urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-z...
Submission: On August 20 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 10 countries across 97 domains to perform 456 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
10 172.217.194.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
3 209.58.188.181 133752 (LEASEWEB-...)
12 104.26.3.91 13335 (CLOUDFLAR...)
44 74.125.24.156 15169 (GOOGLE)
15 64 172.217.194.156 15169 (GOOGLE)
2 74.125.200.97 15169 (GOOGLE)
2 74.125.68.100 15169 (GOOGLE)
8 74.125.24.155 15169 (GOOGLE)
1 74.125.200.94 15169 (GOOGLE)
3 172.253.118.156 15169 (GOOGLE)
2 19 142.251.10.154 15169 (GOOGLE)
2 13.33.33.27 16509 (AMAZON-02)
6 13.76.45.37 8075 (MICROSOFT...)
3 182.161.73.136 55569 (CRITEO-AS...)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 148.251.121.152 24940 (HETZNER-AS)
2 104.18.19.126 13335 (CLOUDFLAR...)
1 104.83.197.63 16625 (AKAMAI-AS)
1 182.161.73.145 55569 (CRITEO-AS...)
3 54.95.0.189 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
2 12 34.98.64.218 15169 (GOOGLE)
1 34.107.148.139 15169 (GOOGLE)
2 5 104.254.151.69 29990 (ASN-APPNEX)
1 4 145.40.89.200 54825 (PACKET)
1 52.51.102.69 16509 (AMAZON-02)
1 13.228.221.159 16509 (AMAZON-02)
1 5 51.79.234.100 16276 (OVH)
1 3 103.229.10.171 16509 (AMAZON-02)
1 13.227.254.2 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
6 74.125.68.132 15169 (GOOGLE)
12 184.25.248.23 16625 (AKAMAI-AS)
2 42.99.128.160 4637 (ASN-TELST...)
13 104.83.196.24 16625 (AKAMAI-AS)
1 32 142.251.12.132 15169 (GOOGLE)
5 142.251.12.154 15169 (GOOGLE)
9 142.251.12.103 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 142.251.10.95 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
1 142.251.10.138 15169 (GOOGLE)
3 142.251.10.113 15169 (GOOGLE)
1 74.125.24.113 15169 (GOOGLE)
4 11 104.18.18.126 13335 (CLOUDFLAR...)
1 2 23.36.49.63 16625 (AKAMAI-AS)
21 142.251.10.148 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
2 5 104.18.35.11 13335 (CLOUDFLAR...)
1 1 139.162.23.100 63949 (LINODE-AP...)
1 162.19.80.92 16276 (OVH)
2 2 54.243.184.83 14618 (AMAZON-AES)
2 2 13.251.107.224 16509 (AMAZON-02)
2 35.213.109.249 15169 (GOOGLE)
3 3 13.228.176.16 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
2 2 202.232.238.37 2497 (IIJ Inter...)
1 1 34.234.80.8 14618 (AMAZON-AES)
2 3 93.158.134.90 13238 (YANDEX)
1 1 103.229.206.240 30419 (MEDIAMATH...)
2 2 70.42.32.127 22075 (AS-OUTBRAIN)
4 9 35.71.178.8 16509 (AMAZON-02)
2 2 89.207.22.140 41041 (VCLK-EU-SE)
1 1 104.45.178.220 8075 (MICROSOFT...)
6 6 74.118.186.45 26120 (RHYTHMONE)
1 1 54.64.11.100 16509 (AMAZON-02)
1 1 52.68.209.218 16509 (AMAZON-02)
2 103.229.205.242 30419 (MEDIAMATH...)
6 23.36.48.24 16625 (AKAMAI-AS)
10 11 52.223.40.198 16509 (AMAZON-02)
2 3 103.231.98.196 62713 (AS-PUBMATIC)
2 4 69.173.158.64 26667 (RUBICONPR...)
1 1 13.227.254.65 16509 (AMAZON-02)
1 1 150.95.47.242 7506 (INTERQ GM...)
1 1 18.136.32.109 16509 (AMAZON-02)
1 23.44.1.2 16625 (AKAMAI-AS)
1 52.84.45.129 ()
1 5 23.15.148.136 16625 (AKAMAI-AS)
1 104.65.228.195 ()
2 2 52.74.162.2 16509 (AMAZON-02)
1 37.157.2.236 ()
2 2 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.101.194 ()
1 204.79.197.200 8068 (MICROSOFT...)
1 3 52.77.148.4 16509 (AMAZON-02)
1 1 50.116.239.135 ()
1 1 202.241.208.56 4694 (IDCF IDC ...)
3 23.44.0.196 ()
1 1 182.161.73.146 ()
1 52.203.75.132 ()
1 104.18.12.76 ()
456 76
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
10    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
cdn.ampproject.org
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
12    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
44    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
pagead2.googlesyndication.com
64    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
cm.g.doubleclick.net
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
2    74.125.68.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f100.1e100.net
www.google-analytics.com
8    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
adservice.google.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
d-33308842932164443182.ampproject.net
3    172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net
adservice.google.com.au
19    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
googleads4.g.doubleclick.net
2    13.33.33.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-27.sin2.r.cloudfront.net
adx.holmesmind.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    148.251.121.152 (Braunlage, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: egon
rtb.adxpremium.services
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
3    54.95.0.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-0-189.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
4    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.51.102.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-102-69.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    13.228.221.159 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-221-159.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
5    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
3    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    13.227.254.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-2.sin52.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
6    74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net
4f5d742c27d9c5efaa359a54b334c188.safeframe.googlesyndication.com
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
af572ee63eab6a874a02e62220a834c1.safeframe.googlesyndication.com
12    184.25.248.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-248-23.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
2    42.99.128.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-128-160.pacnet.net
qsearch-a.akamaihd.net
13    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
32    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
tpc.googlesyndication.com
5    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
www.googletagservices.com
9    142.251.12.103 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f103.1e100.net
www.google.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net
fonts.googleapis.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
1    142.251.10.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f138.1e100.net
encrypted-tbn0.gstatic.com
3    142.251.10.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f113.1e100.net
encrypted-tbn1.gstatic.com
1    74.125.24.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f113.1e100.net
encrypted-tbn2.gstatic.com
11    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    23.36.49.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-49-63.deploy.static.akamaitechnologies.com
sync.teads.tv
21    142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net
s0.2mdn.net
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
5    104.18.35.11 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    139.162.23.100 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li865-100.members.linode.com
a.c.appier.net
1    162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu
c.eu1.dyntrk.com
2    54.243.184.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-184-83.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    13.251.107.224 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-107-224.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
2    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
3    13.228.176.16 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-176-16.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    34.234.80.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-80-8.compute-1.amazonaws.com
fksnk.com
3    93.158.134.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    89.207.22.140 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin03-login-ds.dotomi.com
dclk-match.dotomi.com
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
6    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    54.64.11.100 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-11-100.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    52.68.209.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-209-218.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
2    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
6    23.36.48.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
cs.media.net
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    13.227.254.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-65.sin52.r.cloudfront.net
s.ad.smaato.net
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
1    18.136.32.109 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-32-109.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    23.44.1.2 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-2.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    52.84.45.129 (None, )

