ Frame 5770 		89 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1663501992776454869&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44/zegzaB&bcpf=8fOnRrolnfOur8B44%2FzegzaB&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2Ca%2C13%2C47%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Cj3%2Ci2%2C150%2C133%2C3%2C149%2C4k%2C13a%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p11425267454t202209181153&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=VIC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.112.21 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc6d22155685cb2460b2df388a97210a0bb29619cfe98630a2f23fcf6cc36b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sun, 18 Sep 2022 11:53:13 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-wcfm
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33444
x-sc-w
21-q6pf
bping.php
lg3.media.net/ Frame 5770 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=520&&vgd_cdv=797&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1663501992776454869&ugd=4&lf=6&cc=AU&sc=VIC&lper=100&wsip=2886993991&r=1663501993620&requrl=https%3A%2F%2Fwww.bg3.co&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=140952&vgd_rakh=1663501992155467831&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p11425267454t202209181153&vgd_pgids=1&vgd_uspa=0&hvsid=00001663501993617017418153481547&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sun, 18 Sep 2022 11:53:13 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=53097
content-length
15
checksync.php
contextual.media.net/ Frame 1CC1 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.112.21 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a3dbb39f0de2eee97ee3cc17e0e2305aa6a997bca81846d9a087b56df85dd93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sun, 18 Sep 2022 11:53:13 GMT
expires
Tue, 20 Sep 2022 11:53:13 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 5770 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4763&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=YycGpwAHWYAEwsfs_gl8Pw&s_city=dallesport&ugd=4&bcat%3C%3E=1000037%23%2310539%23%231000036%23%231000004%23%2313612%23%2313740%23%2310445%23%2310031%23%2313423%23%231000031%23%231000030%23%2310130%23%2311669%23%2313525%23%2313589%23%231000024%23%2310648%23%2311321%23%2310106%23%2310366%23%2313566&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.408188E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=5a197c05&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=25.0&adj0=0.0&tmax=300&s_ip=172.217.46.77&adj2=0.0&adj1=0.0&feedback_id=YycGpwAHWYAEwsfs_gl8Pw&adtypes=0&mx_aabpc=0&reqid=YycGpwAHWYAEwsfs_gl8Pw&sc=AU-VIC&sd=1&mowxReqId=746fe0522e424e53a2bd4ba0d2291e31_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1663501991606&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-39-9&coppa_enf=true&bdp=0.020&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=746fe0522e424e53a2bd4ba0d2291e31&actltime=32&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESECbg0J_ohtF0FZs3vYIyph8&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1663502591861&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=31.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=48119552365215_770219503_52982010441&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=38&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-6df64fd66c-mgz96&currsrc_date=2022-09-16+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-18+11%3A53%3A11&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_PkUCVNarJE26lzIBM_Rm3GYKPLBEtGmpFP4Vo0DfREECBU5iF8n-ggzJaVg8e9KkJ1Y&dmm_ogerpm=false&csip=rtb-common-istio-76c566558b-5jl9t.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D438~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022091805~iurl_b%3D96246.39~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.1~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D40~riipua%3D115%2C117~et%3D8~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022091806~vis_b%3D96.14~url_b%3D0.01~url_tvi%3D716~smm_wr%3D34.2831~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022091804~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw3ZiR97F4zPvzIU~btd%3D242910499510895691450093473303286418693674568372768483121717771329950839711628333056~d2p_l%3D70~3pcf%3D2.43~uim%3D0~og_msh%3D0.01~dmm_strg%3Dno_strategy~d2p_b%3D0.84~ogd2p_b%3D0.84~vurl_b%3D0.07~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D20.32~vurl_l%3D50~CI%3D2739~nts%3D3~tb%3D-1~ct%3Dport%20melbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D14.17~isif%3D0~lc%3D2~bid%3D0.02~dc%3D8~vl2r_b%3D0.91~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESECbg0J_ohtF0FZs3vYIyph8%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.408188E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D253&utime=2012&sf=0&cpr=0.29252684658802597
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 18 Sep 2022 11:53:13 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 18 Sep 2022 17:53:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B723 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
62052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5770 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02bb0f8d526a625c36cb9271d79f3051d2e467c1d026ca0fd03ee012c3ea73c2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 340B 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVpVSoAFY2n14PNkA4PDtNXy0IHoCcHuQw11_L70jQOy_QstZMJR3A26wKoZnNuFtrIHIM7wC95g4A5Q58uA6KvKbJ2qw
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3102 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDYF0-YIpr1kAEfLzQzjksq-JRjwCoZEKFdVYgEznq2cZyDJNum9UmRegQfMidxhJY_kYUxhpNxTODJCNVV2-NsV4MIkg4fFLKhsNAp6jlFDYHTy-YwVVfm2AS12rVbZOQA6NgLSdqmA8jOGzNmnUz3GnWvw&dbm_d=AKAmf-ACNEr_sKbdmxKZwcEaCIoJxpBhjVbYEvCw15tSLP3s3nNsJh05jVeDPgTPEsUz2yWoH628xrWEnsHumfXp3zy2bRaHCRgGp8RGMRYD9JTYRezudkYPuOtBDsmFfcVpZhhq_t4kzyO99LARQGcTc6otpVTqHGJHv3iiS7w4hRy6MA7ysbQvkBke7KsTCLdC_EZYofpNB2KPk9bnZP1ogwiYYwEL0gUc9qLzQp4FLkkUfjmVOn6att0izM_Uizt7wRCK_kNDhc4GvNmNn8AqFAVi097QocmLknSWjYWfJIcLnBbyMTvdY0512CkxFvaAJdkjscfFHKJTuOWG6OtcxNEB6QrvBGCZNa4BEwTL9NMsFOlOJ2xCGnTAq45CgzRaod0HRhCY_liv3L4tn_3tBig0vAb3OFTiAuap0qKoOOZrk6LTN6s2UlzxPSsCMy2GThmRCGxbod8KqaVf17Us8z6X7PFY7Vi3S05AEIbZzgvNUmyHpghnjsOUI0yx3sIeqhqoFXjpygpoeA_ZK77mB-VFlCh3mJeRx8scqGRwYkXzF75pNnruKSHuXmvqRcEWl3B8L1M5hXA81wXdZ483M1U_tlMcQNFNdOW0oeCTswHL0MYkAyxMAAQKikpimqyomHkB-nX_CSx6DsGCSQPRNVXrppbKSYXlw9cvGfOOcurg7HuuKeZKUmGX3TL3ru3PwM7BDqlx-wtStYPLlrGDjMfY9O55aMAWaKBAhEhHdvjJV6oC_HLyTF-X9EAlz3xUKH5knByDtPMVUXCTMbvhEs4e9_iFOx3tzCo1Q45ynt2VywDAsn6y1-DWKIfoo7Q16F33HnyISftNs0VUBojPk_d3iHNjBUiWWrpjwyS9kB_wsqUIAsTK6RYsucLBL47XtCaRzdM971vONnNaicz9FwZc6EdrdXBlfxsN7CdXPrHiuh3zbozodoj5htH8w3Gu_WpPsjXoO8eFM-RwAgf3o5L2H8ShcgWoze-msFTVHLxl2cXPg2gM0y60icGJyimYwOKy6t5teWJ9G2xSdS2w_Yk3WPBMPuH09LwzxUYbwrkFmw0COzDaIN7mN0YCdW2B7YTzZkt6iS6sUMhzxq4W1AQdz5-KfhI73oywMHS-X7yyzvXlFvCjuikrAspnY-Mk3CQA-slLZnOYm5Vo6C7hlHFd880fmLkodJETn5htRbRFuOdc5Y4myf-4cZufXZBV9aRN5rtt1jJHPbLmF5FhkSkXZw0uvtVsmHAXgEXmJR8Zipd_rvtE797twXHryt-F-5hhWsj01dZH5nNqrUs1qyzENHA2bddqJb_peWLY0UXQMcSmIrV8E6lQcc-fOGPE6zmamPvG1TzLW6vs66kUfpHKbVas7D7itYIGo8tvPxnsMlUSRTWFOZAatyHHhvI0izO0KgJzAtUEMxbp0bgTZJpYBM71nBun6VwD7035yzu7RWo_9F62kmPtNZe6RwtOhxm1Lg-jtTWUHhUIgpHAYQxmer6zN3u0P0ka3IK83OgyfTXPLwCfIvYIn-RJQOTg0w2HfNdaWc7PJBKC43xwfP9GW7ntr582_ZGpmZsKzCmeKDe-R_IMWU-Fb4X9WW3v3ZWokUSLzhq5BoP-J1g_PRtWJq90H11to2nlnVccfjkmMsBGOIDzydg7y9lRSc3hrE-BS6Xey67AA0Fu9FXa-vxzRaYbXGsd5fnYEQo1zjI0uELxZSz_i4cPEc-ewjAozqCGfOTNWzZBYya7hnwUxnop0mq3WnfsyAsyUZZ_WGS8ZxlPTAEfzCXn-pIZyWswdF36src1gM5-WyJ0FXSnoxJuGuRTLRLvWn_9WfEGT1BXjsXNM8g186Xq9BI_mBhHuf9vGsDevkILwKQDRuOy-AWJDoPYIuhagf4iPzf_0iX9KDCdDy870CsY67ug2HHivMUPxC3Tqc-BFv389-R8ZSSpAxalt-Eqmqoce1ZD7fuB1TYQDR9YlkEEWzAgh7WCIutem91jA4Rjd5zBLAEcufz-boMUrj2spfNypVzmODxrVj2a2TfGs66MwZibo5fEzT8bSQpK181sANkAmHFfFSrfZiFFstmzyozxdyi_sruwOkPZEM1O2WAUMcK-FtUCbhNnkP-2bIB-OOMtd_qxEyCCmL3wB4LEQuc6JQhp8gISO7v0AnHKdnkscss93IKXKQePn1F9qzyUNnVG5J6ZUMxdJem6CumKtIYYj3xAn6P38wgpGdjdaF9ehNDyTPmVJS1NlYLIe46FFsg5ePl165pNymtht3IChNnXMSvuqT5Q8QEIxE-Yt7bCpJvOXMGLr_EVz4ExJgXqvm15xzw_ExY5_0g0WYc6OqYLun0Hw-Z7k_bZMNrhAuCSJkiwEyCFi3LvRkZ3PQYu9Jz1tk0Z04Ma7JvFncuZCzPXGGCRXdnpdUPuzgVb3bEDZ0xXURHCeWdr_nm2Zb_NrwFEM3LYBBq38i3CAI92uGo0AkYRKHPHVKid-speik6z52y7pSqFJhv-GrJJV_25VJyi_YL4LuKwhzFGT9_nEj8tbNAqUWLPkDonc0kYkJBpDbL2oetmaTjwjliUqXuAHAWQ9nxHT1KUxj9ub_rpJKN1VJL4XeBsYJaolBWMJqgGNPEWT2xXnBQxTVqef2CmuWAujR8ADCSjrSwuUgMmu8p10Otj-CfEYhL2h6KWLBSrtWzYAFyKHIkkx2Z64wczXlXS5hFjSg-he0VxjTMtaeO4k0_omUKWTVGF2d8Pq-fV2HHNrV596hgTNzErK1g1LAPSxjbQTWGAMurQVOhkCRgfhkUxH-zf3c2FAObxTafAyWdRWYjDdLPO6VwnKINr5dCqqslbqp4dYl0GUAjVsO6XcSYUFFQP90If4LDMCIR84xQO7goixCHTPMD0btUnjvCJilz-SJho-AZJHuhKezqRMK5fQFpwKXMB7SM-KRiuDyZgUEWm_jUM86laneMKSSUy3Z8bLtUVv1KfQ7SSbw76dWz4xWRgxG5QFlq_084JETL9e6Ei4ToKhXwv7948gzD1pXkWWRPzMaudUvLIM-7zNnZSPf96ucDxr-Pd-XwFeutYXC9wco5iK6edCSrNY1SyL-KUM1Pr8wzmNdmRKusWWMi4yMP3urDTB1SwLTax7xdArQawW572sXI0RCaKT1uXrilo8HjMVd9_wjucSanQmBh3JOMeKYNKwuo_E1XKRq7zXu0g4NldpS0I&cid=CAASJORokreIJjO3kexoZxvoLxh_Jttd8XhiYnrm9LCQrotMsEP_xQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
c42a59541a772b289eff3c064c5384333fb90630ae57a331d72b1f9d410f55da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34172
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3102 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpAnh8VkXiO8gCj6jAg3rJjQKIGyrUf_kHh2ijEmcqqeTDJCtKNm9Id_AroYqoOvqIyVXBANQB57EwA8o3rIN9koCKQps3OR9_DWRc_r4In1In9qE
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 3102 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:30:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 3102 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:00:43 GMT
l
www.google.com/ads/measurement/ Frame 3102 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfV_OY9C99gSU1f_eR2KfiDIxsSa22zno9X2n8rngigXjDGcsbMxNtQVUVmodIBSKaI-HNZ7P4gy1FNz7YDI-6TKBpmQ
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3102 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:14 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 608E 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNUV1TNXqS6C1-4__fL8HlOHgJNPztat65mF2Ho-zpDDX-R3dca2C3M2JZbuKnyWJk66dsJtBo5UmCR8400_XmfOOZ5CIQ
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8C2D 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-p1aHZ3TdiLnIKaEhlZTDx3TZBUr3Xtk1zmO5JNXBf0Yh0nhrmwoRnTWY5DTTFdsOj88ii5nlvicGj_Ou8opcpZUOMghB1VBGhIihgcAUvAz3d3p73zH_7v12_Y69S3QpRQI2AHtSi_oSHjtriGEeoZiY_g&dbm_d=AKAmf-DVO3lcXtmNzjYteEI1GiuK4fnFtDjZEH98BtzB7V8_E7w8Z98hAAeoFvqcb0865uBcRhZQsbpbWaq39k5yjIR_7JdylRClq-uXK2rPCq_tucrwqF9hPabNpUdX32TG3gBRGzHl6vhRoGcMZx2_7FxiZUB6Hz6Z3CSfIcYJlo_ETZAcmOuq5fW-bZqdz_1eXqO4pFQ0MP4RO22RsIB3KV2WbCRxsOJ_DpZuSB0RZp0FTmFVzurI51RHJAWVTUCSOAASH05U1OZdxOkOxLTx1IOdNcTnX69r_WB0CDIY7gPJWpATfroUfnkhGaWaC4vV2EfybwPO2itg4c-I2Sur_Uoj6mJBGk1dbjOWU8wTbH0nxXGLVbMdJumVpYtt-BGcFP9Jmy2SBX9oSAgg80zX73XZ_ikVGVmHJiY3CaW5Siace-vq4hs7dYtaXNOiZRYtqy2aF1tu4wvbUBY3B4hXtHde0PGLkAW6P9kL7Nf0ym6zf2n903OCWg7X_9H6v2sIxfoB1NlVNq6W3wDBZTBtKPf7PGSHhRQNjGTNED51cRxRP0II0iNA03HGmgcgPNseKbCbHUHy5EEwLMzyoUd_VS5obCckwbMlGP4IBrDrLWL07QbayW61GDqFkczly8PmZ9v0tc-fpj9N3SftqNsigQV6pxlrVs7kNbKyBgJ2jUlbOOC55aRRaYSqsaJDHriMHWTqwKPj8VfZa4i2zo6PoRDiHtG4h-MSLOZISCt7RgpMAFB82ngTqRV3yWEDVLbbQ7FZG9NSRxqHsB2H6beO4QY5xAyI4dWIo8cVH3ukfCivTBgjOw0rCxueLr3WJcdgIVy9gh1CHVqJ-abYC-aXBK1PWCdTY_-DeEjsc3EQ15Ob4IgWHp96ZjbracKEn4rAoTeFXhe33V5BbnsrmKMV3JU329abqKAgyvfDQO_P05KdL4Ib4XCSKr6lS_ruM-Th8iJa_UYDmOGawbeennJOwWxixbH-85skS89HBy01Q66kIE4sVcW4Tx5QFihvYuBkZTMVhU-RGaPmlwsIU0pvhUqMWh7lVx6j-5qOY8rgy7KHmf4Nk3hUQT33kHaPTe6ITWk13hMTzcOWavL-A9qvLum6INCa7cDQrm0r0VpmL_w7xICmsJ6cIXgAsQ0SEE49PFVBhhUkjJhKOT7wdOzoWubgw_7bEYH0Rr6M6K6JB1gIjP-GT2bGKxb7c33uZ3S904ko-XXn_DLNugspnootMFE--C5bSC1VhUBeGiT05jmDTMyzJyQ_THtvqsIeA2QGnfWu5L9jwkdBFjf75yTjhKgA8qYfuPrLazEBh4qOeTo1qI22OSwen5YscFJxBcIBDt-obV94yzlg8Il69j2YWOWyg29vhhSxBvYXQfKzfF8JZbh1wkNIGaVCsgYL_w4AhQBaHDVQEdhooBD-bGaqKW_fh1903pVIRwZ6TShaWcAu67olOz48Ar2ieGGl6zF_P6gu1ziWJKPyLMfyp2GQTOjNbX-wJtc7gwt0tvCJm9xqS6VUUv6g-uvnG3l_AyV1hm6iB-ROJilusH4WfMhkQrXcXeZzG_cqER3ushP6W8SeFYJnfpYqFLXh-o4p9olKMi-WhAv9JrbhBo5KPgBR73oQJOU1xf6oG6VcgZMsbU-GL7-m4Jl1w-kw3k83C52PRqqOQG3C-Gv0oB-xU_C5_aS3igrHn1eLwN13MxT-hg0Gl4oaD_5sWFxgyHiRiRHrchikXscfthU-KUHgNcdtNpXY-FqOSJY20OY3B3kyIvLp1cLrch_nW_b76V0GyH4L7OxdK9yfjxDf75G5-5duJ3iHlu31KpRBBhEXZ_JAegMkVnqAwHmJKEhdT3aAkU0QqvAx4IIYLROCctMfzD89WjX1Kag7eNV18P0FHeStP2MW7k_mqei6R1ClQXNTA692SvIGDtdjmsXqrW3xVKVn2AsvjPuf18tBw5XTr_9YdBUqcyaeC8ECD9ngI6NpuZ2pVkUJYzDkf3D1GDk6cBrhobxdPB98DxzJldgVJhZpLSz7g3Zp0aXCGzyUN7GAaLV5NJiqGtYrUO1lAH80MtRuO99t0vOXIrC9ipydyAmrB2DYl01mSuufAhp6G8ab2_yexKcNppkS0Z1xw_wIlPl5ERQbSYh8qH7hflbfvy3QZahuLxyBFo01Ge7xh_VdltqMULHMEUHPZf818jTWjDrMnSMIpZIJ5LFdCxYeP97yQwpjr-VknHxtUlI8qThW3uG7zb7NXmHiu-w2Pq36qUg83g2kEIZbz-SVoEBTipmu7jd5KQohCJ3kkS_C0swfgp-x9FSmdMsuVcoi6jFeFYzoFNWxtl67cdaAPk7dOP9uOxVOJz4HH37B27lPYAg3Dt7LOdJs0T5YOOtXxaqhHDe-Zwusgii4Qu287xEVuTx_D1pEObgpRS7zxyWzSCaGpkWtk6Po3O24H_8MrM3ibfgC_z3X_SwvLF1reoHb8yrlnMFdgiXHmLV6lh-Vkzg-segAINYeknKLEv37dNL8m5pQUaHkLOzdQShRixF5MuyIhHMFmvfXaFDki0Wbn72M6ThswxmCW56qhf19sA6HBJKTcl9ZwLbiC9ofHD3sCOGiD3GmFf8sPH-gonC58BRZUXXFFKZZQtrX0-_EKA_EGCR_b8jf4IQem82umHJkVEUMSnBdyIGU3JijzejFeXrWGD_YgX2eUq_afcL6RgkOFzXiHTyI_T_qGPYseevBZYL4NnQyXyVfnQ63wUBP0-VKX-jNfaF5XL8n9uiZUIJde_nPUvRTg5Mu2aDRmKSRUGUYhABswvgMBR2kvgs4vY-_gqnlOp09ILbG5TdfyFBiEwbAJ1UNDoRr8tP2MPw4M9amiJcY76FPJuF4pR15LqjbB_EBg_6BCQRlVXjdwa-lL6TLQ0MBSvxU0BKPpsA7I3joTd3Ekvf2hoTzyTE0JnjG7hO5W5_A4M88Hm6uaoMWL5Qrpa_Ic42BBAp2EJThMBxoE0CLcbqgq1JnbGbsY4ZswXqjJE4lCxuKAW-dWF_e7yLezL0if5Uk_Sc7-HUXlNGnRxJf3Een2hu6WXeJdYFS19DdDe1Z4kPL4uRjf8fw4rFLohiHausaDTwvEun4TfLYd2s7xJVnzQNrS4BVe5cmkfaqiGUENvtQRD1xUbXxZvCnfKCgFezv6yzmD0tRSRJuJZS_SZnJD-t5Y2K1YjYo421U_JwMOP6O&cid=CAASJORoreH34VRoYmj9VvrQP5s35sCMfAaRfXEIaLxNd1D9AGhR7w&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
10dac980230c7f65a861e1ac334f9606635254eabf53feb4759d0131955bd6ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33997
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C2D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKpBHjP2Tw9LAINoHxaKVx1v4Y0NrhOqA0HgU4Rg3SGssc_zT5btGTpLUaluAtPips7TuVC_DaYJV5nOqNKAVH5txu7JMnDZ6FZYFhY45HB6EbNwo
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 8C2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:30:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 8C2D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:00:43 GMT
l
www.google.com/ads/measurement/ Frame 8C2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxuFzboNkGs9DUaSRlkSeSB3AmhM5_Ucx2QOdOlt0psSbNwy_unxMT4LlWCLWFZNZ6AIWHZ6f_5-VROUGBhM8zpKGTgA