ASN- ()
public.servenobid.com
5    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    104.65.228.195 (None, )

ASN- ()
acdn.adnxs.com
2    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.2.236 (None, )

ASN- ()
cm.adform.net
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.101.194 (None, )

ASN- ()
p.adsymptotic.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
3    52.77.148.4 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-148-4.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
1    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
3    23.44.0.196 (None, )

ASN- ()
ads.pubmatic.com
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    52.203.75.132 (None, )

ASN- ()
cs.emxdgt.com
1    104.18.12.76 (None, )

ASN- ()
cdn.indexww.com
Apex Domain
Subdomains		 Transfer
82 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
4f5d742c27d9c5efaa359a54b334c188.safeframe.googlesyndication.com
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
af572ee63eab6a874a02e62220a834c1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
1 MB
77 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
630 KB
32 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
hblg.media.net — Cisco Umbrella Rank: 1470
contextual.media.net — Cisco Umbrella Rank: 537
warp.media.net — Cisco Umbrella Rank: 2128
lg3.media.net — Cisco Umbrella Rank: 3677
cs.media.net — Cisco Umbrella Rank: 1357
341 KB
21 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
430 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
5 KB
13 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
eus.rubiconproject.com — Cisco Umbrella Rank: 582
secure-assets.rubiconproject.com
token.rubiconproject.com Failed
26 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
12 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
e3.adpushup.com — Cisco Umbrella Rank: 17352
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
230 KB
13 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
103 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
us-u.openx.net — Cisco Umbrella Rank: 399
u.openx.net — Cisco Umbrella Rank: 705
jp-u.openx.net
3 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
5 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
4 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
217 KB
7 gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.gstatic.com
162 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
2 KB
6 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 634
ads.pubmatic.com
simage2.pubmatic.com Failed
image4.pubmatic.com Failed
image2.pubmatic.com Failed
25 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com
secure.adnxs.com Failed
33 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
3 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 816
s.tribalfusion.com — Cisco Umbrella Rank: 2148
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
216 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
3 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
bidder.criteo.com — Cisco Umbrella Rank: 759
dis.criteo.com
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 570
3 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
1 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 476
tags.mathtag.com — Cisco Umbrella Rank: 3512
1 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2470
1011 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 783
3 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
10 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
sync.teads.tv — Cisco Umbrella Rank: 1030
766 B
2 adsymptotic.com
p.adsymptotic.com
552 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2749
956 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
1 KB
2 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 59409
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 21847
1 KB
2 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2858
436 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 681
977 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 754
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
57 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1614
2 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
public.servenobid.com
4 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 369022
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
1011 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
493 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
10 KB
1 emxdgt.com
cs.emxdgt.com
67 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
862 B
1 turn.com
ad.turn.com
441 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 204
668 B
1 adform.net
cm.adform.net
c1.adform.net Failed
106 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 544
391 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 144971
392 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 740
711 B
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 157345
560 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3586
452 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2202 Failed
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3963
497 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4753
610 B
1 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5005
215 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15648
gocm.c.appier.net Failed
599 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
635 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7555
396 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 ampproject.net
d-33308842932164443182.ampproject.net
0 adroll.com Failed
d.adroll.com Failed
0 digitaleast.mobi Failed
euexchangesync.digitaleast.mobi Failed
0 brand-display.com Failed
dmp.brand-display.com Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 lijit.com Failed
ce.lijit.com Failed
ap.lijit.com Failed
0 yieldlift.com Failed
x.yieldlift.com Failed
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 gumgum.com Failed
rtb.gumgum.com Failed
g2.gumgum.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 rlcdn.com Failed
idsync.rlcdn.com Failed
0 taboola.com Failed
match.taboola.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 loopme.me Failed
csync.loopme.me Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 company-target.com Failed
s.company-target.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 admixer.net Failed
inv-nets.admixer.net Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
456 97
Domain Requested by
51 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
www.bg3.co
eb2.3lift.com
u.openx.net
44 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
adx.holmesmind.com
securepubads.g.doubleclick.net
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
32 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
securepubads.g.doubleclick.net
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
21 s0.2mdn.net www.bg3.co
googleads.g.doubleclick.net
s0.2mdn.net
13 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
ads.pubmatic.com
12 static.bg3.co www.bg3.co
11 match.adsrvr.org 10 redirects cdn.adpushup.com
11 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
9 www.google.com googleads.g.doubleclick.net
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 cs.media.net contextual.media.net
6 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
6 e3.adpushup.com www.bg3.co
5 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
5 www.googletagservices.com googleads.g.doubleclick.net
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
5 hblg.media.net googleads.g.doubleclick.net
www.bg3.co
5 onetag-sys.com 1 redirects cdn.adpushup.com
www.bg3.co
public.servenobid.com
5 ib.adnxs.com 2 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
public.servenobid.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
4 pixel.rubiconproject.com 2 redirects www.bg3.co
eus.rubiconproject.com
4 googleads4.g.doubleclick.net www.bg3.co
4 sync.1rx.io 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
4 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 prebid.a-mo.net 1 redirects cdn.adpushup.com
www.bg3.co
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ads.pubmatic.com contextual.media.net
ads.pubmatic.com
public.servenobid.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 an.yandex.ru 2 redirects www.bg3.co
3 pm.w55c.net 3 redirects
3 a.tribalfusion.com 2 redirects ads.pubmatic.com
3 encrypted-tbn1.gstatic.com 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 tags.mathtag.com 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
www.bg3.co
2 sync.targeting.unrulymedia.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 b1sync.zemanta.com 2 redirects eb2.3lift.com
contextual.media.net
2 sync.fout.jp 2 redirects
2 ipac.ctnsnet.com 2 redirects
2 y.one.impact-ad.jp 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
2 ads.yieldmo.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 s.tribalfusion.com 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 warp.media.net googleads.g.doubleclick.net
2 qsearch-a.akamaihd.net googleads.g.doubleclick.net
www.bg3.co
2 pixel.quantserve.com 1 redirects www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cs.emxdgt.com contextual.media.net
1 dis.criteo.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 jp-u.openx.net u.openx.net
1 tg.socdm.com 1 redirects
1 ad.turn.com 1 redirects ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 cm.adform.net www.bg3.co
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 match.sharethrough.com 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 s.ad.smaato.net 1 redirects
1 google.dap.fw-ad.jp 1 redirects
1 cc.adingo.jp 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 sync.mathtag.com 1 redirects ssum-sec.casalemedia.com
1 fksnk.com 1 redirects
1 c.eu1.dyntrk.com 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 encrypted-tbn2.gstatic.com 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
1 encrypted-tbn0.gstatic.com 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
1 www.gstatic.com 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
1 fonts.googleapis.com 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
1 af572ee63eab6a874a02e62220a834c1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 4f5d742c27d9c5efaa359a54b334c188.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-33308842932164443182.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 d.adroll.com Failed ssum-sec.casalemedia.com
0 euexchangesync.digitaleast.mobi Failed ssum-sec.casalemedia.com
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
0 ssp.disqus.com Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 ap.lijit.com Failed public.servenobid.com
0 ce.lijit.com Failed public.servenobid.com
0 x.yieldlift.com Failed public.servenobid.com
0 ssbsync.smartadserver.com Failed public.servenobid.com
0 g2.gumgum.com Failed public.servenobid.com
0 rtb.gumgum.com Failed ads.pubmatic.com
0 secure.adnxs.com Failed ads.pubmatic.com
ssum-sec.casalemedia.com
0 um.simpli.fi Failed ads.pubmatic.com
0 image2.pubmatic.com Failed ads.pubmatic.com
0 image4.pubmatic.com Failed ads.pubmatic.com
0 idsync.rlcdn.com Failed ads.pubmatic.com
0 match.taboola.com Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 dps.jp.cinarra.com Failed ads.pubmatic.com
0 sync-dsp.ad-m.asia Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
ssum-sec.casalemedia.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 c1.adform.net Failed ads.pubmatic.com
0 p.rfihub.com Failed ssum-sec.casalemedia.com
public.servenobid.com
0 beacon.lynx.cognitivlabs.com Failed ssum-sec.casalemedia.com
0 s.company-target.com Failed ssum-sec.casalemedia.com
0 token.rubiconproject.com Failed www.bg3.co
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 rtb.mfadsrvr.com Failed contextual.media.net
0 x.bidswitch.net Failed contextual.media.net
ads.pubmatic.com
public.servenobid.com
0 s.amazon-adsystem.com Failed eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
0 inv-nets.admixer.net Failed eb2.3lift.com
0 sync.inmobi.com Failed www.bg3.co
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
456 150

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.adpushup.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-27 -
2022-08-29		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.a-mo.net
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
c.eu1.dyntrk.com
R3		 2022-08-09 -
2022-11-07		 3 months crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 81 frames:

Primary Page: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Frame ID: 68345DF650A51B801B02D6498AAFEBE5
Requests: 93 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5F53F99647FB29D53D55E4B7C52A24CD
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0F1E90A357204B7F4F1C385220C52F36
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 55818691CA394F0D6F23BDFCC16B1F65
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C001D3A46ED1CCA08ECEEC95B08ED197
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 2ECACEB35DC3FA26E4F2D7E8D756B833
Requests: 7 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: A071DB3BE05E2960996501B082DBE644
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-927893838678301557&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2685&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=79006480&ga_cid=amp-Epwck7Yuhe_TSNkd9S-lMQ&ga_hid=6480&dt=1660974257326&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&bdt=4158&dtd=560&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: F73AD14777B78060B30D8DAFF3988982
Requests: 1 HTTP requests in this frame