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8C2D 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:14 GMT
dpixel
cms.quantserve.com/ Frame B723 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPZdQuN9m82yrV8aT_d_Huo&google_cver=1&google_push=AZmPxg9vDlYNArMsc8opZs0APH9W751G_mxO8IVfrhJPDwiUtCsoqXZAnEKe5xwnD7V-SmJZwGDNmdHCANcu2NKH-La-yyxGizkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMXlVZrHn4cPkXkw3a8DOgQ&google_cver=1&google_push=AZmPxg9kh9rRKvmQwgdCbwWeAvd94-o2DfnVkP7BUUVSLDUtcjmoek6IammdF9uVmiCUeqqGzgYfnv6AqxcmDiwcN9-JqYF4N_aE
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EC78DCF93BB49888AA721027B3C8EE7&google_push=AZmPxg9kh9rRKvmQwgdCbwWeAvd94-o2DfnVkP7BUUVSLDUtcjmoek6IammdF9uVmiCUeqqGzgYfnv6AqxcmDiw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EC78DCF93BB49888AA721027B3C8EE7&google_push=AZmPxg9kh9rRKvmQwgdCbwWeAvd94-o2DfnVkP7BUUVSLDUtcjmoek6IammdF9uVmiCUeqqGzgYfnv6AqxcmDiwcN9-JqYF4N_aE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 18 Sep 2022 11:53:14 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EC78DCF93BB49888AA721027B3C8EE7&google_push=AZmPxg9kh9rRKvmQwgdCbwWeAvd94-o2DfnVkP7BUUVSLDUtcjmoek6IammdF9uVmiCUeqqGzgYfnv6AqxcmDiwcN9-JqYF4N_aE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 17 Sep 2022 11:53:14 GMT
pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESELdgVFXt-k27Ar5d_dk55Mg&google_cver=1&google_push=AZmPxg9LW1UxzMoA2LAuzLEAWYd3e2hzg0tHyt9mKF_JQCka-0AIRut2svKLMvUJLRysXD8d6A9iNobXqs_C1OWNHPQLKEo-UcI
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjM1NzlDRDJGNzdFMjFGRQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjM1NzlDRDJGNzdFMjFGRQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MjM1NzlDRDJGNzdFMjFGRQ==
date
Sun, 18 Sep 2022 11:53:14 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg_PhqB7SXEkPhft_OP47gtaVM5MJ3rCcGdtgPhM4-LEAl_pBSAWYYHFPnxCa5H9xdHbqiVcg9QBHE...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg_PhqB7SXEkPhft_OP47gtaVM5MJ3rCcGdtgPhM4-LEAl_pBSAWYYHFPnxCa5H9xdHbqiVcg9QBHEyRxbZAC5y3wZj0nRJM&google_hm=c1e86ae9-3071-4ad4-a1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg_PhqB7SXEkPhft_OP47gtaVM5MJ3rCcGdtgPhM4-LEAl_pBSAWYYHFPnxCa5H9xdHbqiVcg9QBHEyRxbZAC5y3wZj0nRJM&google_hm=c1e86ae9-3071-4ad4-a118-a3da78b9052c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg_PhqB7SXEkPhft_OP47gtaVM5MJ3rCcGdtgPhM4-LEAl_pBSAWYYHFPnxCa5H9xdHbqiVcg9QBHEyRxbZAC5y3wZj0nRJM&google_hm=c1e86ae9-3071-4ad4-a118-a3da78b9052c
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELeH20p-2eWs8HKtHYvZvHg&google_cver=1&google_push=AZmPxg92ZxBsLuxh42AmZq7FFak7VuJwnLbiGwSWaeIiiM8l7eX35e3-be74flqNYzKspp9OumTAvwhqQMU0jQ1uuJXv8RgibH0I
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg92ZxBsLuxh42AmZq7FFak7VuJwnLbiGwSWaeIiiM8l7eX35e3-be74flqNYzKspp9OumTAvwhqQMU0jQ1uuJXv8RgibH0I&google_hm=ZzRkZDI0Y2ZiMWFkYmQy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg92ZxBsLuxh42AmZq7FFak7VuJwnLbiGwSWaeIiiM8l7eX35e3-be74flqNYzKspp9OumTAvwhqQMU0jQ1uuJXv8RgibH0I&google_hm=ZzRkZDI0Y2ZiMWFkYmQyY2MxOGI=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg92ZxBsLuxh42AmZq7FFak7VuJwnLbiGwSWaeIiiM8l7eX35e3-be74flqNYzKspp9OumTAvwhqQMU0jQ1uuJXv8RgibH0I&google_hm=ZzRkZDI0Y2ZiMWFkYmQyY2MxOGI=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMqthPcL_evvutNPqMl4vw8&google_cver=1&google_push=AZmPxg-ay8DxJPt_cLyFBuSECvZ7E1GXtuEbck9NEOn65bbC52P6mvOSMkb9H_FZAe0TtDtOOMeC9BlcweOon3Ys21Jpu5LSvBA
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&mn_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-ay8DxJPt_cLyFBuSECvZ7E1G...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&mn_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-ay8DxJPt_cLyFBuSECvZ7E1GXtuEbck9NEOn65bbC52P6mvOSMkb9H_FZAe0TtDtOOMeC9BlcweOon3Ys21Jpu5LSvBA&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&mn_hm=MzA2NTAzNTkyMTUzNDgyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-ay8DxJPt_cLyFBuSECvZ7E1GXtuEbck9NEOn65bbC52P6mvOSMkb9H_FZAe0TtDtOOMeC9BlcweOon3Ys21Jpu5LSvBA&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Sun, 18 Sep 2022 11:53:14 GMT
um
cs.emxdgt.com/ Frame B723 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEKYqaaNz5LZSEEIAMmvDIGQ&google_cver=1&google_push=AZmPxg81Ca_docRQQlryej_qFzCPaOr85QjT66oavoDVxKc2oPCf_WHOE5TFZqFufSyrvUxWzTNtc6rpuh9iss3f72SuPY44U5zl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.87.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-87-203.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame B723 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuYiDgOfGR2DWOgnTpPctK9TJMLXuzFoZEF_tJdR1XY0AOoGaiTu22Z4Iy2IN0EcBt5L7u5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663501990646&bpp=6&bdt=225&idt=302&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2306779475487&frm=8&ife=1&pv=2&ga_vid=11051538.1663501991&ga_sid=1663501991&ga_hid=1632933277&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531514%2C31069178%2C31069547&oid=2&pvsid=1227285620225158&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pscjodiznp3u&fsb=1&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame E621 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChUloqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBKwCT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjkOiNBPzOV_wd-N-3ykxfXgDxaR0P3IimAEldt-Emv69jl4ocZwh4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=UedARsx9nkg&uach_m=[UACH]&cid=CAQSOwCsnQUxcqF3BslbvU7XCRDPGwpn6mepJBErPtsIRs-pnvSCvSb79GCVAfwtO6oquTimTt7vnQ8h0LZqGAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame E621 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kKaDFM7xBnjYBGL4LRICAAAA-ONZtFtuTcMQqAYnY4ZJYcodBwzNm_daABIAAA&wp=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame B367 		135 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0739509500827c5a58ef7734cc1f88b808069259582e6ab66fae17cbb670c9c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=h0GAOIMzOUk1QsOaDbi-iWaj3aiDsanId6qshxSPcWFrT4G5OFrOpzeApeWE6UaARxoa5VGJ40htWlIKQEVC36cmKqC0yMlTO9mMNTrr4Z_jWczWXBd_rP_kQzXDisPkr1ZAxUQh0tDondzS2PVavJ4BRWPkw0pXgofNLqTMy5p5RnfLDdVzHwjDOevIydNGfwCnTlJHZbTVTgrTcWKqzxWljojrdBQEIrQpfvgXUkm8ibzs5AEfO52Qs_TtJT8G5SyInw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
50332063
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame E621 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:30:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 17C3 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
62053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame E621 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:00:43 GMT
l
www.google.com/ads/measurement/ Frame E621 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLHaDzTiL1mZGJcpHMDnT3qPlYlFe7xiF8B7EiJToai-fSqOupW79ibKgSWcx6UBjLidTPc5ByMjRLfo8mxpDcdLQX9w
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E621 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Sep 2023 14:17:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E621 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:14 GMT
cksync
cs.media.net/ Frame 1CC1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 18 Sep 2022 11:53:14 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
rum
dsum-sec.casalemedia.com/ Frame 340B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVpVSoAFY2n14PNkA4PDtNXy0IHoCcHuQw11_L70jQOy_QstZMJR3A26wKoZnNuFtrIHIM7wC95g4A5Q58uA6KvKbJ2qw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74c9e1488dd85a98-MEL
pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKyOlBP0sNtLYQwSO5mQ3sqzVoJKsGGuooFMhBy06P0EhJBt4wRZJfHz0RTu4P3iWzqyPeSkDTe245rSp%2BRstC205ZtPR4vo86IjMMnDgiYFdnD1UWh4Tvdb%2FZQshT2Z2ORum0GMDRssQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 340B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YycGqLxojSekcSNyIbgYZQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVpVSoAFY2n14PNkA4PDtNXy0IHoCcHuQw11_L70jQOy_QstZMJR3A26wKoZnNuFtrIHIM7wC95g4A5Q58uA6KvKbJ2qw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74c9e14c0ddc5a98-MEL
pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Bv85fRc2UobZ%2FnE%2FwE5cBUp8W5sbWGzWoEk%2FD4KiBbCnxg66gAcQAVoqICE%2B5ofReqQ3ALqBn829ha5SKLh5c8MGFu%2FiqZfhxaAQgjT0GXEgHlrA%2FWCgO6%2BetZq6ucdxTRHgmZTNbtU9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIj23g6dn7mNJba1AnThsFM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 340B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFCViTPbgoARqQbUcDD_6lk&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFCViTPbgoARqQbUcDD_6lk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVpVSoAFY2n14PNkA4PDtNXy0IHoCcHuQw11_L70jQOy_QstZMJR3A26wKoZnNuFtrIHIM7wC95g4A5Q58uA6KvKbJ2qw
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:14 GMT
X-Proxy-Origin
103.209.254.52; 103.209.254.52; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b634c53-7cd9-464a-9afa-5042fb592edd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFCViTPbgoARqQbUcDD_6lk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 340B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxODY0ODg3NjE4OTE0OTkzOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxODY0ODg3NjE4OTE0OTkzOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVpVSoAFY2n14PNkA4PDtNXy0IHoCcHuQw11_L70jQOy_QstZMJR3A26wKoZnNuFtrIHIM7wC95g4A5Q58uA6KvKbJ2qw
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:14 GMT
X-Proxy-Origin
103.209.254.52; 103.209.254.52; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b44a564c-7661-4963-a8e3-e22e1b9444d9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxODY0ODg3NjE4OTE0OTkzOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 608E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnQPFsNtFqhT26TCEGBV_g&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnQPFsNtFqhT26TCEGBV_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNUV1TNXqS6C1-4__fL8HlOHgJNPztat65mF2Ho-zpDDX-R3dca2C3M2JZbuKnyWJk66dsJtBo5UmCR8400_XmfOOZ5CIQ
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnQPFsNtFqhT26TCEGBV_g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 608E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZjNmNlMmMtNzg2Yy0yZjhjLWU4MzQtZmQwYmQ3NGFhYjA1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZjNmNlMmMtNzg2Yy0yZjhjLWU4MzQtZmQwYmQ3NGFhYjA1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNUV1TNXqS6C1-4__fL8HlOHgJNPztat65mF2Ho-zpDDX-R3dca2C3M2JZbuKnyWJk66dsJtBo5UmCR8400_XmfOOZ5CIQ
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZjNmNlMmMtNzg2Yy0yZjhjLWU4MzQtZmQwYmQ3NGFhYjA1
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 608E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOHLfa54oOynkH-ezNxViqs&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOHLfa54oOynkH-ezNxViqs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNUV1TNXqS6C1-4__fL8HlOHgJNPztat65mF2Ho-zpDDX-R3dca2C3M2JZbuKnyWJk66dsJtBo5UmCR8400_XmfOOZ5CIQ
Protocol
H2
Server
23.73.13.34 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 18 Sep 2022 11:53:15 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEOHLfa54oOynkH-ezNxViqs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 608E
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjFhMWM1OTQtZGM1NS00OThhLWEwZGEtZmJlNTgwNmVkODkz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjFhMWM1OTQtZGM1NS00OThhLWEwZGEtZmJlNTgwNmVkODkz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNUV1TNXqS6C1-4__fL8HlOHgJNPztat65mF2Ho-zpDDX-R3dca2C3M2JZbuKnyWJk66dsJtBo5UmCR8400_XmfOOZ5CIQ
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjFhMWM1OTQtZGM1NS00OThhLWEwZGEtZmJlNTgwNmVkODkz
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 18 Sep 2022 11:53:15 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 17C3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1&google_push=AZmPxg85gtDutuVDs3ffm-IsNtyvlV-kLhb-ODq5oL5q6ndtLqYl3fn2JH1wVpl-5X66yO5o7lSuXI0b5U_cunyqHAQTFonzehVWk...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzcxNTY2MzMwNTIwNjMzODIyOQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 17C3
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPZdQuN9m82yrV8aT_d_Huo&google_cver=1&google_push=AZmPxg9UAfcMpBumF5S8-bkgXoqDbAM-q_XH_T-Sg79jIGOqjUEMHHD9zn...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg9UAfcMpBumF5S8-bkgXoqDbAM-q_XH_T-Sg79jIGOqjUEMHHD9zne0w4N0fQiAiUDlSkL1zATW2ruzVU8LwvhvLxcaw7WLOvPNGA9GZLO0EG_ad...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg9UAfcMpBumF5S8-bkgXoqDbAM-q_XH_T-Sg79jIGOqjUEMHHD9zne0w4N0fQiAiUDlSkL1zATW2ruzVU8LwvhvLxcaw7WLOvPNGA9GZLO0EG_adj5j_N3eQBuUo_Z9MOYmptO1RqyECiK0PMWSLA&google_hm=xPg59OkY-VHcCFpZGazY4w
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg9UAfcMpBumF5S8-bkgXoqDbAM-q_XH_T-Sg79jIGOqjUEMHHD9zne0w4N0fQiAiUDlSkL1zATW2ruzVU8LwvhvLxcaw7WLOvPNGA9GZLO0EG_adj5j_N3eQBuUo_Z9MOYmptO1RqyECiK0PMWSLA&google_hm=xPg59OkY-VHcCFpZGazY4w
pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 17C3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEXRWMT1mYiIW53bIQgdf4w&google_cver=1&google_push=AZmPxg_IR5Ym6RhK9J7LmjgTWd27yccVIloofKbQiGJPAJ2ITW3ajBGWphqs4pYiwHekwJm1HXcu0mCpvSy04uxBMx...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEEXRWMT1mYiIW53bIQgdf4w&google_cver=1&google_push=AZmPxg_IR5Ym6RhK9J7LmjgTWd27yccVIloofKbQiGJPAJ2ITW3ajBGWphqs4pYiwHekwJm1HXcu0mCpvSy04uxBMx...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 17C3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_cver=1&google_push=AZmPxg9HD7pL56Rb30bs4ixsK9nPF4bXiCGSMjIXiKjDZ8L8Uu4dy1mGIOD9dfL2zeJ_XmOPlK0CnmRToR9aN...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_push=AZmPxg9HD7pL56Rb30bs4ixsK9nPF4bXiCGSMjIXiKjDZ8L8Uu4dy1mGIOD9dfL2zeJ_XmOPlK0CnmRToR9aN...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9HD7pL56Rb30bs4ixsK9nPF4bXiCGSMjIXiKjDZ8L8Uu4dy1mGIOD9dfL2zeJ_XmOPlK0CnmRToR9aNqJtwLL-GWd9qi-1y7xs_etW8HG6OzElshhLWnbfMwkp4Wx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9HD7pL56Rb30bs4ixsK9nPF4bXiCGSMjIXiKjDZ8L8Uu4dy1mGIOD9dfL2zeJ_XmOPlK0CnmRToR9aNqJtwLL-GWd9qi-1y7xs_etW8HG6OzElshhLWnbfMwkp4WxY2fIGE7Ii9rxBDDKiMGazrGA&google_hm=WmZKZ3NMSGJCNEpEYkdkbGhGVVI=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:15 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9HD7pL56Rb30bs4ixsK9nPF4bXiCGSMjIXiKjDZ8L8Uu4dy1mGIOD9dfL2zeJ_XmOPlK0CnmRToR9aNqJtwLL-GWd9qi-1y7xs_etW8HG6OzElshhLWnbfMwkp4WxY2fIGE7Ii9rxBDDKiMGazrGA&google_hm=WmZKZ3NMSGJCNEpEYkdkbGhGVVI=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 17C3
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?ext-param=AZmPxg-TxfTdFDAFHypFoGj3TDlJDEuZknUUhX0xJyYEGMwBl1oJle1keF3rHMqjE6DtSSQC1nkZU0UMFY4izurs5Geh_stsVi557AZS_1OhNTLEgry_zI2eHFdX...
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?redir-setuniq=1&ext-param=AZmPxg-TxfTdFDAFHypFoGj3TDlJDEuZknUUhX0xJyYEGMwBl1oJle1keF3rHMqjE6DtSSQC1nkZU0UMFY4izurs5Geh_stsVi557AZS_1Oh...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAb9deHlMXo4pTttEFrAJSA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Server
213.180.193.90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:16 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Sun, 03 Sep 2023 11:53:16 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 17C3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMDt2vAM9DvXLy-Q73fSsznfyrbIs2BFz0yDXgM_UpEdUKf4yygck05fdH
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame E621 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9eb6136fec19b0e959572aebca1d7e26da6d46152770b2dcaac37dc7cac50c4c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3102 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Origin
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 06:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 06:55:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 3102 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDYF0-YIpr1kAEfLzQzjksq-JRjwCoZEKFdVYgEznq2cZyDJNum9UmRegQfMidxhJY_kYUxhpNxTODJCNVV2-NsV4MIkg4fFLKhsNAp6jlFDYHTy-YwVVfm2AS12rVbZOQA6NgLSdqmA8jOGzNmnUz3GnWvw&dbm_d=AKAmf-ACNEr_sKbdmxKZwcEaCIoJxpBhjVbYEvCw15tSLP3s3nNsJh05jVeDPgTPEsUz2yWoH628xrWEnsHumfXp3zy2bRaHCRgGp8RGMRYD9JTYRezudkYPuOtBDsmFfcVpZhhq_t4kzyO99LARQGcTc6otpVTqHGJHv3iiS7w4hRy6MA7ysbQvkBke7KsTCLdC_EZYofpNB2KPk9bnZP1ogwiYYwEL0gUc9qLzQp4FLkkUfjmVOn6att0izM_Uizt7wRCK_kNDhc4GvNmNn8AqFAVi097QocmLknSWjYWfJIcLnBbyMTvdY0512CkxFvaAJdkjscfFHKJTuOWG6OtcxNEB6QrvBGCZNa4BEwTL9NMsFOlOJ2xCGnTAq45CgzRaod0HRhCY_liv3L4tn_3tBig0vAb3OFTiAuap0qKoOOZrk6LTN6s2UlzxPSsCMy2GThmRCGxbod8KqaVf17Us8z6X7PFY7Vi3S05AEIbZzgvNUmyHpghnjsOUI0yx3sIeqhqoFXjpygpoeA_ZK77mB-VFlCh3mJeRx8scqGRwYkXzF75pNnruKSHuXmvqRcEWl3B8L1M5hXA81wXdZ483M1U_tlMcQNFNdOW0oeCTswHL0MYkAyxMAAQKikpimqyomHkB-nX_CSx6DsGCSQPRNVXrppbKSYXlw9cvGfOOcurg7HuuKeZKUmGX3TL3ru3PwM7BDqlx-wtStYPLlrGDjMfY9O55aMAWaKBAhEhHdvjJV6oC_HLyTF-X9EAlz3xUKH5knByDtPMVUXCTMbvhEs4e9_iFOx3tzCo1Q45ynt2VywDAsn6y1-DWKIfoo7Q16F33HnyISftNs0VUBojPk_d3iHNjBUiWWrpjwyS9kB_wsqUIAsTK6RYsucLBL47XtCaRzdM971vONnNaicz9FwZc6EdrdXBlfxsN7CdXPrHiuh3zbozodoj5htH8w3Gu_WpPsjXoO8eFM-RwAgf3o5L2H8ShcgWoze-msFTVHLxl2cXPg2gM0y60icGJyimYwOKy6t5teWJ9G2xSdS2w_Yk3WPBMPuH09LwzxUYbwrkFmw0COzDaIN7mN0YCdW2B7YTzZkt6iS6sUMhzxq4W1AQdz5-KfhI73oywMHS-X7yyzvXlFvCjuikrAspnY-Mk3CQA-slLZnOYm5Vo6C7hlHFd880fmLkodJETn5htRbRFuOdc5Y4myf-4cZufXZBV9aRN5rtt1jJHPbLmF5FhkSkXZw0uvtVsmHAXgEXmJR8Zipd_rvtE797twXHryt-F-5hhWsj01dZH5nNqrUs1qyzENHA2bddqJb_peWLY0UXQMcSmIrV8E6lQcc-fOGPE6zmamPvG1TzLW6vs66kUfpHKbVas7D7itYIGo8tvPxnsMlUSRTWFOZAatyHHhvI0izO0KgJzAtUEMxbp0bgTZJpYBM71nBun6VwD7035yzu7RWo_9F62kmPtNZe6RwtOhxm1Lg-jtTWUHhUIgpHAYQxmer6zN3u0P0ka3IK83OgyfTXPLwCfIvYIn-RJQOTg0w2HfNdaWc7PJBKC43xwfP9GW7ntr582_ZGpmZsKzCmeKDe-R_IMWU-Fb4X9WW3v3ZWokUSLzhq5BoP-J1g_PRtWJq90H11to2nlnVccfjkmMsBGOIDzydg7y9lRSc3hrE-BS6Xey67AA0Fu9FXa-vxzRaYbXGsd5fnYEQo1zjI0uELxZSz_i4cPEc-ewjAozqCGfOTNWzZBYya7hnwUxnop0mq3WnfsyAsyUZZ_WGS8ZxlPTAEfzCXn-pIZyWswdF36src1gM5-WyJ0FXSnoxJuGuRTLRLvWn_9WfEGT1BXjsXNM8g186Xq9BI_mBhHuf9vGsDevkILwKQDRuOy-AWJDoPYIuhagf4iPzf_0iX9KDCdDy870CsY67ug2HHivMUPxC3Tqc-BFv389-R8ZSSpAxalt-Eqmqoce1ZD7fuB1TYQDR9YlkEEWzAgh7WCIutem91jA4Rjd5zBLAEcufz-boMUrj2spfNypVzmODxrVj2a2TfGs66MwZibo5fEzT8bSQpK181sANkAmHFfFSrfZiFFstmzyozxdyi_sruwOkPZEM1O2WAUMcK-FtUCbhNnkP-2bIB-OOMtd_qxEyCCmL3wB4LEQuc6JQhp8gISO7v0AnHKdnkscss93IKXKQePn1F9qzyUNnVG5J6ZUMxdJem6CumKtIYYj3xAn6P38wgpGdjdaF9ehNDyTPmVJS1NlYLIe46FFsg5ePl165pNymtht3IChNnXMSvuqT5Q8QEIxE-Yt7bCpJvOXMGLr_EVz4ExJgXqvm15xzw_ExY5_0g0WYc6OqYLun0Hw-Z7k_bZMNrhAuCSJkiwEyCFi3LvRkZ3PQYu9Jz1tk0Z04Ma7JvFncuZCzPXGGCRXdnpdUPuzgVb3bEDZ0xXURHCeWdr_nm2Zb_NrwFEM3LYBBq38i3CAI92uGo0AkYRKHPHVKid-speik6z52y7pSqFJhv-GrJJV_25VJyi_YL4LuKwhzFGT9_nEj8tbNAqUWLPkDonc0kYkJBpDbL2oetmaTjwjliUqXuAHAWQ9nxHT1KUxj9ub_rpJKN1VJL4XeBsYJaolBWMJqgGNPEWT2xXnBQxTVqef2CmuWAujR8ADCSjrSwuUgMmu8p10Otj-CfEYhL2h6KWLBSrtWzYAFyKHIkkx2Z64wczXlXS5hFjSg-he0VxjTMtaeO4k0_omUKWTVGF2d8Pq-fV2HHNrV596hgTNzErK1g1LAPSxjbQTWGAMurQVOhkCRgfhkUxH-zf3c2FAObxTafAyWdRWYjDdLPO6VwnKINr5dCqqslbqp4dYl0GUAjVsO6XcSYUFFQP90If4LDMCIR84xQO7goixCHTPMD0btUnjvCJilz-SJho-AZJHuhKezqRMK5fQFpwKXMB7SM-KRiuDyZgUEWm_jUM86laneMKSSUy3Z8bLtUVv1KfQ7SSbw76dWz4xWRgxG5QFlq_084JETL9e6Ei4ToKhXwv7948gzD1pXkWWRPzMaudUvLIM-7zNnZSPf96ucDxr-Pd-XwFeutYXC9wco5iK6edCSrNY1SyL-KUM1Pr8wzmNdmRKusWWMi4yMP3urDTB1SwLTax7xdArQawW572sXI0RCaKT1uXrilo8HjMVd9_wjucSanQmBh3JOMeKYNKwuo_E1XKRq7zXu0g4NldpS0I&cid=CAASJORokreIJjO3kexoZxvoLxh_Jttd8XhiYnrm9LCQrotMsEP_xQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:21:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 3102 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDYF0-YIpr1kAEfLzQzjksq-JRjwCoZEKFdVYgEznq2cZyDJNum9UmRegQfMidxhJY_kYUxhpNxTODJCNVV2-NsV4MIkg4fFLKhsNAp6jlFDYHTy-YwVVfm2AS12rVbZOQA6NgLSdqmA8jOGzNmnUz3GnWvw&dbm_d=AKAmf-ACNEr_sKbdmxKZwcEaCIoJxpBhjVbYEvCw15tSLP3s3nNsJh05jVeDPgTPEsUz2yWoH628xrWEnsHumfXp3zy2bRaHCRgGp8RGMRYD9JTYRezudkYPuOtBDsmFfcVpZhhq_t4kzyO99LARQGcTc6otpVTqHGJHv3iiS7w4hRy6MA7ysbQvkBke7KsTCLdC_EZYofpNB2KPk9bnZP1ogwiYYwEL0gUc9qLzQp4FLkkUfjmVOn6att0izM_Uizt7wRCK_kNDhc4GvNmNn8AqFAVi097QocmLknSWjYWfJIcLnBbyMTvdY0512CkxFvaAJdkjscfFHKJTuOWG6OtcxNEB6QrvBGCZNa4BEwTL9NMsFOlOJ2xCGnTAq45CgzRaod0HRhCY_liv3L4tn_3tBig0vAb3OFTiAuap0qKoOOZrk6LTN6s2UlzxPSsCMy2GThmRCGxbod8KqaVf17Us8z6X7PFY7Vi3S05AEIbZzgvNUmyHpghnjsOUI0yx3sIeqhqoFXjpygpoeA_ZK77mB-VFlCh3mJeRx8scqGRwYkXzF75pNnruKSHuXmvqRcEWl3B8L1M5hXA81wXdZ483M1U_tlMcQNFNdOW0oeCTswHL0MYkAyxMAAQKikpimqyomHkB-nX_CSx6DsGCSQPRNVXrppbKSYXlw9cvGfOOcurg7HuuKeZKUmGX3TL3ru3PwM7BDqlx-wtStYPLlrGDjMfY9O55aMAWaKBAhEhHdvjJV6oC_HLyTF-X9EAlz3xUKH5knByDtPMVUXCTMbvhEs4e9_iFOx3tzCo1Q45ynt2VywDAsn6y1-DWKIfoo7Q16F33HnyISftNs0VUBojPk_d3iHNjBUiWWrpjwyS9kB_wsqUIAsTK6RYsucLBL47XtCaRzdM971vONnNaicz9FwZc6EdrdXBlfxsN7CdXPrHiuh3zbozodoj5htH8w3Gu_WpPsjXoO8eFM-RwAgf3o5L2H8ShcgWoze-msFTVHLxl2cXPg2gM0y60icGJyimYwOKy6t5teWJ9G2xSdS2w_Yk3WPBMPuH09LwzxUYbwrkFmw0COzDaIN7mN0YCdW2B7YTzZkt6iS6sUMhzxq4W1AQdz5-KfhI73oywMHS-X7yyzvXlFvCjuikrAspnY-Mk3CQA-slLZnOYm5Vo6C7hlHFd880fmLkodJETn5htRbRFuOdc5Y4myf-4cZufXZBV9aRN5rtt1jJHPbLmF5FhkSkXZw0uvtVsmHAXgEXmJR8Zipd_rvtE797twXHryt-F-5hhWsj01dZH5nNqrUs1qyzENHA2bddqJb_peWLY0UXQMcSmIrV8E6lQcc-fOGPE6zmamPvG1TzLW6vs66kUfpHKbVas7D7itYIGo8tvPxnsMlUSRTWFOZAatyHHhvI0izO0KgJzAtUEMxbp0bgTZJpYBM71nBun6VwD7035yzu7RWo_9F62kmPtNZe6RwtOhxm1Lg-jtTWUHhUIgpHAYQxmer6zN3u0P0ka3IK83OgyfTXPLwCfIvYIn-RJQOTg0w2HfNdaWc7PJBKC43xwfP9GW7ntr582_ZGpmZsKzCmeKDe-R_IMWU-Fb4X9WW3v3ZWokUSLzhq5BoP-J1g_PRtWJq90H11to2nlnVccfjkmMsBGOIDzydg7y9lRSc3hrE-BS6Xey67AA0Fu9FXa-vxzRaYbXGsd5fnYEQo1zjI0uELxZSz_i4cPEc-ewjAozqCGfOTNWzZBYya7hnwUxnop0mq3WnfsyAsyUZZ_WGS8ZxlPTAEfzCXn-pIZyWswdF36src1gM5-WyJ0FXSnoxJuGuRTLRLvWn_9WfEGT1BXjsXNM8g186Xq9BI_mBhHuf9vGsDevkILwKQDRuOy-AWJDoPYIuhagf4iPzf_0iX9KDCdDy870CsY67ug2HHivMUPxC3Tqc-BFv389-R8ZSSpAxalt-Eqmqoce1ZD7fuB1TYQDR9YlkEEWzAgh7WCIutem91jA4Rjd5zBLAEcufz-boMUrj2spfNypVzmODxrVj2a2TfGs66MwZibo5fEzT8bSQpK181sANkAmHFfFSrfZiFFstmzyozxdyi_sruwOkPZEM1O2WAUMcK-FtUCbhNnkP-2bIB-OOMtd_qxEyCCmL3wB4LEQuc6JQhp8gISO7v0AnHKdnkscss93IKXKQePn1F9qzyUNnVG5J6ZUMxdJem6CumKtIYYj3xAn6P38wgpGdjdaF9ehNDyTPmVJS1NlYLIe46FFsg5ePl165pNymtht3IChNnXMSvuqT5Q8QEIxE-Yt7bCpJvOXMGLr_EVz4ExJgXqvm15xzw_ExY5_0g0WYc6OqYLun0Hw-Z7k_bZMNrhAuCSJkiwEyCFi3LvRkZ3PQYu9Jz1tk0Z04Ma7JvFncuZCzPXGGCRXdnpdUPuzgVb3bEDZ0xXURHCeWdr_nm2Zb_NrwFEM3LYBBq38i3CAI92uGo0AkYRKHPHVKid-speik6z52y7pSqFJhv-GrJJV_25VJyi_YL4LuKwhzFGT9_nEj8tbNAqUWLPkDonc0kYkJBpDbL2oetmaTjwjliUqXuAHAWQ9nxHT1KUxj9ub_rpJKN1VJL4XeBsYJaolBWMJqgGNPEWT2xXnBQxTVqef2CmuWAujR8ADCSjrSwuUgMmu8p10Otj-CfEYhL2h6KWLBSrtWzYAFyKHIkkx2Z64wczXlXS5hFjSg-he0VxjTMtaeO4k0_omUKWTVGF2d8Pq-fV2HHNrV596hgTNzErK1g1LAPSxjbQTWGAMurQVOhkCRgfhkUxH-zf3c2FAObxTafAyWdRWYjDdLPO6VwnKINr5dCqqslbqp4dYl0GUAjVsO6XcSYUFFQP90If4LDMCIR84xQO7goixCHTPMD0btUnjvCJilz-SJho-AZJHuhKezqRMK5fQFpwKXMB7SM-KRiuDyZgUEWm_jUM86laneMKSSUy3Z8bLtUVv1KfQ7SSbw76dWz4xWRgxG5QFlq_084JETL9e6Ei4ToKhXwv7948gzD1pXkWWRPzMaudUvLIM-7zNnZSPf96ucDxr-Pd-XwFeutYXC9wco5iK6edCSrNY1SyL-KUM1Pr8wzmNdmRKusWWMi4yMP3urDTB1SwLTax7xdArQawW572sXI0RCaKT1uXrilo8HjMVd9_wjucSanQmBh3JOMeKYNKwuo_E1XKRq7zXu0g4NldpS0I&cid=CAASJORokreIJjO3kexoZxvoLxh_Jttd8XhiYnrm9LCQrotMsEP_xQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:45:35 GMT
truncated
/ Frame 89BC 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 89BC 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 89BC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 89BC 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5344&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QWiw-25bGv3mlDaj8x2tc3E2PM2r9Azr83A44IxJxsHjpIw6_639Bp8X_dxJRweVQDWu2ar24sp-1yLgptDC3dKA2CYMy5oV9&cme=SOZJrblk8Y5UFp7uyWttDwcO7kSsSdwyggxxeIsc9VNpdhwlFMjFOaMvilOJciRB6SKP8BWxVECng_RPkbJBohJv-0hOzbVciuGWa2xL5uDxKAHVhSIeAL2EcLUNunMzsdsi_9ZQn4u-HPjxY56bSboqGXv8-vYG1Pyrp0eDsy6Z0W_x5mod9D7ecGXfkocUqY1lgRfRKIuKz4DY4X780Q%3D%3D%7C%7CsA9IVbGB0Ef28nXIi0K632cU7f4C2GbuLjZA_8j9bn2Yrd1Ayb08NLBB0tKMwN0NnO2j1_I0krTDNg4nQeo-BxpMxcnqdZouklFSIV7yvibCQy35y8Ywr_118eSQ8TuGaZcl0-Fb0FMGm8qwRLibEIRmxumPo8zM-ilE2jY6iOJN3cBU7zZNAmviM5aoDm7HjZCcB3iChlBo9NVG9WXoGscJ6Dh-sPS8h5O33G0FOTw9RSfZXW2rJg%3D%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7C&v=1&geo=-37.83%7C144.92&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721376&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=30111142&kbc2[]=0%7C1%3D0.20%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.21%7C12%3D0.08%7C66%3D0.96%7C62%3D1.47%7C60%3D0.26%7C10%3D4.06%7Cps%3D1.019%7C3%3D0.15%7C4%3D3.78&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=0%7C1%3D0.16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.21%7C12%3D0.22%7C66%3D0.87%7C62%3D0.83%7C60%3D0.15%7C10%3D4.06%7Cps%3D1.019%7C3%3D0.38%7C4%3D4.74&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Trendy+Clothes+for+Older+Women&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=329861602&kbc2[]=1%3D0.76%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.21%7C12%3D0.61%7C66%3D1.14%7C62%3D1.13%7C60%3D0.80%7C10%3D4.06%7Cps%3D0.539%7C3%3D0.35%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Trendy+Clothes+for+Older+Women&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=340189069&kbc2[]=1%3D0.33%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.21%7C12%3D0.25%7C66%3D1.13%7C62%3D0.44%7C60%3D0.33%7C10%3D4.06%7Cps%3D0.539%7C3%3D0.88%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Website+Maker+App&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=350575367&kbc2[]=1%3D0.77%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.21%7C12%3D0.45%7C66%3D0.87%7C62%3D1.70%7C60%3D0.79%7C10%3D4.06%7Cps%3D0.539%7C3%3D0.59%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Best+Stocks+to+Invest+in+2022&cid=8CUABW64L&vwid=1663501992776454869&vi=1663501992776454869&tdAdd[]=ib%3D0&vsid=3065035931534859&tdAdd[]=asnum%3D140952&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=797&vgd_l3_sc=VIC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721376&vgd_nrrv=13273&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=port+melbourne&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1663501992155467831&sttm=1663501993617&upk=1663501994.16851&hvsid=00001663501993617017418153481547&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2Ca%2C13%2C47%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Cj3%2Ci2%2C150%2C133%2C3%2C149%2C4k%2C13a%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D140952&&vgd_vstrid=3065035931534859&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvHAW~ONfvu~QNOve8N~eM1QzvuH9iXf~ejfLMQOvf9ff9iuW9X~8xLjMGviFfHF.Ai~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.u~8Evu_b76F~kGGv9~e8QMxLjMjvH9~L88Ex1vuuX%2Cuuh~J7vW~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9iuW9F~e8QMGviF.uH~xLjMGv9.9u~xLjM7e8vhuF~QYYMBLvAH.fWAu~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9iuW9H~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBA28DihsHl0elVP~G7OvfHfiu9HiiXu9WiXFiuHX99iAHhAA9AfWFHuWFiAFhHXFWAhfhFWHWAufuhuhhhuAfiiX9WAihuuFfWAAA9XF~OfEMjvh9~AENkvf.HA~x8Yv9~myMYQwv9.9u~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.WH~myOfEMGv9.WH~exLjMGv9.9h~QQvIK~x8Bvou~NJv9~LEQMGvf9.Af~exLjMjvX9~%3DVvfhAi~z7QvA~7Gvou~N7vEmL7nYJjGmxLzJ~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvuH.uh~8Q8kv9~jNvf~G8Ov9.9f~ONvW~ejfLMGv9.iu~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4%3DGy96Mmw7s9s2QAe3V5EwW~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.H9WuWW4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220331&vgd_scsver=315&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=VIC&vgd_l1rhst=contextual.media.net&hvsid=00001663501993617017418153481547&subBdr=186&bdrid=4&rc=0&rand=1663501994325&acid=746fe0522e424e53a2bd4ba0d2291e31&matm=1663501994325&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2381&vgd_rtime=2376&vgd_etm=12&vgd_l1hcsd=A12%7C6209&vgd_l1ch=1&vgd_lhl=3130&vgd_pgid=p11425267454t202209181153&vgd_adprefflag=11&vgd_csip=rtb-common-istio-76c566558b-5jl9t.SG&vgd_sbSup=1&vgd_nrrs=13273&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sun, 18 Sep 2022 11:53:14 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=38789