Frame: https://4f5d742c27d9c5efaa359a54b334c188.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2FF108582CEC13B46D65882A88BED8A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Frame ID: 4304BA19E6B7130A4ADC2C61158369AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Frame ID: 1439843C6F51F666EA45831237CC6470
Requests: 16 HTTP requests in this frame

Frame: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C15BE9B094ED3302266348C05AEB134
Requests: 1 HTTP requests in this frame

Frame: https://af572ee63eab6a874a02e62220a834c1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: EC3CAA52C4D88B2BB90159156A89FCE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cabxzs3QAY4nLOdCIz7sPkaK1yAas1_3wZLT2qJPiC8CNtwEQASAAYKX4kYCQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoErgFP0MZO5GEpLTO2Pu1rby6FVVMFg2tKeo65hvm4i4-j26MXu7pyxXVPEm8usfo8qqTsyIh1thkM6h9FcXoBofDriRTPVip06Pd2SGcYrhn_VK9vsecS6uemkY8GZwuqhGmttBz2Q_uvSiQIHkMjuwMOJc5sB4fipA7cBkq9Bb8JbrmWVy9Ps_T5xvOvVrey38iLr3JZUd8lvBw4KXvolS2pM9O0xx97ZCZ7T84EWFWABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=4BNeMPaHIxA&uach_m=[UACH]&cid=CAQSKQCsnQUxifiR4EnBzosjgnA9NBuqyYBPEsJbix0E9kzPGxJei89SHwE-GAE
Frame ID: E11A68137651BFCBCF8EBE57713D63FF
Requests: 13 HTTP requests in this frame

Frame: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D5904DAFE81092E1EF3C90246B1D5089
Requests: 15 HTTP requests in this frame

Frame: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C48E7361FA35E96CC8C7EAA1A917EBD8
Requests: 15 HTTP requests in this frame

Frame: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1C256DA33B5D94A19187C2F9E0E1BAF3
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVvrvfuwO_EM8Yd8BUjVkgjL5OWPSkjskfsCsUchQsQlwl0RZLvHlTcplub4voXPDXsM48BEDVUXc9JTGfA1CiRcQgVQA
Frame ID: 2F7CDE0693B093CA37D02D4D9A32DB39
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVcRiI6_kkGCDZvMJxlyKyCNSe9kBX_lHz_ifc8QTYHPu59lShW8sSLan5aAurMK5_6A-AbVdrICB5FigOOmlBDQ7N6Iw
Frame ID: 6752017EEBD0CD0C0EE582403079B99F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23203A72C807105CE12056D9ABA13521
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE50D588415E53E30D3064941105401D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2B15C10142BD2A141EC3D0B81845E48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79AC7B69992AEEA6DEE0FFAD4D692434
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B77F252DFB4C0F4486F51974190403CE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C67B0C9FD143F457FF7C52FB1EDA5F9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3326211E805678589371705D0EA33385
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 6ED8C2E4FC82495E371922A1B7E30B96
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CDE5E6EEF6487A53FF10C300D0D07F88
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 88BAF05CFBF5EE5B585898037C71575E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9A0A38394F9B91AEF422457BC9BEC334
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F6256F296C03C956D6BE900BB2857B5F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
Frame ID: 62C92780FA45B9794892B8FAFF2B775C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A195E84B9529808DE5292830C8E2E102
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
Frame ID: AA928FB07CF852185D373AB20C7A882F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: 80A0B2EA3CE684D05E7F525BC2F742F7
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 55A76BDE5FDA03AF6088E7385E55ACD5
Requests: 4 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 028B853A456FBBC1B26F8E16793E28A4
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 99B98D9C31876169A50DDED6164F70D3
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 44B81020791BCF559AE9291413816A41
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660974258634
Frame ID: 85B80125D66EA3D8AC22C5C4449E4EB3
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 954CA1A953101FA150339FA6E309026C
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FA831827BD116275B3C4D81479968ED9
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: D4C2C0A8B74833A9EA8E09634B5B9825
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E6F6AE9543C4A9D29A0FB4F868C3E24D
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6E381EB28402FE228570529F50A717E9
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 866E54EB78174A4F2619EF0135505110
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3039758626822540000V10&type=rkt&refUrl=&vid=09742632553039758626822540000V10&ovsid=1975461764844743079
Frame ID: 4BD98A0D6E349C3CE3168C93613C1CA9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dpba%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3DPM_UID
Frame ID: E87E0A24C0FCC07BB0446207AF26AB59
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 73869107556A49CD1639BBBA15CDF98F
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BB595AF2-025F-409B-88EA-412B41F1E70A
Frame ID: B82A614B4E0FFEF7F549CB6EBD26049E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16216300-74b6-4a00-85ec-3230667a2662&gdpr=0&gdpr_consent=
Frame ID: 11F8A3F02C5E73802100B442640AF6E5
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YwB0uAAHvinZpwAK
Frame ID: B7A5EEE3EF0BFA698B3EDE07B89ED95E
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 29633D01E9B9FE5930D74765505D6719
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5AF41F1095C4D7F70D2A16DCE7C3119D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wqrsyxkp27p
Frame ID: 5EC3538812499686EE15255194FA86D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wXe0tAWi1Ophhs5&gdpr=0&gdpr_consent=
Frame ID: 94BB9B6CFC1511FACE426F59B9D8E857
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004&rndcb=334848583
Frame ID: 7E1A282E10D8CD99A07A3CBBD8FC7513
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=BB595AF2-025F-409B-88EA-412B41F1E70A
Frame ID: F895DC6A55EE95550EA08E0209C1F19F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E01071CFD5A381F269DC78D85383BFA8
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 03C6200FD46593B978A208E9E551D45E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8ddb717f789a42aeada1283a35a46b94
Frame ID: F75AD4A18CFFDFEAF5C66BDBCEE68DD8
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 8E4144273727C6D0CC1BD7E8DED2906B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: A627D0DA43E5DE98538473CEF2645FD0
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 30D4C0855208FFF9F66CBA8F352CE01E
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: E055E70FE26B8445E9D960F181241373
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f732461-c350-4431-a2ce-2484853ae446-tuct9f9fa38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 664396ADF89E2108BFF64A463ED4980E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=pba&refUrl=&vid=09742632553039758626822540000V10&ovsid=BB595AF2-025F-409B-88EA-412B41F1E70A
Frame ID: 248B3596328F2F41F25C9AB74A520C51
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 8C0D4A2C241DDE41893E04F8FA98A780
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 50395129F75F304FE75C521D083F2B9C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 0B7150CCEC79C6AE85B56EECF453657E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 164A201A991187CAB4C4F210E3D15907
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 3E150B367A4517B4825B37D29D395DE0
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 95AC1312D720FE98C9495839C44DD38C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A23E7824DBFB4F221EF89A971C1D7C4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A409284D17F395E8478B6503F82F2BB7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A0CA8A4EA5E8AFB364949EB189725AF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C32DC0BFC74057B3BA925C3EE89A040
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E4FEA2D30936B0142E3F08C3776317F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 18C8682BABB3A8A47ECE6A0058BDC1F7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 54B1CA1B8FB89E370607F55D595D8ACB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D02C8D22AB4B48B42752D595F8FC2701
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