content-length
15
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8C2D 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Origin
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 06:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 06:55:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 8C2D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-p1aHZ3TdiLnIKaEhlZTDx3TZBUr3Xtk1zmO5JNXBf0Yh0nhrmwoRnTWY5DTTFdsOj88ii5nlvicGj_Ou8opcpZUOMghB1VBGhIihgcAUvAz3d3p73zH_7v12_Y69S3QpRQI2AHtSi_oSHjtriGEeoZiY_g&dbm_d=AKAmf-DVO3lcXtmNzjYteEI1GiuK4fnFtDjZEH98BtzB7V8_E7w8Z98hAAeoFvqcb0865uBcRhZQsbpbWaq39k5yjIR_7JdylRClq-uXK2rPCq_tucrwqF9hPabNpUdX32TG3gBRGzHl6vhRoGcMZx2_7FxiZUB6Hz6Z3CSfIcYJlo_ETZAcmOuq5fW-bZqdz_1eXqO4pFQ0MP4RO22RsIB3KV2WbCRxsOJ_DpZuSB0RZp0FTmFVzurI51RHJAWVTUCSOAASH05U1OZdxOkOxLTx1IOdNcTnX69r_WB0CDIY7gPJWpATfroUfnkhGaWaC4vV2EfybwPO2itg4c-I2Sur_Uoj6mJBGk1dbjOWU8wTbH0nxXGLVbMdJumVpYtt-BGcFP9Jmy2SBX9oSAgg80zX73XZ_ikVGVmHJiY3CaW5Siace-vq4hs7dYtaXNOiZRYtqy2aF1tu4wvbUBY3B4hXtHde0PGLkAW6P9kL7Nf0ym6zf2n903OCWg7X_9H6v2sIxfoB1NlVNq6W3wDBZTBtKPf7PGSHhRQNjGTNED51cRxRP0II0iNA03HGmgcgPNseKbCbHUHy5EEwLMzyoUd_VS5obCckwbMlGP4IBrDrLWL07QbayW61GDqFkczly8PmZ9v0tc-fpj9N3SftqNsigQV6pxlrVs7kNbKyBgJ2jUlbOOC55aRRaYSqsaJDHriMHWTqwKPj8VfZa4i2zo6PoRDiHtG4h-MSLOZISCt7RgpMAFB82ngTqRV3yWEDVLbbQ7FZG9NSRxqHsB2H6beO4QY5xAyI4dWIo8cVH3ukfCivTBgjOw0rCxueLr3WJcdgIVy9gh1CHVqJ-abYC-aXBK1PWCdTY_-DeEjsc3EQ15Ob4IgWHp96ZjbracKEn4rAoTeFXhe33V5BbnsrmKMV3JU329abqKAgyvfDQO_P05KdL4Ib4XCSKr6lS_ruM-Th8iJa_UYDmOGawbeennJOwWxixbH-85skS89HBy01Q66kIE4sVcW4Tx5QFihvYuBkZTMVhU-RGaPmlwsIU0pvhUqMWh7lVx6j-5qOY8rgy7KHmf4Nk3hUQT33kHaPTe6ITWk13hMTzcOWavL-A9qvLum6INCa7cDQrm0r0VpmL_w7xICmsJ6cIXgAsQ0SEE49PFVBhhUkjJhKOT7wdOzoWubgw_7bEYH0Rr6M6K6JB1gIjP-GT2bGKxb7c33uZ3S904ko-XXn_DLNugspnootMFE--C5bSC1VhUBeGiT05jmDTMyzJyQ_THtvqsIeA2QGnfWu5L9jwkdBFjf75yTjhKgA8qYfuPrLazEBh4qOeTo1qI22OSwen5YscFJxBcIBDt-obV94yzlg8Il69j2YWOWyg29vhhSxBvYXQfKzfF8JZbh1wkNIGaVCsgYL_w4AhQBaHDVQEdhooBD-bGaqKW_fh1903pVIRwZ6TShaWcAu67olOz48Ar2ieGGl6zF_P6gu1ziWJKPyLMfyp2GQTOjNbX-wJtc7gwt0tvCJm9xqS6VUUv6g-uvnG3l_AyV1hm6iB-ROJilusH4WfMhkQrXcXeZzG_cqER3ushP6W8SeFYJnfpYqFLXh-o4p9olKMi-WhAv9JrbhBo5KPgBR73oQJOU1xf6oG6VcgZMsbU-GL7-m4Jl1w-kw3k83C52PRqqOQG3C-Gv0oB-xU_C5_aS3igrHn1eLwN13MxT-hg0Gl4oaD_5sWFxgyHiRiRHrchikXscfthU-KUHgNcdtNpXY-FqOSJY20OY3B3kyIvLp1cLrch_nW_b76V0GyH4L7OxdK9yfjxDf75G5-5duJ3iHlu31KpRBBhEXZ_JAegMkVnqAwHmJKEhdT3aAkU0QqvAx4IIYLROCctMfzD89WjX1Kag7eNV18P0FHeStP2MW7k_mqei6R1ClQXNTA692SvIGDtdjmsXqrW3xVKVn2AsvjPuf18tBw5XTr_9YdBUqcyaeC8ECD9ngI6NpuZ2pVkUJYzDkf3D1GDk6cBrhobxdPB98DxzJldgVJhZpLSz7g3Zp0aXCGzyUN7GAaLV5NJiqGtYrUO1lAH80MtRuO99t0vOXIrC9ipydyAmrB2DYl01mSuufAhp6G8ab2_yexKcNppkS0Z1xw_wIlPl5ERQbSYh8qH7hflbfvy3QZahuLxyBFo01Ge7xh_VdltqMULHMEUHPZf818jTWjDrMnSMIpZIJ5LFdCxYeP97yQwpjr-VknHxtUlI8qThW3uG7zb7NXmHiu-w2Pq36qUg83g2kEIZbz-SVoEBTipmu7jd5KQohCJ3kkS_C0swfgp-x9FSmdMsuVcoi6jFeFYzoFNWxtl67cdaAPk7dOP9uOxVOJz4HH37B27lPYAg3Dt7LOdJs0T5YOOtXxaqhHDe-Zwusgii4Qu287xEVuTx_D1pEObgpRS7zxyWzSCaGpkWtk6Po3O24H_8MrM3ibfgC_z3X_SwvLF1reoHb8yrlnMFdgiXHmLV6lh-Vkzg-segAINYeknKLEv37dNL8m5pQUaHkLOzdQShRixF5MuyIhHMFmvfXaFDki0Wbn72M6ThswxmCW56qhf19sA6HBJKTcl9ZwLbiC9ofHD3sCOGiD3GmFf8sPH-gonC58BRZUXXFFKZZQtrX0-_EKA_EGCR_b8jf4IQem82umHJkVEUMSnBdyIGU3JijzejFeXrWGD_YgX2eUq_afcL6RgkOFzXiHTyI_T_qGPYseevBZYL4NnQyXyVfnQ63wUBP0-VKX-jNfaF5XL8n9uiZUIJde_nPUvRTg5Mu2aDRmKSRUGUYhABswvgMBR2kvgs4vY-_gqnlOp09ILbG5TdfyFBiEwbAJ1UNDoRr8tP2MPw4M9amiJcY76FPJuF4pR15LqjbB_EBg_6BCQRlVXjdwa-lL6TLQ0MBSvxU0BKPpsA7I3joTd3Ekvf2hoTzyTE0JnjG7hO5W5_A4M88Hm6uaoMWL5Qrpa_Ic42BBAp2EJThMBxoE0CLcbqgq1JnbGbsY4ZswXqjJE4lCxuKAW-dWF_e7yLezL0if5Uk_Sc7-HUXlNGnRxJf3Een2hu6WXeJdYFS19DdDe1Z4kPL4uRjf8fw4rFLohiHausaDTwvEun4TfLYd2s7xJVnzQNrS4BVe5cmkfaqiGUENvtQRD1xUbXxZvCnfKCgFezv6yzmD0tRSRJuJZS_SZnJD-t5Y2K1YjYo421U_JwMOP6O&cid=CAASJORoreH34VRoYmj9VvrQP5s35sCMfAaRfXEIaLxNd1D9AGhR7w&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:21:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 8C2D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-p1aHZ3TdiLnIKaEhlZTDx3TZBUr3Xtk1zmO5JNXBf0Yh0nhrmwoRnTWY5DTTFdsOj88ii5nlvicGj_Ou8opcpZUOMghB1VBGhIihgcAUvAz3d3p73zH_7v12_Y69S3QpRQI2AHtSi_oSHjtriGEeoZiY_g&dbm_d=AKAmf-DVO3lcXtmNzjYteEI1GiuK4fnFtDjZEH98BtzB7V8_E7w8Z98hAAeoFvqcb0865uBcRhZQsbpbWaq39k5yjIR_7JdylRClq-uXK2rPCq_tucrwqF9hPabNpUdX32TG3gBRGzHl6vhRoGcMZx2_7FxiZUB6Hz6Z3CSfIcYJlo_ETZAcmOuq5fW-bZqdz_1eXqO4pFQ0MP4RO22RsIB3KV2WbCRxsOJ_DpZuSB0RZp0FTmFVzurI51RHJAWVTUCSOAASH05U1OZdxOkOxLTx1IOdNcTnX69r_WB0CDIY7gPJWpATfroUfnkhGaWaC4vV2EfybwPO2itg4c-I2Sur_Uoj6mJBGk1dbjOWU8wTbH0nxXGLVbMdJumVpYtt-BGcFP9Jmy2SBX9oSAgg80zX73XZ_ikVGVmHJiY3CaW5Siace-vq4hs7dYtaXNOiZRYtqy2aF1tu4wvbUBY3B4hXtHde0PGLkAW6P9kL7Nf0ym6zf2n903OCWg7X_9H6v2sIxfoB1NlVNq6W3wDBZTBtKPf7PGSHhRQNjGTNED51cRxRP0II0iNA03HGmgcgPNseKbCbHUHy5EEwLMzyoUd_VS5obCckwbMlGP4IBrDrLWL07QbayW61GDqFkczly8PmZ9v0tc-fpj9N3SftqNsigQV6pxlrVs7kNbKyBgJ2jUlbOOC55aRRaYSqsaJDHriMHWTqwKPj8VfZa4i2zo6PoRDiHtG4h-MSLOZISCt7RgpMAFB82ngTqRV3yWEDVLbbQ7FZG9NSRxqHsB2H6beO4QY5xAyI4dWIo8cVH3ukfCivTBgjOw0rCxueLr3WJcdgIVy9gh1CHVqJ-abYC-aXBK1PWCdTY_-DeEjsc3EQ15Ob4IgWHp96ZjbracKEn4rAoTeFXhe33V5BbnsrmKMV3JU329abqKAgyvfDQO_P05KdL4Ib4XCSKr6lS_ruM-Th8iJa_UYDmOGawbeennJOwWxixbH-85skS89HBy01Q66kIE4sVcW4Tx5QFihvYuBkZTMVhU-RGaPmlwsIU0pvhUqMWh7lVx6j-5qOY8rgy7KHmf4Nk3hUQT33kHaPTe6ITWk13hMTzcOWavL-A9qvLum6INCa7cDQrm0r0VpmL_w7xICmsJ6cIXgAsQ0SEE49PFVBhhUkjJhKOT7wdOzoWubgw_7bEYH0Rr6M6K6JB1gIjP-GT2bGKxb7c33uZ3S904ko-XXn_DLNugspnootMFE--C5bSC1VhUBeGiT05jmDTMyzJyQ_THtvqsIeA2QGnfWu5L9jwkdBFjf75yTjhKgA8qYfuPrLazEBh4qOeTo1qI22OSwen5YscFJxBcIBDt-obV94yzlg8Il69j2YWOWyg29vhhSxBvYXQfKzfF8JZbh1wkNIGaVCsgYL_w4AhQBaHDVQEdhooBD-bGaqKW_fh1903pVIRwZ6TShaWcAu67olOz48Ar2ieGGl6zF_P6gu1ziWJKPyLMfyp2GQTOjNbX-wJtc7gwt0tvCJm9xqS6VUUv6g-uvnG3l_AyV1hm6iB-ROJilusH4WfMhkQrXcXeZzG_cqER3ushP6W8SeFYJnfpYqFLXh-o4p9olKMi-WhAv9JrbhBo5KPgBR73oQJOU1xf6oG6VcgZMsbU-GL7-m4Jl1w-kw3k83C52PRqqOQG3C-Gv0oB-xU_C5_aS3igrHn1eLwN13MxT-hg0Gl4oaD_5sWFxgyHiRiRHrchikXscfthU-KUHgNcdtNpXY-FqOSJY20OY3B3kyIvLp1cLrch_nW_b76V0GyH4L7OxdK9yfjxDf75G5-5duJ3iHlu31KpRBBhEXZ_JAegMkVnqAwHmJKEhdT3aAkU0QqvAx4IIYLROCctMfzD89WjX1Kag7eNV18P0FHeStP2MW7k_mqei6R1ClQXNTA692SvIGDtdjmsXqrW3xVKVn2AsvjPuf18tBw5XTr_9YdBUqcyaeC8ECD9ngI6NpuZ2pVkUJYzDkf3D1GDk6cBrhobxdPB98DxzJldgVJhZpLSz7g3Zp0aXCGzyUN7GAaLV5NJiqGtYrUO1lAH80MtRuO99t0vOXIrC9ipydyAmrB2DYl01mSuufAhp6G8ab2_yexKcNppkS0Z1xw_wIlPl5ERQbSYh8qH7hflbfvy3QZahuLxyBFo01Ge7xh_VdltqMULHMEUHPZf818jTWjDrMnSMIpZIJ5LFdCxYeP97yQwpjr-VknHxtUlI8qThW3uG7zb7NXmHiu-w2Pq36qUg83g2kEIZbz-SVoEBTipmu7jd5KQohCJ3kkS_C0swfgp-x9FSmdMsuVcoi6jFeFYzoFNWxtl67cdaAPk7dOP9uOxVOJz4HH37B27lPYAg3Dt7LOdJs0T5YOOtXxaqhHDe-Zwusgii4Qu287xEVuTx_D1pEObgpRS7zxyWzSCaGpkWtk6Po3O24H_8MrM3ibfgC_z3X_SwvLF1reoHb8yrlnMFdgiXHmLV6lh-Vkzg-segAINYeknKLEv37dNL8m5pQUaHkLOzdQShRixF5MuyIhHMFmvfXaFDki0Wbn72M6ThswxmCW56qhf19sA6HBJKTcl9ZwLbiC9ofHD3sCOGiD3GmFf8sPH-gonC58BRZUXXFFKZZQtrX0-_EKA_EGCR_b8jf4IQem82umHJkVEUMSnBdyIGU3JijzejFeXrWGD_YgX2eUq_afcL6RgkOFzXiHTyI_T_qGPYseevBZYL4NnQyXyVfnQ63wUBP0-VKX-jNfaF5XL8n9uiZUIJde_nPUvRTg5Mu2aDRmKSRUGUYhABswvgMBR2kvgs4vY-_gqnlOp09ILbG5TdfyFBiEwbAJ1UNDoRr8tP2MPw4M9amiJcY76FPJuF4pR15LqjbB_EBg_6BCQRlVXjdwa-lL6TLQ0MBSvxU0BKPpsA7I3joTd3Ekvf2hoTzyTE0JnjG7hO5W5_A4M88Hm6uaoMWL5Qrpa_Ic42BBAp2EJThMBxoE0CLcbqgq1JnbGbsY4ZswXqjJE4lCxuKAW-dWF_e7yLezL0if5Uk_Sc7-HUXlNGnRxJf3Een2hu6WXeJdYFS19DdDe1Z4kPL4uRjf8fw4rFLohiHausaDTwvEun4TfLYd2s7xJVnzQNrS4BVe5cmkfaqiGUENvtQRD1xUbXxZvCnfKCgFezv6yzmD0tRSRJuJZS_SZnJD-t5Y2K1YjYo421U_JwMOP6O&cid=CAASJORoreH34VRoYmj9VvrQP5s35sCMfAaRfXEIaLxNd1D9AGhR7w&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:45:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3102 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 18:33:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 11D5 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
62053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3102 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9221d239eed473f2582fe69ff95d224cc54fb32389cd0517908cbbf87ce42ca1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 59DD 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c9d2e42168ee2018278a694a4a54cddb3764d88b70cd893c9d6054382c212d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11132
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8AB7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
5f103af862dbc349d20229dc4cffd985fed286f88b5cc2a36474c89af2d654a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11140
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 466B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCTlsrhJicMMrrJL-ZcoakjAg3jyfTXFwjpx5_Cfzj3D634_2L9OhY02OYM9EuxU2YmyY5LtaR549rBjD9k41CmzX5lWNrT2PzCAN_GniptWl_RCcvt6vD3us6C9KbcvjJsyw327t1AXr3PS_94IZ5t-rEcEB6IupibIteuW-_rIJdKMnGixW-thhRknC1HazH58yqstue-BuenfYKoyxHHz0AIfx0QXHj7n7oHM4-DqBKjZGN-JleX8rQX3czNAyg99_bxMDPHAQuOhNSsV6T-jE4vhGoWe7pUAfD56nkzy-zbo6vBJxl6ZYmq4eqFJqBvPlGxdXOyDXykzedoyA9s44aTn_m5YHn3TmqXUmlmfKqiGsiX3tWxOSRz-iqVCUaf8-M3W3cG2czB548XvUkn3TX-wNUt4mTnBcjDaQtNftOq1mWHwba-LorNozvK_Mf7s-dZ8MrdxW8veEfli1XltMs9Rp9d-mwiLpPhAPzIMxmjh6XJLyNs0GzBH2xQaCVxFT-kMU8kmd1V2kQqHuOYnIXvb8lRKqPVrFfxviBe8aJ2Gk1vm2O04wRHgGYXTqd3jBgOe8t-PEBW4vuZ4eq2QFvA2_eIHWXBNrb4J4RImF8ABoc39qrJrWsMXd2IuVM79tsSpdKQnqTO6SBGDgn96tLhZSctfhPApV-Q7-BtD2ragOLoOriXPF_EyzGbG7jQGl8OehzItJ9DMVyjNjqFGnfa0C5q_oezMfA_HjihZ3MnGAmifGK3DFK4Lg0u8MmUQsasyTCqOj7DVgoXRWd3TaTBiVCKYlHKzucpPoEmQINYR5NeqgOxqLuHMsX-03cF0Z6RyawcoWB6b35Nz2QDjLuS3HBTmebMAqDBrWRdEEyjpOu-ntxJL1-BjGm13LOWz7VnhyzDHISUmHQVlXZjBEspdnvpgjCpqBOwMArECKqUt6-YUL_Xt39wsg8By8G_zL-FvaQOsaY4A0adPJQ7OMwS3AP7FvKFhic7A4rpLb885VCPeIHrO5oS2M03ec4K-nyGVKg5wTpZZfbrUXNkv9NFB3v_TvfTN0Q_StqVWHu7lJKpoYNY0msmXREwr9RFb3O5LSyW2Fuu9S0uMmr-v05yST7H2F-jKzBBzWUeo7VLU_xisQgihaWZdPnaxSL-dvGg1KxfdN5zfEBouyRhP_PM9BOcD9qsdVB6OWV0B4WmoidiTAeroAJeD4AVJMJm6IWnG99ir8pog&sai=AMfl-YTnkcIiS2WC_FSaQQnW3h0zYTTu7rIsIt8wCUu82A1gd1jVSeW7ZxcsqWgy7zYc73fVFhUbEfCQann4QgBpTYpiFwfcw3NkhmSDQyHA0JFM6xgL3VYuBPqWLVgu7vjAcIlUhzPDLv6-nthEIA4-su1SeEgFrQ&sig=Cg0ArKJSzBm4TVakWJCiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2312&vt=11&dtpt=1558&dett=3&cstd=2312&cisv=r20220914.07063&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/16064001689182722589/ Frame CBB1 		23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
f8f5b1762fdc66b59cf1ec1bf095e7ca86b9518d4a61cf98e8863411a5d42e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
298229
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5414
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 01:02:45 GMT
expires
Fri, 15 Sep 2023 01:02:45 GMT
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame B367 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Sep 2023 11:53:14 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame B367 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Sep 2023 11:53:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B367 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 13 Sep 2023 11:53:14 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B367 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 13 Sep 2023 11:53:14 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame B367 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=8Sxj1VesNbCNGeVydLYvZl6JrfbA2EhK1qv-leokCfM_QPbacqKS5OauHPMMWVLCxbu4g4d2wwlLZKsI1HDFVALCieJmZ9ljDPeq8f1dIKxIKFNjddda2w6Tqh-xhK5T_QfVYjnc2avE9SMm0fnKhh7ygWHHqBddKaoKWFKLNqaMUdU_4KiXAMzo8KPod5Mf52RoLnMTXWkQoiYsr1ZZzeGbBqTy1Tykz_BD5BXzuSkyvQFzBgJ6lfXW6p-lZCsl6pDBAxK0EaISssewMX58f3ukbOq2l0ZXNnCr0BsT6NZQH2tj4lyH4OVlNtnxzulUUF2eiM_143sizqubqB4nbARpVVvwVAnO1NQjYIe8dLVUJ0Sy29Q-My0MfZX5MU0kxEZhHpeTmiNdKR_WrapQX6ZR2AZFCj_ASb82UI0sGnR8QKkv
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1814279
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
B26847959.341102289;dc_pre=CP7-_OujnvoCFQQD1QodRtwPDw;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=632706a90efdd66aedda031b5f737327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/ Frame B367
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=632706a90efdd66aedda031b5f737327;dc_lat=;dc_rdid=;tag_for_c...