要讓鎮民擁有幸福感 東港鎮民代表黃禎祥參選鎮長 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

456
Requests

67 %
HTTPS

0 %
IPv6

97
Domains

150
Subdomains

76
IPs

10
Countries

3862 kB
Transfer

10304 kB
Size

89
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 52
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974255779&bpp=14&bdt=1642&idt=1507&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2977440701192&frm=23&ife=1&pv=2&ga_vid=462990043.1660974257&ga_sid=1660974257&ga_hid=2024919939&ga_fc=0&ga_cid=amp-Epwck7Yuhe_TSNkd9S-lMQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1184&biw=1600&bih=1200&isw=336&ish=280&ifk=4087140527&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068738%2C21066430&oid=2&pvsid=1443283227394013&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zg2zskx7xfxp&fsb=1&dtd=1524 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 56
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974255797&bpp=11&bdt=1677&idt=1616&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2977440701192&frm=23&ife=1&pv=1&ga_vid=18097226.1660974257&ga_sid=1660974257&ga_hid=1262721355&ga_fc=0&ga_cid=amp-Epwck7Yuhe_TSNkd9S-lMQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3557188806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068738%2C31069029%2C21066430&oid=2&pvsid=3251581882486024&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xp46asvp43xc&fsb=1&dtd=1631 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 176
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDn8cn4oAEQ3AsY9wIyCMwylmbgI4OK HTTP 301
  • https://tpc.googlesyndication.com/simgad/7321642076629450800
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1&C=1
Request Chain 182
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwB0tZPh8AfnYMN3HnlXIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMzKR1zc2vzIugxv0jsQ3tc&google_cver=1
Request Chain 184
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNTkyNjI1NDUzOTMwMzc0NA%3D%3D
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJKACxCDSVSYe33j__ZnoOw&google_cver=1
Request Chain 186
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgxNDM5MjAtMmQwMi0yYmFlLWUwMGQtODI5MmVmZDQ4YjBi
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEh5r_UF97pkd0ATctkbCqU&google_cver=1
Request Chain 188
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTBiYTBkYTYtMDgxMi00NzFjLWFlNjMtMmMyODAwOWMzYmM5
Request Chain 208
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GRMu6371mnHdDLV6YakzvhQpG_NGxZVTyMfnY6T9-006DS8eqhDYdEic&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GRMu6371mnHdDLV6YakzvhQpG_NGxZVTyMfnY6T9-006DS8eqhDYdEic%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GRMu6371mnHdDLV6YakzvhQpG_NGxZVTyMfnY6T9-006DS8eqhDYdEic&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GRMu6371mnHdDLV6YakzvhQpG_NGxZVTyMfnY6T9-006DS8eqhDYdEic%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 209
  • https://a.c.appier.net/gcm?google_gid=CAESEDbBGY_ohpV28_xop9eLsDY&google_cver=1&google_push=AehlK4D9CCbmlBOZCk1_ntfedmbXyIm6xcTDbnEz4g8Wyub_nJHRgf_YbEzMa4zlFNaZwoQKd8aO2A_9sK4YSosTpE9NVjEYsNRd2ZjM_KCtAInjgVt03HbdFg48E3Pi3hCW30vJPAamq3iseJIeYLJdq4g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UzZtTC0yVU9EMVNqT0RheXRuUUFZdw%3D%3D&google_push=AehlK4D9CCbmlBOZCk1_ntfedmbXyIm6xcTDbnEz4g8Wyub_nJHRgf_YbEzMa4zlFNaZwoQKd8aO2A_9sK4YSosTpE9NVjEYsNRd2ZjM_KCtAInjgVt03HbdFg48E3Pi3hCW30vJPAamq3iseJIeYLJdq4g