  • https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_pre=CP7-_OujnvoCFQQD1QodRtwPDw;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=632706a90efdd66aedda031b5...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_pre=CP7-_OujnvoCFQQD1QodRtwPDw;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=632706a90efdd66aedda031b5f737327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_pre=CP7-_OujnvoCFQQD1QodRtwPDw;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=632706a90efdd66aedda031b5f737327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8C2D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 18:33:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 31AB 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
62053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8C2D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
543f41b8fb635c418fe3587fe0cab87e3085280b9fe6acaf547403926bec39fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 11D5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1&google_push=AZmPxg9qsd7u6iRGuJubV5vxWvCuyTxbPWENdzG7VMuctvXo06w6DmouwhwRjHFO6X_J-ePLbzvQtExfBt2wd2sJqwUeN403xMqwm...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY0MzYwNTcxMTE2ODQxMDI5Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 11D5
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPZdQuN9m82yrV8aT_d_Huo&google_cver=1&google_push=AZmPxg_XmqkxVIG8-Dfi1wZXbk6YO1PnA6ahJcxWvLUjdPJD_SUYZ_aK9G...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg_XmqkxVIG8-Dfi1wZXbk6YO1PnA6ahJcxWvLUjdPJD_SUYZ_aK9GxR1GaAvirT0WzfK1xFwYWs5RTXbb9kUAu6jUxHuA_kK6KXxdPehyrGWMolH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg_XmqkxVIG8-Dfi1wZXbk6YO1PnA6ahJcxWvLUjdPJD_SUYZ_aK9GxR1GaAvirT0WzfK1xFwYWs5RTXbb9kUAu6jUxHuA_kK6KXxdPehyrGWMolH5FaW_dufvuLycI6nQJfrDNdlMY&google_hm=xPg59OkY-VHcCFpZGazY4w
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg_XmqkxVIG8-Dfi1wZXbk6YO1PnA6ahJcxWvLUjdPJD_SUYZ_aK9GxR1GaAvirT0WzfK1xFwYWs5RTXbb9kUAu6jUxHuA_kK6KXxdPehyrGWMolH5FaW_dufvuLycI6nQJfrDNdlMY&google_hm=xPg59OkY-VHcCFpZGazY4w
pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 11D5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEXRWMT1mYiIW53bIQgdf4w&google_cver=1&google_push=AZmPxg-SpQalhyntWaK75iObc5I2OUyvKkRO-hbylDk7riDORVdndOElR2AVX5xyzFJmmcbMHl7vfkuAlbn3jIRLM1...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 11D5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_cver=1&google_push=AZmPxg-TTUo__pbjrvM-qoRmIM5sbJ6h8CB000teZ-zUoADKPWKkMq6dPb1gjcBDm_hDgN2J73dg2cBBtHBl0...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_push=AZmPxg-TTUo__pbjrvM-qoRmIM5sbJ6h8CB000teZ-zUoADKPWKkMq6dPb1gjcBDm_hDgN2J73dg2cBBtHBl0...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-TTUo__pbjrvM-qoRmIM5sbJ6h8CB000teZ-zUoADKPWKkMq6dPb1gjcBDm_hDgN2J73dg2cBBtHBl0ttvekxu2ARF5219-tnu8yvTbNRp1TOPx_FMG8XC53m0QMB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-TTUo__pbjrvM-qoRmIM5sbJ6h8CB000teZ-zUoADKPWKkMq6dPb1gjcBDm_hDgN2J73dg2cBBtHBl0ttvekxu2ARF5219-tnu8yvTbNRp1TOPx_FMG8XC53m0QMB7mrDBoc5SXg&google_hm=bUNZZTRpQkIyeWlacXc5MnhUdEY=
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:15 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-TTUo__pbjrvM-qoRmIM5sbJ6h8CB000teZ-zUoADKPWKkMq6dPb1gjcBDm_hDgN2J73dg2cBBtHBl0ttvekxu2ARF5219-tnu8yvTbNRp1TOPx_FMG8XC53m0QMB7mrDBoc5SXg&google_hm=bUNZZTRpQkIyeWlacXc5MnhUdEY=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
278
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 11D5
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?ext-param=AZmPxg-n0X1vyKaIroHjqifWMS9eh1xoIW8NeHpFEJfpoFwGFi0ApTbQG6JSlpIK_hKthNiMXVREDfItKzDjSUTBccNHEt88nfdxd6MvrN0cabpgy_EaTBPo1b3w...
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?redir-setuniq=1&ext-param=AZmPxg-n0X1vyKaIroHjqifWMS9eh1xoIW8NeHpFEJfpoFwGFi0ApTbQG6JSlpIK_hKthNiMXVREDfItKzDjSUTBccNHEt88nfdxd6MvrN0c...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAb9deHlMXo4pTttEFrAJSA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
213.180.193.90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:16 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Sun, 03 Sep 2023 11:53:16 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 11D5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Igi7LypsAOsF79Xw_WsiwIVu-ke8pvhBY7dPX72h5kw7VJRoOM51mIWzzp
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 139B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
438263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 10:08:51 GMT
expires
Wed, 13 Sep 2023 10:08:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ab72fcfbdf43929d41ddea7de1643851.js
s0.2mdn.net/sadbundle/16064001689182722589/ Frame CBB1 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/ab72fcfbdf43929d41ddea7de1643851.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
b129f1dd7105a42cd2ea92b547c43037b78bdebadbe88702d2bdbba84945a8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:47:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122745
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19196
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Sep 2023 01:47:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8AB7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:15 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 31AB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1&google_push=AZmPxg-ZCj5UNSGpa4JVatZNV1KOoLkqwAEes00Uk4V2UOurx06N5yXz4tBTA6OzuyBjZxejH92Q4eHIcGXautDkM3MxI69zed2wc...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg2MDYyMjkxODIxMjMyNjA2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED_okZcdPDxr5HrR5cW1vMQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 31AB 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPZdQuN9m82yrV8aT_d_Huo&google_cver=1&google_push=AZmPxg_GbzDw8iAgr7dQFR1qHBWV789U-CWYNW1uqYzKwS5s5N9iGkTrXxWXLkBeaON6wlfcG2Og7MOI8kGC8H8elgmuyjIYEaWq0hIT4PjyNt-7FyDPOhBbZoj9qpQqyJ9bLPf9NFDaRN1H5NUpsHuYAw
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31AB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEXRWMT1mYiIW53bIQgdf4w&google_cver=1&google_push=AZmPxg-sM1ILbKC9cyonbBg6CWDrvGFgc8mltjvRFe-3lSxzFxISq3WFXw47XkAXu_K1YEBuuck2hcbB4Hr9D3VAlG...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NWZlNWEwOTAtODI1Ni00OWI3LWIwYmItOThjZTg4NDc4ZmQx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=5fe5a090-8256-49b7-b0bb-98ce88478fd1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 31AB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_cver=1&google_push=AZmPxg8g93ioOgYRnzPaFksq_Mf1Eg1h7lrDUBEDLq3HnZjyIEnm5eM2Um1PmpR_QJ7rASAi5iwrJ6ZYO3Sgj...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAXPVr6AmYWazOKMuWXMTjw&google_push=AZmPxg8g93ioOgYRnzPaFksq_Mf1Eg1h7lrDUBEDLq3HnZjyIEnm5eM2Um1PmpR_QJ7rASAi5iwrJ6ZYO3Sgj...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8g93ioOgYRnzPaFksq_Mf1Eg1h7lrDUBEDLq3HnZjyIEnm5eM2Um1PmpR_QJ7rASAi5iwrJ6ZYO3SgjklapfEea2PSxezyFl-012AfcPNlEetI3UyNjx9ZZ7bVgUY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8g93ioOgYRnzPaFksq_Mf1Eg1h7lrDUBEDLq3HnZjyIEnm5eM2Um1PmpR_QJ7rASAi5iwrJ6ZYO3SgjklapfEea2PSxezyFl-012AfcPNlEetI3UyNjx9ZZ7bVgUYqJk-YDjCoIg0VLLECTQl4gwo&google_hm=aUJmUjhzUnBoc0N0ZFZEbnVvN3c=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:15 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8g93ioOgYRnzPaFksq_Mf1Eg1h7lrDUBEDLq3HnZjyIEnm5eM2Um1PmpR_QJ7rASAi5iwrJ6ZYO3SgjklapfEea2PSxezyFl-012AfcPNlEetI3UyNjx9ZZ7bVgUYqJk-YDjCoIg0VLLECTQl4gwo&google_hm=aUJmUjhzUnBoc0N0ZFZEbnVvN3c=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 31AB
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?ext-param=AZmPxg-kuelioYDncsBi7i1yZj9BeiQgYQ0nzv5SPaFfoTZO_TAQQmIAe82Om7Iznz-lBMwy_QSx5arxu8MY-RueR-joEf4cX-rj3s5Tw03x8qbHT7NukLfkWsRP...
  • https://an.yandex.ru/mapuid/google/CAESEAb9deHlMXo4pTttEFrAJSA?redir-setuniq=1&ext-param=AZmPxg-kuelioYDncsBi7i1yZj9BeiQgYQ0nzv5SPaFfoTZO_TAQQmIAe82Om7Iznz-lBMwy_QSx5arxu8MY-RueR-joEf4cX-rj3s5Tw03x...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAb9deHlMXo4pTttEFrAJSA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H2
Server
213.180.193.90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:16 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Sun, 03 Sep 2023 11:53:16 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 31AB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJXmsp3rKNyBc8BrSPyRMB7WOtNRkkiKKinWHo8J66Qas_s8i-upgZRIjh
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame B367 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Sep 2023 11:53:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 59DD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D6B3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
438264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 10:08:51 GMT
expires
Wed, 13 Sep 2023 10:08:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7E7F 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ce3e92d9ecc2694b3f0bba02a72f45b2a1ca2cc2b65d947c8faa9fa6be5ffbfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11282
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 93D8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
5d71727e905249799341f5011192dd189acb9cef7e985deb3c46d2e8977f2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11148
x-xss-protection
0
img
pix.as.criteo.net/img/ Frame B367 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fimgs.clearly.com.au%2FProduct%2Fcontacts%2Fimg%2Fsplash%2Fsplash-v1%2Bfr%2B%2BproductPageXtraLarge.jpg&v=3&w=400&s=OINSF-odoWmRNXYmqAohVrFb&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
76ea5fe7667fbfd485b50d289b37325d511af459eacbf94bc61ed7ac2188a17b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=220150
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6868
expires
Wed, 21 Sep 2022 01:02:25 GMT
img
pix.as.criteo.net/img/ Frame B367 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=https%3A%2F%2Fclearly.scene7.com%2Fis%2Fimage%2Fclearly%2Foakley-ox8081-53-satin-black-front-angle&v=3&w=400&s=mhVB9Hq2WouSMmnMWDOXXriq&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
04361c2e2103848faf3fb124b8e167fdbcd5a5d6dfde2a7e9f473358c3ff3151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3424
expires
Wed, 13 Sep 2023 11:53:15 GMT
img
pix.as.criteo.net/img/ Frame B367 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=https%3A%2F%2Fclearly.scene7.com%2Fis%2Fimage%2Fclearly%2Fclearly-basics-atlin-54-matte-black-front-angle&v=3&w=400&s=JsCtI36I-jIsrjs8A3-u1O9F&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b07f0c3f5dea27e463cd289af341dcd87fa70362ee151111c69f316f837ec19b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3990
expires
Wed, 13 Sep 2023 11:53:15 GMT
img
pix.as.criteo.net/img/ Frame B367 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fimgs.clearly.com.au%2FProduct%2Fcontacts%2Fimg%2Fbiofinity%2Fbiofinity-v2%2Bfr%2B%2BproductPageXtraLarge.jpg&v=3&w=400&s=D-8pMJxgQdXRiM5Lo0C5wcJe&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
472a7c2ac11228f3c876f2b13dcf0b57f94ac0c4161d5f68573d6fe376d1f8bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=218435
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5622
expires
Wed, 21 Sep 2022 00:33:50 GMT
img
pix.as.criteo.net/img/ Frame B367 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fimgs.clearly.com.au%2FProduct%2F%2Fcontacts%2Fimg%2Feverclear%2Feverclear-adm-5-pack%2Bfr%2B%2BproductPageXtraLarge.jpg&v=3&w=400&s=ewGp0FwvVEUxRfN3SwlkB8Nn&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f358da8b27fda3cf2b3c07cf8aacc654f45c44db3291d67916e01299150adc1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=218617
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5600
expires
Wed, 21 Sep 2022 00:36:52 GMT
img
pix.as.criteo.net/img/ Frame B367 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F8122%2F160617%2Ffb2653df564246c2b856942dfe939764_s-logo.png&v=3&w=236&s=TyPCugENCIKzgXW_OI7NxQxY
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9fdc0510c02c1219ae8cb410037d1558bb09c59891578b0e32941b7b55971479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26759970
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4457
expires
Tue, 25 Jul 2023 05:12:46 GMT
all
csm.as.criteo.net/ Frame B367 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=h0GAOIMzOUk1QsOaDbi-iWaj3aiDsanId6qshxSPcWFrT4G5OFrOpzeApeWE6UaARxoa5VGJ40htWlIKQEVC36cmKqC0yMlTO9mMNTrr4Z_jWczWXBd_rP_kQzXDisPkr1ZAxUQh0tDondzS2PVavJ4BRWPkw0pXgofNLqTMy5p5RnfLDdVzHwjDOevIydNGfwCnTlJHZbTVTgrTcWKqzxWljojrdBQEIrQpfvgXUkm8ibzs5AEfO52Qs_TtJT8G5SyInw&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 18 Sep 2022 11:53:14 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B367 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Sep 2023 11:53:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B367 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:14 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Sep 2023 11:53:14 GMT
index.html
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		87 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5449675/1662958221883/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
a198d447e8699f4cd4f65b590ed8bf2d3de7441580823006934b9be85b11023c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
29380
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
20654
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 03:43:35 GMT
expires
Mon, 19 Sep 2022 03:43:35 GMT
last-modified
Mon, 12 Sep 2022 04:50:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3102 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupXYSS798kP6gPeh5s4j92TRVHo5itQrY3GWfh49lBH_y5ZM0RiKGhNPthKAOjNQeJgzXpApjaeCgdOqiyUQnUXUx20N5Lqyj9OqKtN0x8ONoSgZV13NWYcU0xZ4SmqvE8CFhuZILhcXVODvC7XWPlG_W2EB33KKCjv-aZ0nHT7IZz0fJPwXMF3pPUJ4_X59rMr_6RO1YmL3ZP9mcgXbsD77pom3Y-fmuKXntJ2hcmYzPpezap_dcbVa--33HLmk6dvn_pJL44MkUVe8bEn_bNSXQG4EA8rJuHAgcRs-O8C5dPzLbryejcnyfWaGEZV21787fz7ZnQms7Bd-5brZ4BQWV7RJ4L9jsFhm4j3eMXWIYDYFNypT7Wvrc9qO426HPd370nC-pQO3j0SW6FVnyn_1TkLC39JZxc-0EbSuJk3-O-lMsMes9ixNE9f0B71mILpBBnU7zp_jTN5fr2G5wG3H0CBIV0s9B01cNNYzzjgsf09UF4dqjWEZ3sU3uqDOQuPwq_wQBJrI7zS4ZsRKaDuLn_zWyiN7-GYdfedXqB47cI_EB3qK2VMnCRjSAvgliuJYU54VSqzoWPfRGLeQGwdudlTiEBbRHd8ssE_2E5SG2gVe7KynKOS-sw751lWBqRVWg3WF9MQu7Ca3L19ziwxyV-Sy3K2ed6_pfoPTgM-q2YaWhbBtnNAMKpJv6_QQsIXbPyXhyeE4d_nJ6yvxgE8GWbQX0SEIefr-DOyVY3C6WWFlCZ82L7I45-K6aiYtOlZnUGq_LMpV3K3pv12d7dtEftfh-wEN__VGnTNulBwNhk-vRB9p8pqL8wi5eqe5O3DO0rb8dk8AJCQJfeYBhq64s2JGi5dv5zm1s0baVooOohSj-ZgDsv-47Z8nS1S2f6h6sK6esrM3Psazmcki4fv_xSVuLwYWJn72PcxV-A-IMYGLiDS0SYcDCWEX6UsKlf4YEo4F_HmIufXO8e6r16MM2rQ82U2syVxAEEjVcYys-APEmsgR_dJTW2G-f9echSdqFyGX1GFBRzwhAAiEK5sGAwfiu33Zg9GqEtsUXNZcNF8M7zPX6wfA3xw1mnqcucw5mRACrXA6ZMSHCKEIaPfjLJQc5waRvkWuQtEom3X4OYBXac6g1BJbB-nG7Co1pJstyItiGZkXRentkX0ufjQH0-OJJDg67aitnF4Lvgs2KgFh6JnI68KsLds5VZ5DFPP5p3cmNTUfCKlJk6KdRQcfCXg9bI855KbA&sai=AMfl-YR_WOzPNMGYguh5hzwJf-LzCwZ3i5KWSiXHNx2XSyEfln0DQEFJPY7yxU-c6NLWboFLl5FAyHg0yeHxBwJrk1yrj3lHhodfyyQKCT619Mqve53V-pdR_FhT9Vw_D6iFZJ8c4qo0G8UjX6l37cOXM6pfLcbi3AA9N0v4C8EzPLMm3PrkIJlqZGGom7lDh05_5-9XW6QudAoGAnB7dMzomw&sig=Cg0ArKJSzAlK4mWEt9rnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=568&cbvp=1&cstd=566&cisv=r20220914.72154&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 18 Sep 2022 11:53:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 3102 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.241 -, , ASN (),
Reverse DNS
Software
MMBD/3.364.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 11:53:15 GMT
Server
MMBD/3.364.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x61, hkg-bidder-x45
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 18 Sep 2022 11:53:14 GMT
user_uploaded_brixton_lead_400_normal.ttf
s0.2mdn.net/sadbundle/16064001689182722589/fonts/ Frame CBB1 		1 MB
604 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/fonts/user_uploaded_brixton_lead_400_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/ab72fcfbdf43929d41ddea7de1643851.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
23cf10e6885b8282707433ff5398ea37d5e087ca0b4d4574ebb9749f23d39321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Origin
https://s0.2mdn.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 03:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 03:01:27 GMT
sharp_sans_display_no1_600_normal.ttf
s0.2mdn.net/sadbundle/16064001689182722589/fonts/ Frame CBB1 		176 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/fonts/sharp_sans_display_no1_600_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/ab72fcfbdf43929d41ddea7de1643851.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
6c7eab735d57e197e9fa95ec01ff4b6daa407d0742a5eb9a599f23b29f24e331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Origin
https://s0.2mdn.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:47:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122744
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78335
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Sep 2023 01:47:30 GMT
user_uploaded_sharp_sans_display_no1_700_normal.ttf
s0.2mdn.net/sadbundle/16064001689182722589/fonts/ Frame CBB1 		177 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/fonts/user_uploaded_sharp_sans_display_no1_700_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/ab72fcfbdf43929d41ddea7de1643851.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
b41755e3a7cc48432803148379751a2c48f232364eec6098d6fb8f3cdfbaaa70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Origin
https://s0.2mdn.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76681
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 01:02:45 GMT
c1f44d45de71f5cb6a74d0057eec5f24.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/c1f44d45de71f5cb6a74d0057eec5f24.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
beacf628aabb5948224efcee08de17f3451beae946d859e1f5a0a012755f350e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:02:45 GMT
x-content-type-options
nosniff
age
298229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32531
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 01:02:45 GMT
9c6e199db601eea4496e6ad2af129eb4.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/9c6e199db601eea4496e6ad2af129eb4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
faf2d466f30a48422a08ea7190085dbc2e7a69ba7de73453622f8cf8b25307a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:02:46 GMT
x-content-type-options
nosniff
age
298228
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3425
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 01:02:46 GMT
52290ac4e268cdea69db088b298c6790.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/52290ac4e268cdea69db088b298c6790.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
2bf920835a3187165abad20cb996dccfdcac82a641c895e3d985e913e68066e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:20:47 GMT
x-content-type-options
nosniff
age
106347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7422
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Sep 2023 06:20:47 GMT
ea96fdbeb9aad9736fd366fc485036a9.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/ea96fdbeb9aad9736fd366fc485036a9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
7042da90f5a0a08e27bd7ec34d32d4911923aa0d5a6f01fd2e025d89be9fdf4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 01:01:11 GMT
x-content-type-options
nosniff
age
557523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2659
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 01:01:11 GMT
4afbe563270991e325bc40d958af7362.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/4afbe563270991e325bc40d958af7362.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
acae428518b2661de079e6abbdd5597fe5bba57703c9c32af0b706534155b9aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 08:00:02 GMT
x-content-type-options
nosniff
age
100392
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10697
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Sep 2023 08:00:02 GMT
a1251deb4d4fd9c9b49a6e3dde04827b.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/a1251deb4d4fd9c9b49a6e3dde04827b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
09a778a2815952b81bc3890d7c1f088fd5eb7c19d9f8854b0d76c521a43403b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 01:02:46 GMT
x-content-type-options
nosniff
age
298228
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3853
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 01:02:46 GMT
4aefe0be277ed6d17c1ec557385270c9.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/4aefe0be277ed6d17c1ec557385270c9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
0cc355d2d5e8cfa8b8ea7ff3807274a012fbf4962b996bc19e3b8b59e8e7045e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 03:37:01 GMT
x-content-type-options
nosniff
age
288973
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10598
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 03:37:01 GMT
1402ccd475e1c44e54c0130381188f2d.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/1402ccd475e1c44e54c0130381188f2d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
bfbb490f2c6a3cef278a65c36654bd765e2e03b896694ce64ec5c884753665de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:47:32 GMT
x-content-type-options
nosniff
age
122742
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3668
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Sep 2023 01:47:32 GMT
fa04fbe4d662d5091ffdf3c4e0a38cb7.png
s0.2mdn.net/sadbundle/16064001689182722589/media/ Frame CBB1 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16064001689182722589/media/fa04fbe4d662d5091ffdf3c4e0a38cb7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
63c002f10d5efc70357c0bba0fdf8d9a36e56b4d0658c9c5a2298c06c2ff90cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16064001689182722589/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 12:15:57 GMT
x-content-type-options
nosniff
age
85037
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11211
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:02:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Sep 2023 12:15:57 GMT
index.html
s0.2mdn.net/5449675/1662958233195/ Frame 6A30 		97 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5449675/1662958233195/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
70b3b43bc3b6aad26d5d6e09884d430daf54b2ad9a94031848d11fb11503f32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
41706
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
24732
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 00:18:09 GMT
expires
Mon, 19 Sep 2022 00:18:09 GMT
last-modified
Mon, 12 Sep 2022 04:50:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8C2D 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssVgb09_ngq3Dhgf_SqEl6pJeKmNxuxZOykgcOZjY5UhIlVaCz_ddnh4DxG-sk5wiu2V_AdKNfC1Xy7Zu0GMc9haEzU9RmSlamy8bcvy7VKrb5dpLWD1mYfae0OrRnTz_TunJBYPVdGWdFho2gMaEtYmpWbFqZ7ekD9cU_wuGZ96sAW_Iod5eh4EX7a0xwAIUo5iebr4y3ihK0xsAzogo7ozOLW3p0GsE4toAD6W3mc4DyEbDObZXlt6il_g3DUAz1vsQUd3JdSsmBaOcXIXSqnXRQu045PP3f9BapYxtnd3PBh3CdcaiC7Cd8Yk813FfL0BrDAQFc5uNVq9uI3CcqGnESnkCIwtubccksalX6zezElRTmh7Zb-kjiPYhbHcL5fjhoXz2NnCjlzND90qaUTUAXnCZq5lya2Lm26XGUryuaZLkFGqIQxkCq8kGgQ_F2kx1x12AtMnCqmd3msTvVdFjPsQEf23JsHL1gParLI0Ymb1FU7D2NTqIEd22o0DRf8ZJLMtlyUs6xQSQIMPzls3sxdBBKezV-QbHKwIGglq37DzlpwyRMj4WEXDHu4YqypUaK_kvLxmWadGtkz87_ZzURAq2506UTjAhK9KEtMc7YLFLN2_GLrXfsvBbGp8Cf8ujJavsp-iNRk-z03RTblHK38eHUu_KAP8On-2BEdjFEqYVIM8HJ2BIFoo9J8lmSzpNsTiidyW_g8O2IX6Ej1vYtpFOTDjtKSZBxGnosKBNB-4M5bU03UuKRkBCq_fTs0eqZNiwqHeeeTklsLvqc5qoZdkiGvPKm82z9Fs_8Ae5xOE1KDHTw8wCr1C6RkL0p-2-OsF9zvoeJiI4YwRW9FDTP93n4RfpTWf0FKAlSKtY9vCVy32BJ-FfgTzqWeMWh7Ot1VbYLpxntVnMVL6lj_OX6rBJEq1imnFd5U1Znlovli6y8n8Lt3Y4k3R9veXWXMX8twLvsN5HSrHUm_2UUrCwJYlfOPJ7zJBYB7M-lHxCoEtbJKKWAphJoqSpLAqO_YbVqE9mVe1q0QqJFiWdqkYj1xC1vx0hFYOlidU7KbCp4Zgz-dcf1UnNauIaKnl7l-4G0MO3vdVUsPdYNGRe4OTIUvNRrRnR0T7G81IxWjFG404kgvs23411pWW9BM_3-GXGUCssFxsxY79PJkVyhIImv8uSVjTRlxg-T-YT213RnwMo_-mfMXiJUF4QErW7U_gcyYjDCHKIFt-Hdi1wR47HTPaIF6ceM8psP&sai=AMfl-YSfhOz3ljUjiptYdebHae4OlTQFX6PAC2BJ1fmlvdoGgF7FIJv-ubpnVaWphBlJ-sJ5sZCM__6DsBNkX-x8R-RxvUY_57gwqcJizQwJNQTK28xqJwIS46XZeYHrIaPq2kqPmzr93K7Zs8hw2lnQcY6lfPHm7XrUXlvSiRHvMRmGlNNy_F3OMv_WkDkaTvtVXahcDUSD4OGdMhI6N-pcSA&sig=Cg0ArKJSzDvnJnu7ynKuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=576&cbvp=1&cstd=574&cisv=r20220914.93432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 18 Sep 2022 11:53:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 8C2D 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.241 -, , ASN (),
Reverse DNS
Software
MMBD/3.364.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 11:53:15 GMT
Server
MMBD/3.364.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x21, hkg-bidder-x107
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 18 Sep 2022 11:53:14 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 139B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 93D8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7E7F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 11:53:15 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame DB4C 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958221883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958221883/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 23:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Sep 2022 23:46:59 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 6A30 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958233195/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958233195/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 23:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Sep 2022 23:46:59 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame D6B3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CD5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
246045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:32:30 GMT
expires
Fri, 15 Sep 2023 15:32:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ED02 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
1dde4d89a75f9700fa8ba6fbb4f4488244ea26372367e4f891b8d9f9c7fe61e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vz1cHZH6mYTGTOoDypjBAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-vz1cHZH6mYTGTOoDypjBAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:15 GMT
expires
Sun, 18 Sep 2022 11:53:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E5C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
246045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:32:30 GMT
expires
Fri, 15 Sep 2023 15:32:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CA79 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
1df583f7a7607409dded37533b97cc857c46874fc3f46552bffa3cdeab2dfa14
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KRzRC-AvGy1lIRl7bmf5IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-KRzRC-AvGy1lIRl7bmf5IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:15 GMT
expires
Sun, 18 Sep 2022 11:53:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF77 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
246045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:32:30 GMT
expires
Fri, 15 Sep 2023 15:32:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0E37 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
f1dc8ab5d7d4ae2aab41d9e45458521a79bf9f7874068e3425c9dcac96488117
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wk_1qJ5QTlGwUWh4-MCVlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-wk_1qJ5QTlGwUWh4-MCVlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:15 GMT
expires
Sun, 18 Sep 2022 11:53:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5982 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
246045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:32:30 GMT
expires
Fri, 15 Sep 2023 15:32:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5DE4 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f104.1e100.net
Software
GSE /
Resource Hash
b7ec7501fbd6db9b52b3ca4354b36be451f540c004742ffb504870a20bf824af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w_eXk9EHcHndKV0UMbr70A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-w_eXk9EHcHndKV0UMbr70A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 11:53:15 GMT
expires
Sun, 18 Sep 2022 11:53:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 139B 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZNiwqgYnY8gxmIX1_A-WqYX4DwAAAAA4AeAEAg&bg=!mJulm9_NAAZqQh0mSkI7ACkAdvg8Wsm0OGpkYptOR2kewC5BblCB4eijabWakFfl6nqV3qS5urLYRgIAAACXUgAAAAJoAQcKAB-jguVlHCpHrcO6Vu254zgvHPUNScCyCDMiJfvQ7iUzmQLx5rOm7ZfiHfULZJuforVNo3MvDbWVe99MFfFesU4CFwcy4gEc3ZhXprOJCTWPqtqEMKlVEx7LavGqrDz64u8EeQ_abS1wMU3SEDMUosK-sqAmqHsLn6PNuc6p-IgAgmKF_vcHBiPal82ZTFOrFPacF8xMrz2Lh49T0XEGFBPphs0SzIOXH-y8UodJiBp5vko9cwUVNXVz_Z4GkhVxeBIBZQbqOsmZfUkac4wT8u8fEVJY2NKjtVtkAUMIyRmL-gt7DbfNF80K4BM0yVA5_IR8LUW_bqveLtK-ljOrEIwdvcIW61x-n8MKa3HtzDMPjs6B9mtbk_JtOaDC2ZX4QUiUi9yDHCZfMroQhVWGJCXlBtmJO0Dx7VqpAvO4Z2dD6Z9qnmv5HSI1pa1s0_XDr_BkPOt7_Uzx5duDmyJv_7LyhUYE1e3twFFOKFUfSBNxfpSFcTSfHovrc9tWcEf1FoFriiUGsfLG36-AnrtGT4RRtZa75r6rkzPtOAjiLt7-ADvmJP2CO3m-RtvMGVBkFGJAls9kFEhfRQoU-Ejnceo65-K9Yr0DIj4NawSWvPThreElZTuKNyU9s-8wa-X3h12oj-SCmuL2NLxy0I1IT01ks8Zq50PplIWi6Cd8GEJn4DQbK71-Exq4nAF9YbpdVTcTqJOnaqxz5uVHVyDeJUG96B0tmhDcrpUA9NCXQmgxcoy9MLQ8dbwvG1a3GatMSFmhlIH4bQfsOfAOEBaoBLPKlrjOAP2nd8W-I5-4H2q0qh6119eYiFg4YQP2XeuJhxLRa1M2Tonj8TXeAIOvBCxYX9nKoM07xrDt8o1I7JSItHgGzJK5l3GAqqcm8ei-VwWMn3uHYKv30snjyU5MBgRTnR57OgahJC1nYjfCivDmk276MV6leW-GB4XuWy7oB4Oa_flOkOBmbFHJwbYdFHs4KS4KBgHtZ_hgHW69V7oJAGEudTCfuyhcbtUhYT6ARxmrp1qF5lLTy1hYtE83xmqvorfw
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 466B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYtGeaHDvvYGgjMBJHCb3zkrZM0w3D7nMfTABAFV4ut7pVkQjgSEeUu7KV5DI5BEHI7Wd1bvTsulMM73zSMFR4n7xELG_JFeVH6x_PRHt7bOqyXpDLepqE42pV-Vnwzbc6Km8&sai=AMfl-YSdwwowCS8_JL-13JFjqxa3yjuz8i2_ddFsa5Nve7m2hOelF-jamBToOueWQUP6YVSZwt1ydk4JqP8iooKuMMLFGfdnw4LY0xA&sig=Cg0ArKJSzJoip-TpmQNwEAE&cid=CAASEuRoAm88AKy9EoWVNR09QqOSzw&id=lidar2&mcvt=1024&p=0,0,250,300&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663501991872&rpt=2619&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
null
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame ED02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=157479556674864&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
null
s0.2mdn.net/5449675/1662958233195/ Frame 6A30 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958233195/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958233195/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958233195/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:46:41 GMT
x-content-type-options
nosniff
server
sffe
age
394
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 18 Sep 2022 12:01:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CA79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=1640336907108955&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0E37 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=3454223381071077&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 6CD5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5DE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=1227285620225158&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 7E5C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
Disclaimer.svg
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		309 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958221883/Disclaimer.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958221883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
8d91ace74760051c7f4ac766aaf312087c1da2ac591f55ac9b7711c39aae9be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958221883/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26373
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 03:43:35 GMT
Text_1.svg
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958221883/Text_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958221883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
07e0ee90267d28062b4c5cf7bd7dc8bbd674f96a98c1130d9171c55df4587556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958221883/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3410
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 03:43:35 GMT
Text_2.svg
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		13 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958221883/Text_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958221883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
49be087f4acf697cae33b5fbc7b65e27eedd2609ec04e3fc59af075479bd5f5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958221883/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2864
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 03:43:35 GMT
Text_3.svg
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958221883/Text_3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958221883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
8ca7355a97dcbc2d8e877bf07cd353f88bf694edebfa98d1c173b09871df258a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958221883/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3583
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 03:43:35 GMT
Text_4.svg
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958221883/Text_4.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958221883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
4176c95f5e9e419402acf053466970fd4fbeb9d94dba441fd26dd078bee3a4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958221883/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3284
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 03:43:35 GMT
Illustration.svg
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958221883/Illustration.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958221883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
d2de4f717e2668e7dbbb5c06a32cea6a3400e57ef9699eb26b4fafe7d01fa115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958221883/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1245
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 03:43:35 GMT
Background_1.svg
s0.2mdn.net/5449675/1662958221883/ Frame DB4C 		20 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958221883/Background_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958221883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
b9ee8da3c92ebe0984c6511146aaba266323f749fb3130d5473e14b745a22be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958221883/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5594
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 03:43:35 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame CF77 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
truncated
/ Frame DB4C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 5982 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:48:53 GMT
Disclaimer.svg
s0.2mdn.net/5449675/1662958233195/ Frame 6A30 		82 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958233195/Disclaimer.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958233195/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
8e22b99e056e8225a28ae70bcccd20808d7ce099106ad919f18c1df0a5514012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958233195/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12163
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 00:18:09 GMT
Text_1_1.svg
s0.2mdn.net/5449675/1662958233195/ Frame 6A30 		15 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958233195/Text_1_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958233195/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
f035ceb2322f2e77ac9957293e398bb0cbaee03d93c86d52f1961c5be1c2db34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958233195/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3209
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 00:18:09 GMT
Text_2_1.svg
s0.2mdn.net/5449675/1662958233195/ Frame 6A30 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958233195/Text_2_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958233195/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
3fcc1cc10ccb611d9f46f040779b523c9a1789a20a50cc27cb50b872d146ed82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958233195/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2914
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 00:18:09 GMT
Illustration_1.svg
s0.2mdn.net/5449675/1662958233195/ Frame 6A30 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958233195/Illustration_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958233195/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
972129817e5284f4e50e3466e3c685815b87b03a3ee3b29cea56c65d90913ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958233195/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1119
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 00:18:09 GMT
Background.svg
s0.2mdn.net/5449675/1662958233195/ Frame 6A30 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5449675/1662958233195/Background.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5449675/1662958233195/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
1955d32dbe4d727cabd975dff9651d7beca9b7df4deb811e90e929adf6a1c5d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/5449675/1662958233195/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2769
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 00:18:09 GMT
truncated
/ Frame 6A30 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6B3 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgrsBqgYnY_x_jaKsAZWVsZANAAAAADgB4AQC&bg=!_P-l_7vNAAZqQh0mSkI7ACkAdvg8WuXhd8dEI0BCvxT_Ng_0bKFqayj2kcGveuoocYXNFztxm5MqEgIAAADyUgAAAAJoAQcKAFOiOuGbkKYudyCHiFmblJbUejEGr7exPnzevBXJqjsPrzD4mRHYY8BAEfpCmvieNoEJCyQgXHOyJvySDZJ0fG_EvE2HkbSfhydVKccrpnERBzuXG5kC6uxv8CGAEXeFhGLpFh3LTVOh1H6vF9OG__7Ce-dgAZlvGaX9wfnuCchRS7nVVaYbemZKGh0MOV_5qoj8f4fu_ACu4cZnoBS3NKUxenBmCzwyqWh4JYZeZvryRkMeySHFyUDJmYNgS5j8L7u-az8d3f9VpbMtPLDhgRjU7g_u23KM66rFircfJgy1fZz4Pk5okdAAb4-ZweRFPmByj4N9X0u00jib6XkgfjIFtM5LsZ1NRnbkBm74wT-GayeKXMpVXwMYJLHJ9l-QZjQ1wAOeszcH-v_Wg15FuuVnjcl7FFTIZuQXxgnqJ2Fm_XyhHHVUu1zh0TYP_QiyKFQOdbMLpRC6vSYGH-0XmPIlohZV12g3DXdK36pZ6rxUo0j4OVswLCfFqzvVAklX0xdVyyKMABulxIEGIwggWt48v3K7uYYRb6j9PAqpG6r1oiLNFq76z1xw_LPt7hQwPtffQDeJI7MwXQKYnp1hk-VJgGBvF7m2G2HTPlL6QXyTWPgmLOEN2zwmflQqMPXxrXXutqS-LvzkpPSpXlbUeIqKjdaTzOPzyy_R5W1bWZP3AXRoZ6fg5kPwIZ_57G-2GDc5DZKibab9VQtTLssI_hNIlyrltSKedcQ7TxAi7BsmZ4VaeyT7ELYZBsDI0W-PLgpsVLVIZIH6OzTLTiujRB6gDmtLJ4YROGaY7DB_zI_LHz9Dd5pJv6dYo5N_7Y6SSwkUP2LMr4lqvNE-hFpWM2xJe0aQGbG0K9P3TzqUdfb8x7zwNBaZoIlvIdfl1qUFWMC5Jo04rYFnv18ckWSDGhGnC-F-dIhYgXliqlFQt14gImcA8lWe2P-1dOJkMjuLdTNIAIy3rK_swVmopH3mM8mnK6Qsx7p0WX9g7SGxuddPuXN6qG0hsSCUp8qKbQunehrKM4RoDgyvIJniI8vcbR2Oz2BlFd7C-HdRQ7oy0-91B0fdQulybZsaAZSd-nS7Uizu33MFgQLhdl-Yibptpv-b