Request Chain 211
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAw71mgh89urcL4QPK9lbWw&google_cver=1&google_push=AehlK4CEhH9Y72uoIEvOXFlm3CRbRIiMR4Iis7SrwNlFaHJEK4szovJAxRmc-Nd_tIR3RnsXX8PwbOgRKlJOVJFP6wvlpqmQ_RskFBYKxt8AAnNwX7LcBX3w2Vg9ejdjjzkO1itIiduVP-L3cGA1SxvERQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aQFb4wAVQVlNE1Vbf-jWSK310SE&google_push=AehlK4CEhH9Y72uoIEvOXFlm3CRbRIiMR4Iis7SrwNlFaHJEK4szovJAxRmc-Nd_tIR3RnsXX8PwbOgRKlJOVJFP6wvlpqmQ_RskFBYKxt8AAnNwX7LcBX3w2Vg9ejdjjzkO1itIiduVP-L3cGA1SxvERQ
Request Chain 212
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELQ6xklS2hZBYlfiFCpuYtU&google_cver=1&google_push=AehlK4DCKezacPP2O03VWnWaGSnkrfldSc3BDsw-S25F8vZBRUeBm93tlPl1RrxI4pY0RO8C9atKqZQGyu7k-BXNZvpJ0m1RCPHkg7a7CTnu2CDN7qUZ_up7-LSI1qYmU76SaCR0z1QF-eZIwJMRysnLIeA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DCKezacPP2O03VWnWaGSnkrfldSc3BDsw-S25F8vZBRUeBm93tlPl1RrxI4pY0RO8C9atKqZQGyu7k-BXNZvpJ0m1RCPHkg7a7CTnu2CDN7qUZ_up7-LSI1qYmU76SaCR0z1QF-eZIwJMRysnLIeA
Request Chain 213
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEB7QAHSjXgddlClIVQ0d_0Y&google_cver=1&google_push=AehlK4AGb1b6OlpxJAjNMfBCyZAM2sWgRN_1m03vZ21eIiLsUNg7QVqeaC8f-21TQnf8-7v_cFrdXBMFL9PWiirMJ19zfw2tJGC6iBdASqxtMGbVh8itz3xHk6gmvvpdlXsk6iWK459vqif79h-_ZO-NA-M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AGb1b6OlpxJAjNMfBCyZAM2sWgRN_1m03vZ21eIiLsUNg7QVqeaC8f-21TQnf8-7v_cFrdXBMFL9PWiirMJ19zfw2tJGC6iBdASqxtMGbVh8itz3xHk6gmvvpdlXsk6iWK459vqif79h-_ZO-NA-M&google_hm=ZzlmODM4ZmM1MTJhN2VkMzUyZWY=
Request Chain 217
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI6H7_DK6_r8OA-WEFXdQyI&google_cver=1&google_push=AehlK4CRgA5qSYqk50I1UrDj5gwaydhSwC7LmWoQynYD8wDbuiWopYJZ4Z-GhEg7mcF4YI2sUhgiwNV74bKWgl413uDofrC8uLsbH99NoycW-hMLJYHLs1snIv8g_kTpfGjrgqSboQE8Rw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI6H7_DK6_r8OA-WEFXdQyI&google_cver=1&google_push=AehlK4CRgA5qSYqk50I1UrDj5gwaydhSwC7LmWoQynYD8wDbuiWopYJZ4Z-GhEg7mcF4YI2sUhgiwNV74bKWgl413uDofrC8uLsbH99NoycW-hMLJYHLs1snIv8g_kTpfGjrgqSboQE8Rw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d1hlMHRBV2kxT3BoaHM1&google_gid=CAESEI6H7_DK6_r8OA-WEFXdQyI&google_cver=1&google_push=AehlK4CRgA5qSYqk50I1UrDj5gwaydhSwC7LmWoQynYD8wDbuiWopYJZ4Z-GhEg7mcF4YI2sUhgiwNV74bKWgl413uDofrC8uLsbH99NoycW-hMLJYHLs1snIv8g_kTpfGjrgqSboQE8Rw
Request Chain 218
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF3ULOjhzeaJgrdeVe_0wnEYsAvFAF0_XRtQWAp3T3g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF3ULOjhzeaJgrdeVe_0wnEYsAvFAF0_XRtQWAp3T3g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF3ULOjhzeaJgrdeVe_0wnEYsAvFAF0_XRtQWAp3T3g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF3ULOjhzeaJgrdeVe_0wnEYsAvFAF0_XRtQWAp3T3g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 219
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEHmoc8V_Uj01yOu54chvit4&google_cver=1&google_push=AehlK4B7lkMALvz8O2JaR_F5-SNGSowpkPNEpQfSBBfaw6038w3mVfpI8tagZbhrv1J_j3YT2AEMVyan_61FEMp_8SoV7h1a3ASOoReS_PbA8lAoS5r2wYU_3qO_H5Y5Dp_O1Ua43E1t HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4B7lkMALvz8O2JaR_F5-SNGSowpkPNEpQfSBBfaw6038w3mVfpI8tagZbhrv1J_j3YT2AEMVyan_61FEMp_8SoV7h1a3ASOoReS_PbA8lAoS5r2wYU_3qO_H5Y5Dp_O1Ua43E1t&google_hm=-XES3AxEQ0eOQSu-nB0u2SE
Request Chain 220