Requested by
Host: 4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C2D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1uE7y1Dg0qLI7ntD0I3RiZfR7iGxtCIxPIN65n-wj2siVIvmAVz3kKrPBJphbR7moQiWbnwwLxOvPPzC6xcen4o4An0cASQ2UGgQtBotZjGmQvccVxdS8M05d5Jpj5A-71iM&sai=AMfl-YTr4LZ3uP-hkL16QhJ0tz7ON8YZ4ZqXaKUQgl3V-4DMgQnSgg4fmEWUa52DNGMm5ER6cyUa85rEARdNUG9W0u6YNqJV5Ql_ceBxSSl0lalgWCRrIy0aRDHn47w&sig=Cg0ArKJSzGH_c2j95Ai5EAE&cid=CAASJORoreH34VRoYmj9VvrQP5s35sCMfAaRfXEIaLxNd1D9AGhR7w&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663501993398&rpt=1277&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ 		341 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
6fd0eee7493842fde4c62599e3c791b9b30285b274c00da01fc61992b86c7cdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1167712
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		108 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
86807a7c95083b597b6fbdca9efa942b06a78088deaabbf1a65b91935e191e77

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 11:53:15 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 18 Oct 2022 11:53:16 GMT
usync.html
eus.rubiconproject.com/ Frame C75D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 18 Sep 2022 11:53:16 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 1161 		0
0
/
onetag-sys.com/usync/ Frame E942 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663501990693
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e46313d662d9c1bf5b46fe88c69968cf97713e071247e3e3d8bcf4758e646179
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1374
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 33A4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
11973
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 18 Sep 2022 11:53:16 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 15442
X-Served-By
cache-lga21958-LGA, cache-mel11245-MEL
X-Timer
S1663501996.357255,VS0,VE0
sync
eb2.3lift.com/ Frame F11C
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0efbb7abbd1bc1fed259b6a136b6f4ac2d7041043d357cae353885a56d6f8d2c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
457
content-type
text/html; charset=utf-8
date
Sun, 18 Sep 2022 11:53:16 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 18 Sep 2022 11:53:16 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 1533 		532 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8955d4c8c1252120b349ddc292d72d3dd06a8e5f406de54561d60a95cbcde6ad

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sun, 18 Sep 2022 11:53:16 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame D039 		2 KB
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3a5369337015440669c4fdb52dba8c41268a5269feba5f9730ccef032edffeae

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
642
content-type
text/html; charset=utf-8
date
Sun, 18 Sep 2022 11:53:15 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
checksync.php
contextual.media.net/ Frame A583 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.112.21 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e1d3b4aa25b6f43c94dff01691f031bf5f96db6e48e78a4e68684db6f8f2388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9336
content-type
text/html; charset=UTF-8
date
Sun, 18 Sep 2022 11:53:16 GMT
expires
Tue, 20 Sep 2022 11:53:16 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 7B5B 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E621 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPpLxPCRZ97W8tXXJbVLmw6bVwj3H38sEgO2oU_QOUuwoMekwMp5xAGbpHDL7qVWdUr5VwaFS8jWy1B6QLbSr-EoIu&sig=Cg0ArKJSzDJZ_4pxuH0KEAE&cid=CAASFeRokgRU0wV3fglPg2LctmzkOx9qzw&id=lidar2&mcvt=1007&p=300,5,900,125&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663501993405&rpt=1361&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame B367 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=h0GAOIMzOUk1QsOaDbi-iWaj3aiDsanId6qshxSPcWFrT4G5OFrOpzeApeWE6UaARxoa5VGJ40htWlIKQEVC36cmKqC0yMlTO9mMNTrr4Z_jWczWXBd_rP_kQzXDisPkr1ZAxUQh0tDondzS2PVavJ4BRWPkw0pXgofNLqTMy5p5RnfLDdVzHwjDOevIydNGfwCnTlJHZbTVTgrTcWKqzxWljojrdBQEIrQpfvgXUkm8ibzs5AEfO52Qs_TtJT8G5SyInw&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YycGqAAORl0F2J_lAABU73aXBWIU8H9BOvaStw&u=%7CKDqx11Is52HpWuuj9YCaaz6pAh2PJtcpe8W4AFt6Trg%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---AuFN33LvkGjGMtdJEk9WtBU16cqAjjNuWrx5pN5Iz1fxRZIyb3Mx72gW_PDYsp3ZgBsVzEHaJEs0ZMWFb8t7DDxtS9nnCZUGurd1POTXMHI0usNi6AFmUbnKiK3iZjdr_pnzCZA9bFyVDwhfHpbtHYPee9Q9OlAJTpb_IBmehlhFEx7C4SUN-LBGvPsTZO3-nYM75MnBu-cc6HddVKm152HpcicvwudyMZGVbDxwzTyN9RdZpiTQ1TyzQmPdGYHuD246ZERfcWpE0lViQqtttO9TIn2JONmx8VxKZPZKHq2YbQ5AaN4jxhQe-FuWeDwzUId-GZSE3nUvB2YSkIhKhdK7kyMCHvyayKJ4zHL_fc-Jzm9BJnYemlTDyE67C0DeGihBxa61nrda0jcOsyxqBjeMZYjGA0khv5DMYYIkqX8hE47yRfAxEFQfE0Ys3wQnhUzEj14CjC4Wpg_Ew-BztGUOyDYZ44_aSeaPf97ejDRblTcx_v-IbitIQQokWbFEg4Ys-fhPRe3o335Akdszs5A4eSg3BRHaVzUCM09shj3V8N5uAW-9iMk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC101zqAYnY92MOeW_4t4P76mBkAaY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBK8CT9AZ1qcJgiXG_3SXJZBfby3NSxqI72y1EKZOAFyVaOgiIdaRC144fNrTeNXzU5qb462ba3As2-Pi87d2iNV5V1Ju034CWCK-57HYJGCN7-O8m_oYNwrWlamd92WDu6EFC9nBt3vZwRm4XO-xLoTQJBrYX8lGyTfxFHFYJ7k-YEU5P0rOLJs2Vu0xTQEhn2Pyx80tNT_pb-4qK1UupbMHxZDIrUnmOvZAMR_dLmD8WS2rSggeepAaUwZftFbrd0xj7-5MV2H8x_9HuuQlE2zTiC589D1Q4PhkTD_8dwZs-smBtj2OkNbydNUIC4M6iu7UgJ5giEUzsqKToqSlX6kRllvj6f8HjgGgFYEW99aOiGoPQcJn57sq0a7jNVw6cInWIEVNJOCRlrnD4OLeHkGb4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ac6UGV8GoDzp__9_1xcI90Ckqsw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 18 Sep 2022 11:53:15 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame 3102 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKEu0PUvvJJ1ttfHHPIj_cIRxCdL47jsy5fPIPCGEEeFrAmIDOML8Hie_iPWWGidsEGU9PMWQEaUvAnDPJjEgjBJE3NEcMSCzIDvd6JzjiGGfbySbgS33drS4Rx7Fi0EZNKmk&sai=AMfl-YQnB035wM9qKtVNw6XfROcPLmEflG2KhZvLAWBaw-HtlWiULGEwQXecN-15Di1mpp3VpKvsFtOIHnZP0_nTesjur0LsgEKv8DhRqi_xfw-rAGRt3YsQzP3HCv8&sig=Cg0ArKJSzBNO5sPaJEdsEAE&cid=CAASJORokreIJjO3kexoZxvoLxh_Jttd8XhiYnrm9LCQrotMsEP_xQ&id=lidar2&mcvt=1006&p=60,450,310,750&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663501993395&rpt=1440&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6CD5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wv--Ow
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 18 Sep 2022 11:53:15 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
311703
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
view
googleads4.g.doubleclick.net/pcs/ Frame 8C2D 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssVgb09_ngq3Dhgf_SqEl6pJeKmNxuxZOykgcOZjY5UhIlVaCz_ddnh4DxG-sk5wiu2V_AdKNfC1Xy7Zu0GMc9haEzU9RmSlamy8bcvy7VKrb5dpLWD1mYfae0OrRnTz_TunJBYPVdGWdFho2gMaEtYmpWbFqZ7ekD9cU_wuGZ96sAW_Iod5eh4EX7a0xwAIUo5iebr4y3ihK0xsAzogo7ozOLW3p0GsE4toAD6W3mc4DyEbDObZXlt6il_g3DUAz1vsQUd3JdSsmBaOcXIXSqnXRQu045PP3f9BapYxtnd3PBh3CdcaiC7Cd8Yk813FfL0BrDAQFc5uNVq9uI3CcqGnESnkCIwtubccksalX6zezElRTmh7Zb-kjiPYhbHcL5fjhoXz2NnCjlzND90qaUTUAXnCZq5lya2Lm26XGUryuaZLkFGqIQxkCq8kGgQ_F2kx1x12AtMnCqmd3msTvVdFjPsQEf23JsHL1gParLI0Ymb1FU7D2NTqIEd22o0DRf8ZJLMtlyUs6xQSQIMPzls3sxdBBKezV-QbHKwIGglq37DzlpwyRMj4WEXDHu4YqypUaK_kvLxmWadGtkz87_ZzURAq2506UTjAhK9KEtMc7YLFLN2_GLrXfsvBbGp8Cf8ujJavsp-iNRk-z03RTblHK38eHUu_KAP8On-2BEdjFEqYVIM8HJ2BIFoo9J8lmSzpNsTiidyW_g8O2IX6Ej1vYtpFOTDjtKSZBxGnosKBNB-4M5bU03UuKRkBCq_fTs0eqZNiwqHeeeTklsLvqc5qoZdkiGvPKm82z9Fs_8Ae5xOE1KDHTw8wCr1C6RkL0p-2-OsF9zvoeJiI4YwRW9FDTP93n4RfpTWf0FKAlSKtY9vCVy32BJ-FfgTzqWeMWh7Ot1VbYLpxntVnMVL6lj_OX6rBJEq1imnFd5U1Znlovli6y8n8Lt3Y4k3R9veXWXMX8twLvsN5HSrHUm_2UUrCwJYlfOPJ7zJBYB7M-lHxCoEtbJKKWAphJoqSpLAqO_YbVqE9mVe1q0QqJFiWdqkYj1xC1vx0hFYOlidU7KbCp4Zgz-dcf1UnNauIaKnl7l-4G0MO3vdVUsPdYNGRe4OTIUvNRrRnR0T7G81IxWjFG404kgvs23411pWW9BM_3-GXGUCssFxsxY79PJkVyhIImv8uSVjTRlxg-T-YT213RnwMo_-mfMXiJUF4QErW7U_gcyYjDCHKIFt-Hdi1wR47HTPaIF6ceM8psP&sai=AMfl-YSfhOz3ljUjiptYdebHae4OlTQFX6PAC2BJ1fmlvdoGgF7FIJv-ubpnVaWphBlJ-sJ5sZCM__6DsBNkX-x8R-RxvUY_57gwqcJizQwJNQTK28xqJwIS46XZeYHrIaPq2kqPmzr93K7Zs8hw2lnQcY6lfPHm7XrUXlvSiRHvMRmGlNNy_F3OMv_WkDkaTvtVXahcDUSD4OGdMhI6N-pcSA&sig=Cg0ArKJSzDvnJnu7ynKuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1627&vt=11&dtpt=1051&dett=3&cstd=574&cisv=r20220914.93432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 11:53:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame 1533
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3860622918212326069&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3860622918212326069&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3860622918212326069&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 18 Sep 2022 11:53:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 1533
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a3a91de6-b11b-7128-fdd4-a7b21da86565&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5fe5a090-8256-49b7-b0bb-98ce88478fd1&ttd_puid=a3a91de6-b11b-7128-fdd4-a7b21da86565&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5fe5a090-8256-49b7-b0bb-98ce88478fd1&ttd_puid=a3a91de6-b11b-7128-fdd4-a7b21da86565&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5fe5a090-8256-49b7-b0bb-98ce88478fd1&ttd_puid=a3a91de6-b11b-7128-fdd4-a7b21da86565&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sync_before
tg.socdm.com/rtb/ Frame 1533 		0
0
3
cr-p3.ladsp.jp/cookiesender/ Frame 1533 		0
0
pixel
cm.g.doubleclick.net/ Frame 1533 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZjNmNlMmMtNzg2Yy0yZjhjLWU4MzQtZmQwYmQ3NGFhYjA1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1533
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnQPFsNtFqhT26TCEGBV_g&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnQPFsNtFqhT26TCEGBV_g&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Sep 2022 11:53:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHnQPFsNtFqhT26TCEGBV_g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 7E5C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XTwT9Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame CF77 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HuYQaA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5982 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8nhbfA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cframe.js
assets.a-mo.net/js/ Frame D039 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 11:53:16 GMT
via
1.1 a57d5b106eeca2cda8fd1ae27bc6a7d2.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
338
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 16 Aug 2022 15:29:37 GMT
server
cloudflare
etag
W/"b5a666dd0f7ba9330dd36461c34df0c8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
MEL50-C2
cf-ray
74c9e1567ddb5aac-MEL
x-amz-cf-id
5OP_ykNqM68QurjICzrVmnsV-K86XJtldGDYNtLiMbaZJLeurOCDnQ==
expires
Sun, 18 Sep 2022 12:53:16 GMT
async_usersync
ib.adnxs.com/ Frame 33A4 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 11:53:16 GMT
X-Proxy-Origin
103.209.254.52; 103.209.254.52; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4a71b6c3-03a5-46ca-841e-56d8ac7e4c27
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
sync.mathtag.com/sync/ Frame E942 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E942 		0
0
/
onetag-sys.com/match/ Frame E942
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7718648876189149939
0
0
tap.php
pixel.rubiconproject.com/ Frame E942 		0
0
pixel
cm.g.doubleclick.net/ Frame E942
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg1ByEkreSjXOzVGHbfqE7R0iC3QzKlXdyA
0
0
sync
ssbsync-global.smartadserver.com/api/ Frame E942 		0
0
711916.gif
id.rlcdn.com/ Frame E942 		0
0
/
onetag-sys.com/match/ Frame E942 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame E942 		0
0
/
onetag-sys.com/match/ Frame E942
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKvVW7t2V21kQvdY3Klx3zA&google_cver=1
0
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame E942 		0
0
/
onetag-sys.com/match/ Frame E942
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=5fe5a090-8256-49b7-b0bb-98ce88478fd1&gdpr=0&gdpr_consent=
0
0
sync
x.bidswitch.net/ Frame E942 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8AB7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=157479556674864&bg=!4uGl4aXNAAZqQh0mSkI7ACkAdvg8Wrf_jF6RSkm_ZB_H9sE_K2eDFNiXY5ZQY1_qg_2H6vfkBx3FdAIAAACQUgAAAAFoAQeZArqi4Gxc7nzXKJE5G6oDwZkm-ObMcD766GGjt5JbpJtFuI5ncrN0T3HEG9LU5wVEZlO4XVU2IZp-SAU2FWFqXRS7JJxgP9fLv8DbZ_AqfQ20yjedlMrLXe11IielmiEDyL7lX796k9tXoFd_MbDZto4MO4SyyHcqAZ_eWfg_IoYB8IZdJgGkNSm7nCMl-vmfay3khtzVckiRfRWj1ja4dborWVQHtk-aXbgwJZ3L-Of-R9T-Z4gQryNpqnTJSxVFuR7kk_tKfVa9pvHZSNVDbHdfANr-CGYL8llWJDFEL8ybtzaUEopNqKUT-vanpUhfUq5n3fvpGeG0YHCDu3LJroty45xqbqTD3q5EXyW169ElwIUsKnaHqK7rC2EwJ2Gt7bCwiuNhw4BqyYhYnHfoaWmQ_C0Z_krnjslEkTq5C6IFLu0-J_93AuTPPLGt2ivLD3l1Gpca5jUKVgGq518--PlHIJKdIc_YlQbbxteYYScNIvuAoTkNDbi8asDrO4mMTs5ajebjCtKD589zEv4FZL1DO9HvwF17jLhxsV6d5cDDP2fNMVzRlXt7N7jmq5FVYbbuSTdjAY4VCGvhtgiKKk1aAVFheWkffoQvmviwx7ywD4HjVYx1zueaSXAXwg_92B065WrmZp-2eSDp4VMEexzC5FauCC3LT1Lgf1DIqSO1xbOMSnQO8HNrtI8se_8z41MxZbi-6RQ56BIA4dGOQrBNJfSBuAchXm6LrCYZ_oqNlvICmBpwVW1_tDmwJJ5iXRMA5Bqu1jlvjBuszsmmMU9Z2AfRuHZm8FLwREyg03wbY5R_60FsARNXtatJqP0RarCHviqVNeFwwK9fEmflqWJZAHFkDYFxID_MAOFUR3U8XwY5pvairkkj9LugRbI0ByjbZfcYDqZFVC9_wsH25QQOjaMOyNSJaklXqg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/dian-zhi-dian-piao-2he-1cao-an-you-4da-xiao-yi-kai-fang-wai-ji-yi-gong-xiao-e-hui-dui-ye-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame C75D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
34ce94476f349b516dd451f87b36e7a7eebb922177343f7cd486acd6ad6714eb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 11:53:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:43 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62984
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9420
Expires
Mon, 19 Sep 2022 05:23:00 GMT
usync
id.a-mx.com/ Frame D039 		0
0
sync
x.bidswitch.net/ Frame D039 		0
0
occ
ups.analytics.yahoo.com/ups/58570/ Frame D039 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame D039 		0
0
cookie
cm.adform.net/ Frame D039 		0
0
sync
ssbsync-global.smartadserver.com/api/ Frame D039 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame D039 		0
0
usermatchredir
ssum.casalemedia.com/ Frame D039 		0
0
pixel
ap.lijit.com/ Frame D039 		0
0
getuid
ib.adnxs.com/ Frame D039 		0
0
setuid
ib.adnxs.com/prebid/ Frame D039 		0
0
ADMX
c.deployads.com/cs/ Frame D039 		0
0
setuid
ow.pubmatic.com/ Frame D039 		0
0
setuid
prebid-server.rubiconproject.com/ Frame D039 		0
0
generic
match.adsrvr.org/track/cmf/ Frame F11C 		0
0
ebda
eb2.3lift.com/ Frame F11C 		0
0
pixel
cm.g.doubleclick.net/ Frame F11C 		0
0
demand
eb2.3lift.com/sync/google/ Frame F11C 		0
0
setuid
px.ads.linkedin.com/ Frame F11C 		0
0
sync
x.bidswitch.net/ Frame F11C 		0
0
1097791720270791008201
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame F11C 		0
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame F11C 		0
0
c.gif
c.bing.com/ Frame F11C 		0
0
triplelift
b1sync.zemanta.com/usersync/ Frame F11C 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s0.2mdn.net
URL
https://s0.2mdn.net/5449675/1662958221883/null
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
tg.socdm.com
URL
https://tg.socdm.com/rtb/sync_before?proto=openx
Domain
cr-p3.ladsp.jp
URL
https://cr-p3.ladsp.jp/cookiesender/3
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7718648876189149939
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=oxDEINDl_WgNUPRbCYTMFavLfb1TC64igF-feWXONbQ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg1ByEkreSjXOzVGHbfqE7R0iC3QzKlXdyA
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKvVW7t2V21kQvdY3Klx3zA&google_cver=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=29&uid=5fe5a090-8256-49b7-b0bb-98ce88478fd1&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Domain
id.a-mx.com
URL
https://id.a-mx.com/usync?uid=c0a91e2b-f9c1-493b-83be-caedabbc8d01&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=adaptmx&user_id=c0a91e2b-f9c1-493b-83be-caedabbc8d01&gdpr=0&gdpr_consent=&us_privacy=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=c0a91e2b-f9c1-493b-83be-caedabbc8d01
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc0a91e2b-f9c1-493b-83be-caedabbc8d01%26bidder%3Dadform%26uid%3D%24UID
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc0a91e2b-f9c1-493b-83be-caedabbc8d01%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dc0a91e2b-f9c1-493b-83be-caedabbc8d01%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc0a91e2b-f9c1-493b-83be-caedabbc8d01%26bidder%3Dindex_rtb%26uid%3D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc0a91e2b-f9c1-493b-83be-caedabbc8d01%26bidder%3Dsovrn%26uid%3D%24UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc0a91e2b-f9c1-493b-83be-caedabbc8d01%26bidder%3Dappnexus%26uid%3D%24UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=c0a91e2b-f9c1-493b-83be-caedabbc8d01
Domain
c.deployads.com
URL
https://c.deployads.com/cs/ADMX?b=c0a91e2b-f9c1-493b-83be-caedabbc8d01
Domain
ow.pubmatic.com
URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=c0a91e2b-f9c1-493b-83be-caedabbc8d01
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=c0a91e2b-f9c1-493b-83be-caedabbc8d01
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1097791720270791008201&dbredirect=true&gdpr=0&consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1097791720270791008201&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/1097791720270791008201?gdpr=0&gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1097791720270791008201
Domain
c.bing.com
URL
https://c.bing.com/c.gif?xid=1097791720270791008201&Red3=TLMS_pd
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| ucf object| request string| paramsString object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias object| google_reactive_ads_global_state string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| google_ad_modifications number| google_global_correlator object| google_prev_clients number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| ggeac object| google_tag_data object| google_js_reporting_queue object| _qevents object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo undefined| google_measure_js_timing object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

53 Cookies

Domain/Path Name / Value
.aralego.com/ Name: sspid
Value: cdc96604-7645-3e3b-a5b2-32f807f7daff
www.bg3.co/ Name: __AP_SESSION__
Value: 9f03387a-4b23-43c2-bd85-c8738f6b6768
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: 771ac710-3748-11ed-a241-000d3aa1c75e
.adpushup.com/ Name: ap_usid
Value: 771ac711-3748-11ed-a241-000d3aa1c75e
.bg3.co/ Name: __gpi
Value: UID=000009cd279ff3db:T=1663501989:RT=1663501989:S=ALNI_MZBTc0Um2CrJmP9JYc28UQC_zwZpQ
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 700522bf-189c-4edf-a702-6f5a798f5698
.openx.net/ Name: i
Value: 700522bf-189c-4edf-a702-6f5a798f5698|1663501990
.rubiconproject.com/ Name: khaos
Value: L87A4UNU-11-2M0G
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKLYYc08CW4pCKB0+A8/5OamAvubeo8uWFRzTr9rTihUi5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
www.bg3.co/ Name: qcSxc
Value: 1663501990685
.onetag-sys.com/ Name: OTP
Value: oxDEINDl_WgNUPRbCYTMFavLfb1TC64igF-feWXONbQ
.quantserve.com/ Name: mc
Value: 632706a6-bd2b0-cf5ec-213c7
.bg3.co/ Name: __qca
Value: P0-1811075626-1663501990681
.teads.tv/ Name: tt_viewer
Value: f1a1c594-dc55-498a-a0da-fbe5806ed893
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwpo2cmQY4AUABSAEQpo2cmQYYAA..
.adnxs.com/ Name: uuid2
Value: 7718648876189149939
.prebid.a-mo.net/ Name: __amc
Value: 1_1663501990_1663501990
.a-mo.net/ Name: amuid2
Value: c0a91e2b-f9c1-493b-83be-caedabbc8d01
.prebid.a-mo.net/ Name: sd_amuid2
Value: c0a91e2b-f9c1-493b-83be-caedabbc8d01
.omnitagjs.com/ Name: ayl_visitor
Value: a18ffddc7d771de245484a57915bacb0
.doubleclick.net/ Name: IDE
Value: AHWqTUlFrdlrVxq0kOp2Arg2FHX0KJ5oQzdKeiT-6VXlTZuU2lfZx2j8mHOuNnAj56A
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1663501992.1.0.1663501992.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.725392520.1663501992
.casalemedia.com/ Name: CMID
Value: YycGqLxojSekcSNyIbgYZQAA
.casalemedia.com/ Name: CMPS
Value: 5317
.casalemedia.com/ Name: CMPRO
Value: 5317
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&00eb5ffa-cf2f-42e7-8d93-2d5a7f8a6981"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2398:u=1:x=1:i=1663501993:t=1663588393:v=2:sig=AQF8gDiXcWlIqpVV0HSuyvzJgG7SLpkZ"
.sharethrough.com/ Name: stx_user_id
Value: 2d3ef6d9-bd85-480e-aeed-5baf40890559
.yahoo.com/ Name: A3
Value: d=AQABBKkGJ2MCEH3dgYTImKIAQDvxOnjA-JgFEgEBAQFYKGMwYwAAAAAA_eMAAA&S=AQAAAjKX27EC_YtqYlJXzygWPXw
.bg3.co/ Name: __gads
Value: ID=7b4a7fa8791a6134:T=1663501989:S=ALNI_MZNL7OFltjqwLHvshb1iEzkQFoqeA
.ad-m.asia/ Name: uid
Value: 5vuCNIz5lH
.fout.jp/ Name: uid
Value: 3osO34Y9dC9uQSs02YNr4_mVyGE
.quantserve.com/ Name: d
Value: EC8BCQGQJ4EA
.media.net/ Name: visitor-id
Value: 3065035931534859000V10
.media.net/ Name: data-g
Value: CAESEMqthPcL_evvutNPqMl4vw8~~3
.adsrvr.org/ Name: TDID
Value: 5fe5a090-8256-49b7-b0bb-98ce88478fd1
.simpli.fi/ Name: suid
Value: 1EC78DCF93BB49888AA721027B3C8EE7
.yieldmo.com/ Name: yieldmo_id
Value: g4dd24cfb1adbd2cc18b%7C1663501994455%7C0%7C
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>1jwILj!]tbG8i_iqf!oN/@E'zz<*Z0Q5x:ImSJ]2!M+msxcskAk*VOFUW<@fZbqVjp<QG=%9sk@3@'s>T3WlM[
.media.net/ Name: data-ttd
Value: 5fe5a090-8256-49b7-b0bb-98ce88478fd1~~1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIwKKD78zdjDsQBRgFIAIoAjILCKS02Jjj3Yw7EAU4AQ..
.go.sonobi.com/ Name: __uis
Value: c1e86ae9-3071-4ad4-a118-a3da78b9052c
fksnk.com/ Name: AWSALBCORS
Value: FMyS8wrFP90YwTZckCT1lvUc6LlyzLEXy0Fc27DLnaYJMo7KGvugOQdQ1JroyMQ0BdSMkZUHb55UXZtHkhtpF2dZiECsuxYo35rMSc56fjp1oweT8kOEloxAwRBK
.fksnk.com/ Name: f_001
Value: 23579CD2F77E21FE
.fksnk.com/ Name: g_001
Value: 1
.turn.com/ Name: uid
Value: 3860622918212326069
.casalemedia.com/ Name: CMTS
Value: 4797
.zemanta.com/ Name: zuid
Value: ZfJgsLHbB4JDbGdlhFUR

4 Console Messages

Source Level URL
Text
network error URL: https://cdn.adpushup.com/42753/L2EvZGlhbi16aGktZGlhbi1waWFvLTJoZS0xY2FvLWFuLXlvdS00ZGEteGlhby15aS1rYWktZmFuZy13YWktamkteWktZ29uZy14aWFvLWUtaHVpLWR1aS15ZS13dS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://s0.2mdn.net/5449675/1662958233195/null
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37764eb65ec5a60cdb53450f3b65878b.safeframe.googlesyndication.com
4f9577117721942ea8053171d86ff1b8.safeframe.googlesyndication.com
5fc11ef87d23e5599d55f28144193363.safeframe.googlesyndication.com
a.teads.tv
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
assets.a-mo.net
b1sync.zemanta.com
bidder.criteo.com
c.bing.com
c.deployads.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.jp
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
d-27024444544096431478.ampproject.net
delivery.adrecover.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
image8.pubmatic.com
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
ow.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
r.turn.com
rtb.adxpremium.services
rtb.jp2.as.criteo.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync.aralego.com
sync.fout.jp
sync.go.sonobi.com
sync.mathtag.com
sync.teads.tv
tags.mathtag.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v9999.adv.admeme.net
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ap.lijit.com
b1sync.zemanta.com
c.bing.com
c.deployads.com
cm.adform.net
cm.g.doubleclick.net
cr-p3.ladsp.jp
eb2.3lift.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
image8.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
onetag-sys.com
ow.pubmatic.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
public.servenobid.com
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
ssbsync-global.smartadserver.com
ssum.casalemedia.com
sync.mathtag.com
tg.socdm.com
ups.analytics.yahoo.com
x.bidswitch.net
103.229.10.247
103.229.206.241
104.16.86.20
104.18.18.126
104.18.19.126
104.19.158.19
104.211.156.162
104.254.151.120
104.26.2.91
104.26.5.103
13.107.42.14
13.227.254.119
13.33.33.118
13.33.33.91
13.76.45.37
135.125.163.79
142.250.4.132
142.251.10.156
142.251.10.157
142.251.10.97
142.251.12.100
142.251.12.104
142.251.12.132
142.251.12.154
142.251.12.94
145.40.89.200
151.101.193.108
172.217.194.132
172.217.194.149
172.217.194.155
172.253.118.155
18.176.15.61
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.148
182.161.74.19
184.51.137.72
202.131.200.84
202.232.238.37
213.180.193.90
23.108.102.145
23.36.48.24
23.52.112.21
23.59.168.81
23.73.13.34
23.75.85.227
34.107.148.139
34.142.175.23
34.98.64.218
35.71.131.137
42.99.128.160
44.230.111.82
50.116.239.135
50.31.142.95
51.79.234.100
52.194.84.66
52.2.211.96
52.210.128.24
52.221.119.8
52.223.2.229
54.156.87.203
54.169.109.4
54.251.139.99
54.251.15.99
64.120.88.131
69.16.175.10
69.173.158.65
72.247.81.112
72.34.250.75
74.125.200.149
74.125.24.155
74.125.24.157
74.125.68.157
84.17.37.44
96.17.188.24
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02bb0f8d526a625c36cb9271d79f3051d2e467c1d026ca0fd03ee012c3ea73c2
04361c2e2103848faf3fb124b8e167fdbcd5a5d6dfde2a7e9f473358c3ff3151
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3
0739509500827c5a58ef7734cc1f88b808069259582e6ab66fae17cbb670c9c3
07e0ee90267d28062b4c5cf7bd7dc8bbd674f96a98c1130d9171c55df4587556
0808a6a9a35ebf7ca390964b57dd0a047fb2f8e4d105432d22117869b07335ef
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095348d33dfcfa5ed1de252a53bff7ecda596451ce782f98ad45970c44f6ca5e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09a778a2815952b81bc3890d7c1f088fd5eb7c19d9f8854b0d76c521a43403b6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cc355d2d5e8cfa8b8ea7ff3807274a012fbf4962b996bc19e3b8b59e8e7045e
0efbb7abbd1bc1fed259b6a136b6f4ac2d7041043d357cae353885a56d6f8d2c
0fa316a9b05961ed4d68109ff3e63a72f33c18792dca892c27bed1527a7b4add
104152f8c46d886355096a86e9f8cf65741b77ae686cae3a4b9d444a5ca7f7cc
10dac980230c7f65a861e1ac334f9606635254eabf53feb4759d0131955bd6ae
117348961be5b7d927b76ad1c822f5b0fad6e209b6aacf3bfca6d4e2e1b59788
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1673c2e2b86d16ac0dc7db467168697b45902ed53cd76b309a39f8a19001beff
1955d32dbe4d727cabd975dff9651d7beca9b7df4deb811e90e929adf6a1c5d0
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dde4d89a75f9700fa8ba6fbb4f4488244ea26372367e4f891b8d9f9c7fe61e9
1df583f7a7607409dded37533b97cc857c46874fc3f46552bffa3cdeab2dfa14
20ef0d0404e4822f6483958648bb42a50a00bf51775a9e4d99d56cddd12ba986
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
23cf10e6885b8282707433ff5398ea37d5e087ca0b4d4574ebb9749f23d39321
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
2bf920835a3187165abad20cb996dccfdcac82a641c895e3d985e913e68066e4
2e1c0bb7ca196b1387492ae02520d76e006e8912011ee954c873703dfd0897e5
2e9f641648d07fa7b1d0681c2dfd16202c42ede250d099a82f35ab994399eafc
2f259e77f75bb0df1b03b51533afd3703ea4d3e75e46648e5d38f26cdf1d7916
30be234a7ce66794d92c06f6644fe04d29734326d2632d916becb3bc9644e5b6
31027622fa367286d0775461327661597b6932085c2af50fa859abfe22fd3130
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
34ce94476f349b516dd451f87b36e7a7eebb922177343f7cd486acd6ad6714eb
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
39ad453724c0341ec9909ee08835a034afbde60d8c733bb97509683aa8692792
3a10e5fdd6f423bb8f50e19211eae63c55bed3349d13b7de6cadfb1c4a878b57
3a5369337015440669c4fdb52dba8c41268a5269feba5f9730ccef032edffeae
3ce15cc8a0d71dee6e6bc055f8f15394a1fc3ae595e78485a3071d7ba3d6a5fe
3d3d040ee5154175d259f21ee2ef15ccd21be7e002cd70e46c7c9adfb1a4e707
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e1a7a4f074a877c80b6e229243793abd6e343e8befb03397df5a8d9a46553e2
3fcc1cc10ccb611d9f46f040779b523c9a1789a20a50cc27cb50b872d146ed82
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4176c95f5e9e419402acf053466970fd4fbeb9d94dba441fd26dd078bee3a4e7
43a51d0ed9f4bc3b64308bf739927373c15d7f93a58981519afc5f15557cd61b
45d8a1c989f3fb759ada706bcba787b1d492dfce7b9f2494c9ca704aae6133b8
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
472a7c2ac11228f3c876f2b13dcf0b57f94ac0c4161d5f68573d6fe376d1f8bd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49be087f4acf697cae33b5fbc7b65e27eedd2609ec04e3fc59af075479bd5f5a
4a3dbb39f0de2eee97ee3cc17e0e2305aa6a997bca81846d9a087b56df85dd93
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
5052a0bb994869ce04f7f9fcfb29042ceb43c525f5503274d6777be2db4b5573
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53613565f94251410710ac2683b7a6980ef086102e3c3d4ae9e8430490ffd8dc
540b000a18ee1446ade50f214f0b84e6e2b5147e18a77dc6a55b072108bbfa23
543f41b8fb635c418fe3587fe0cab87e3085280b9fe6acaf547403926bec39fb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5d71727e905249799341f5011192dd189acb9cef7e985deb3c46d2e8977f2e43
5efc88d5c678c1def15682508678dc16cd658d3a1f870619fa950b86f2c4f3b3
5f103af862dbc349d20229dc4cffd985fed286f88b5cc2a36474c89af2d654a3
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634ce6ebcae68cecdd5e4fe82fb7745884b9ee2dbe59a51bc08e1da360cd39c3
63c002f10d5efc70357c0bba0fdf8d9a36e56b4d0658c9c5a2298c06c2ff90cc
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
669ef49375ab4988f89952a8c17a476c7b4c9e247f65f41852a39dc74f28e508
6997292db4f5eefb91b6df8a32cc33f382a9da74890b13d55d9b0263c46f736e
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c742f19b966859000b034c1f3447167db53ea75b70f5dec15158097ffe77b23
6c7eab735d57e197e9fa95ec01ff4b6daa407d0742a5eb9a599f23b29f24e331
6cabec65aaa7483e095c1c5ab582e793d085bc044c5b05a30f12d8f29a32bd0f
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d940c550686adac74ce7d51befa3cc2d5a2d0721c1a21d3e9114f5fa39c1c7b
6e1d3b4aa25b6f43c94dff01691f031bf5f96db6e48e78a4e68684db6f8f2388
6fd0eee7493842fde4c62599e3c791b9b30285b274c00da01fc61992b86c7cdc
70400c4b11fb52bc58088b6640cf50352f37a5845b0bdde050f58a9f8f7c30de
7042da90f5a0a08e27bd7ec34d32d4911923aa0d5a6f01fd2e025d89be9fdf4e
70b3b43bc3b6aad26d5d6e09884d430daf54b2ad9a94031848d11fb11503f32d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730e6765f06ea8155a55255cb267c0b90dc0a5039428ce09e0c8179d63c04a9a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
748917abe22241e86d07017f8f285739c7a10d6306d15d6fa0c83f3d0622cac8
76ea5fe7667fbfd485b50d289b37325d511af459eacbf94bc61ed7ac2188a17b
7aa0008a515b8631d48873598ff309b021b5340033c5136247c9665ec5786155
7c0b90fe6a2f1f5380a33c83ccd0fc9ead3520adfe057f55f784c12b49fab4be
7ffc2e6e6f036f16d52f62307d6da74d63835fec9b02153be38458137032d975
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8679779e3f67e29382568ab644aa2b19f0752260fca818c2ef873eaa08795d96
86807a7c95083b597b6fbdca9efa942b06a78088deaabbf1a65b91935e191e77
87ad65308e0ded65be49194040c5f3aba74890e35e63c63c1308e46e5c927da8
8955d4c8c1252120b349ddc292d72d3dd06a8e5f406de54561d60a95cbcde6ad
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ca7355a97dcbc2d8e877bf07cd353f88bf694edebfa98d1c173b09871df258a
8cf96c4dc7d3657d849b7451e7d8b3a1f35043d354c5ebaef09eb2b88d39d338
8d91ace74760051c7f4ac766aaf312087c1da2ac591f55ac9b7711c39aae9be7
8e22b99e056e8225a28ae70bcccd20808d7ce099106ad919f18c1df0a5514012
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db
91f9d271fdb7e6e30c73c7f8588def2cc70b7bc3222291bb7f5baa5adb270255
9221d239eed473f2582fe69ff95d224cc54fb32389cd0517908cbbf87ce42ca1
923bfe4249cc964c58e87df66b351ebb93c6fc54f658fda2c259e2ffc089ddd7
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92cf38050a7628764acdeb5cf06d516685fe812598746fbf087a2d6818338c03
95d897dd9cd9fa61b18e302cb7f55eb488c3160769ed19f272473e056a80c1f3
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
972129817e5284f4e50e3466e3c685815b87b03a3ee3b29cea56c65d90913ff5
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
98f47b8f3bd986c221797db915261a911d3ace69ee79558d480a8c9a2c65d44c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfb09346727b0acf83c70667e11ed4a2f804d266fc5d6bf3f59086d79073e84
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9d47f96bde187b905335eeb37e4fa883e10d8d016132d624fdb97a280ebca5e0
9eb6136fec19b0e959572aebca1d7e26da6d46152770b2dcaac37dc7cac50c4c
9fdc0510c02c1219ae8cb410037d1558bb09c59891578b0e32941b7b55971479
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198d447e8699f4cd4f65b590ed8bf2d3de7441580823006934b9be85b11023c
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a484760583bd34f81dbf838ba998f7fb975b40faacd58946e7ef0e6e49cd7313
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a9d5f885fb7fb6239cc249220ee273e416ddd243bb1acef38440f83cc3e1d66e
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aadb3043f0db277c623091028f7a4f24e1dd821aca8d3562bc0e976170dd5008
ab827c127c50743283dad7e2b7a3e13c08ece6108850e572c49c958ccc8bd38e
acae428518b2661de079e6abbdd5597fe5bba57703c9c32af0b706534155b9aa
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b07f0c3f5dea27e463cd289af341dcd87fa70362ee151111c69f316f837ec19b
b0c35de7e97c6845d33df6e448e10fc57a12dc9029159a609111c6032cc1889d
b129f1dd7105a42cd2ea92b547c43037b78bdebadbe88702d2bdbba84945a8c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41755e3a7cc48432803148379751a2c48f232364eec6098d6fb8f3cdfbaaa70
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b7ec7501fbd6db9b52b3ca4354b36be451f540c004742ffb504870a20bf824af
b9ee8da3c92ebe0984c6511146aaba266323f749fb3130d5473e14b745a22be0
beacf628aabb5948224efcee08de17f3451beae946d859e1f5a0a012755f350e
beb04705b4768996852ded7b4cef6e5fcd8bd57b76f289519c95a007d8ab7693
bfbb490f2c6a3cef278a65c36654bd765e2e03b896694ce64ec5c884753665de
bffbe10af19b2848ac863f352c3d68cc4192adc88e11382417132df6431c9d01
c42a59541a772b289eff3c064c5384333fb90630ae57a331d72b1f9d410f55da
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c86f041243bcea80e0315fc89fa78a1b81dbc3aec419b11af7302ea2eb3100c9
c9d2e42168ee2018278a694a4a54cddb3764d88b70cd893c9d6054382c212d11
cb83133ef54f55286a20892f5773c87ce09a499ecb954f0c2e2bbf2001940c5f
cd68ab2c2400c62b9c390599c3c5c3df6e417caf6891161d3ca96418a51fee2f
ce3e92d9ecc2694b3f0bba02a72f45b2a1ca2cc2b65d947c8faa9fa6be5ffbfd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2de4f717e2668e7dbbb5c06a32cea6a3400e57ef9699eb26b4fafe7d01fa115
dc6d22155685cb2460b2df388a97210a0bb29619cfe98630a2f23fcf6cc36b52
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0b749d12ca70250f97cc4aac7ac1b7f03445e60787ae9ace0d60d2d513cc4af
e2abfceccbe4dbb32e381cc2c03ae836956d4502de207f58d70062407b8503c1
e325e7ac2e5f7158a7ed69054a0a07a499f2af228d98fca31b039b875ae11e85
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e46313d662d9c1bf5b46fe88c69968cf97713e071247e3e3d8bcf4758e646179
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f035ceb2322f2e77ac9957293e398bb0cbaee03d93c86d52f1961c5be1c2db34
f1820a36574c0af92d6bc34bc72cc41f0e5f40abb8615506e03a0c3660cd78b3
f1dc8ab5d7d4ae2aab41d9e45458521a79bf9f7874068e3425c9dcac96488117
f247ff1a627759ccf64ef0a9accf46d41fe6ee5a9746088c33183a9d5c862a57
f358da8b27fda3cf2b3c07cf8aacc654f45c44db3291d67916e01299150adc1f
f50c6d2e2bc19ec73abb209755b1c0f443cf23e8050396c3281faf04dbc0ba0b
f8f5b1762fdc66b59cf1ec1bf095e7ca86b9518d4a61cf98e8863411a5d42e33
faf2d466f30a48422a08ea7190085dbc2e7a69ba7de73453622f8cf8b25307a4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e