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEOGm8awZHrw3ieF-pn-8Zb4&google_cver=1&google_push=AehlK4CbT2qhcIJw_2vHIISqXgAuKxZtRy-ec3_LRRxo2sxTU_dVnBQYmDk-BuNxCbPlB_UuGhlc5ouzqRXWigq2tA7B6PKiOms86ymo_Q8qXvr_YIYL7GhJrd2n1a8JEozklY8iMyl0gg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4CbT2qhcIJw_2vHIISqXgAuKxZtRy-ec3_LRRxo2sxTU_dVnBQYmDk-BuNxCbPlB_UuGhlc5ouzqRXWigq2tA7B6PKiOms86ymo_Q8qXvr_YIYL7GhJrd2n1a8JEozklY8iMyl0gg&google_hm=c3hXN3JqV1RFcVNHQWhYanFnUG5pRUhCbWo0&from_google=sp1
Request Chain 221
  • https://fksnk.com/cs/google?google_gid=CAESEJipcZr6KJ9yCydgVfaERlY&google_cver=1&google_push=AehlK4DLmLNrgjpGgbKUvTxXlgbV5bgk1KrEarytJPq-1PRdPEHBkTrQ7JWB6Pj8EMuaS1KeI8UQlFB1cSwd_LtThpVcR3AOkE4O96zLLg1Fmphf9S9hQ9aIfw370vxLomaz0-GsrhNoLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjE4QkIyM0QxRUU4RDIyQQ==
Request Chain 223
  • https://an.yandex.ru/mapuid/google/CAESEHDym3Xfa-FifKC093yLa6g?ext-param=AehlK4CAEdrjc0yXC6cKiHGpdwABPwcS-wpcUKmrXGOb6bieG-LwoJO-HAgrC0X7F-oa7kTFjO35-8Z7L0w2X309-xiLAWRzPigM0_91Q6gTnPdX0tRQ6J2bFi2G7Lvga33galSEZ4uRMdU&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEHDym3Xfa-FifKC093yLa6g?redir-setuniq=1&ext-param=AehlK4CAEdrjc0yXC6cKiHGpdwABPwcS-wpcUKmrXGOb6bieG-LwoJO-HAgrC0X7F-oa7kTFjO35-8Z7L0w2X309-xiLAWRzPigM0_91Q6gTnPdX0tRQ6J2bFi2G7Lvga33galSEZ4uRMdU&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEHDym3Xfa-FifKC093yLa6g&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 231
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHQWEcnPEuAkPLVk465sJV4&google_cver=1&google_push=AehlK4Bk_PZe7yIHRI8vnuki8pb6EJWUAoW3jlWdxLkgJJ_Dk2o6URzK-21sCKfigGnoC0AKynn12AjpQa0U-TfyrMISIR2DHt_N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4Bk_PZe7yIHRI8vnuki8pb6EJWUAoW3jlWdxLkgJJ_Dk2o6URzK-21sCKfigGnoC0AKynn12AjpQa0U-TfyrMISIR2DHt_N
Request Chain 232
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAIovLYeNoYvaThqqRwzaFI&google_cver=1&google_push=AehlK4AktMEE1EICx4MorTaEmmfvsiXVcpBNc9fQoQrUF2nZj2C8tamGoEnPh_YYj88pAyBOOzl8etAlHUvuHeBiIzflDcN1nmNe HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAIovLYeNoYvaThqqRwzaFI&google_push=AehlK4AktMEE1EICx4MorTaEmmfvsiXVcpBNc9fQoQrUF2nZj2C8tamGoEnPh_YYj88pAyBOOzl8etAlHUvuHeBiIzflDcN1nmNe&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4AktMEE1EICx4MorTaEmmfvsiXVcpBNc9fQoQrUF2nZj2C8tamGoEnPh_YYj88pAyBOOzl8etAlHUvuHeBiIzflDcN1nmNe&google_hm=V1hnVWN6cWlITFlxVHlxR0NzUEc=
Request Chain 233
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAw71mgh89urcL4QPK9lbWw&google_cver=1&google_push=AehlK4CD5qF7Yb4wjUnUKl0QMMUh-u3dRxtsiAz156SuFpquVCaDnwJv3gGj8tiAnGiLoJ62foX6p6NO6Finq0muSVnW46JKBaA6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1fsb_4LITzFVK7fqptfW0a310SE&google_push=AehlK4CD5qF7Yb4wjUnUKl0QMMUh-u3dRxtsiAz156SuFpquVCaDnwJv3gGj8tiAnGiLoJ62foX6p6NO6Finq0muSVnW46JKBaA6
Request Chain 234
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJIx59iTaYiXKwSP2-IAgYY&google_cver=1&google_push=AehlK4CvzYEn2s8DPAE86KhkMQ8oAs4tDxmmgtkSoLWibAymVfE6u3SUVwAE_NrKpqsw5v1XVXr5johALS2FFIIKyPU3wdRXIUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJIx59iTaYiXKwSP2-IAgYY&google_hm=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&google_nid=index&google_push=AehlK4CvzYEn2s8DPAE86KhkMQ8oAs4tDxmmgtkSoLWibAymVfE6u3SUVwAE_NrKpqsw5v1XVXr5johALS2FFIIKyPU3wdRXIUw
Request Chain 235
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEB7QAHSjXgddlClIVQ0d_0Y&google_cver=1&google_push=AehlK4AZ37S7obDoc98A84tqusEj8kJVhPy-uhPKbf1i9ejmtwVZQ-LVFg65TfFje49KUqO7MkXrKlsl0okFYTo03y_VeL9C1vg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AZ37S7obDoc98A84tqusEj8kJVhPy-uhPKbf1i9ejmtwVZQ-LVFg65TfFje49KUqO7MkXrKlsl0okFYTo03y_VeL9C1vg&google_hm=ZzEwYmIxZDdjYjYxYzQ1ZjM0YjI=
Request Chain 236
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENdpiGn1B3mJ-tDZrjabYTg&google_cver=1&google_push=AehlK4CWdbyrP1uvsS1BiGg5Hnjmd7hNxswh6bX1UtVMJLhK3Ekz_1c20rdps5cDOJVj8sulh54WoAbuHbF80lBoJrTFZAi9_ng HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CWdbyrP1uvsS1BiGg5Hnjmd7hNxswh6bX1UtVMJLhK3Ekz_1c20rdps5cDOJVj8sulh54WoAbuHbF80lBoJrTFZAi9_ng&google_gid=CAESENdpiGn1B3mJ-tDZrjabYTg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D&google_push=AehlK4CWdbyrP1uvsS1BiGg5Hnjmd7hNxswh6bX1UtVMJLhK3Ekz_1c20rdps5cDOJVj8sulh54WoAbuHbF80lBoJrTFZAi9_ng
Request Chain 237
  • https://sync.inmobi.com/gob?google_gid=CAESEBZfSX7IBECshRB0BkKeSsI&google_cver=1&google_push=AehlK4Cvt2nfb7UafH8Eak_zClFZl7UDmZLt0rVNfwgTl7wEkeA7EiTyxCMV-5AzVLClQtndTIPvKxMHR1hyq5jglcTt4HOEZrrIwQ HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4Cvt2nfb7UafH8Eak_zClFZl7UDmZLt0rVNfwgTl7wEkeA7EiTyxCMV-5AzVLClQtndTIPvKxMHR1hyq5jglcTt4HOEZrrIwQ&gdpr_consent=&gdpr= HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOF2ym3GvyhqheCBhZLTn6v7B_xIC_LYtCr9TTTA&google_push=AehlK4Cvt2nfb7UafH8Eak_zClFZl7UDmZLt0rVNfwgTl7wEkeA7EiTyxCMV-5AzVLClQtndTIPvKxMHR1hyq5jglcTt4HOEZrrIwQ
Request Chain 247
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ5yrcJQ6Uw6Lo9AtYAeCOM&google_cver=1&google_push=AehlK4BjdpFIomX8Qknd7vT_-xC4cIFl9saYYeZcLNhllATUHWgT-jJCyLrGpihy1Y-Qpz9wABb1jvJXVK6s682jyUFv-BIO44Hy-ULzOgcaNwedeNX7J56cI4XHvEity5ifS7Q_4dw6sb83 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=424dd8f4dd8e1ffe&is_secure=true&networkId=14000&version=1&google_gid=CAESEJ5yrcJQ6Uw6Lo9AtYAeCOM&google_cver=1&google_push=AehlK4BjdpFIomX8Qknd7vT_-xC4cIFl9saYYeZcLNhllATUHWgT-jJCyLrGpihy1Y-Qpz9wABb1jvJXVK6s682jyUFv-BIO44Hy-ULzOgcaNwedeNX7J56cI4XHvEity5ifS7Q_4dw6sb83 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJpBgGiEtWegMLOD9oAAAAAAA&expiration=1661060663&google_cver=1&is_secure=true&google_gid=CAESEJ5yrcJQ6Uw6Lo9AtYAeCOM&google_push=AehlK4BjdpFIomX8Qknd7vT_-xC4cIFl9saYYeZcLNhllATUHWgT-jJCyLrGpihy1Y-Qpz9wABb1jvJXVK6s682jyUFv-BIO44Hy-ULzOgcaNwedeNX7J56cI4XHvEity5ifS7Q_4dw6sb83
Request Chain 248
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEFFXLCeBK2XFNpUVv3gxtPw&google_cver=1&google_push=AehlK4CphzjA_7S4BIEWN_-h-U3rxnF6jU6PXYSkEmcU5LTxd3KTPgd0MCIqxiSXM5XFxyIzHgeOQNuzT_9aHT06h-UO7C8xhiAj8axshU_ki1E2OC3766AESE_jplt_FmG7jWcsei8icklm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4CphzjA_7S4BIEWN_-h-U3rxnF6jU6PXYSkEmcU5LTxd3KTPgd0MCIqxiSXM5XFxyIzHgeOQNuzT_9aHT06h-UO7C8xhiAj8axshU_ki1E2OC3766AESE_jplt_FmG7jWcsei8icklm&google_hm=jdtxf3iaQq6toSg6NaRrlCE
Request Chain 249
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJFFhpsC3O1CjJxxGH4zLIM&google_cver=1&google_push=AehlK4ADx8jFe2DcOgUdlACJ535mB3uoRObBFolyCHCoJhVzqCl3uRdaNubgCzD8Lsl_NIApfrdNo7HsJPx8cNk-tbO9n8jyQk-SD_auMpTmDV75EaX6sNHCke3sEtaOWPbXZYPsjpBxwQrJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjgxZGQ4OGYtNGQ2YS00OWNlLWIyNDEtZTViMDI2NjU0YzM0&google_gid=CAESEJFFhpsC3O1CjJxxGH4zLIM&google_cver=1&google_push=AehlK4ADx8jFe2DcOgUdlACJ535mB3uoRObBFolyCHCoJhVzqCl3uRdaNubgCzD8Lsl_NIApfrdNo7HsJPx8cNk-tbO9n8jyQk-SD_auMpTmDV75EaX6sNHCke3sEtaOWPbXZYPsjpBxwQrJ
Request Chain 251
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGEbC3erQjJkLETtS1zEWhA&google_cver=1&google_push=AehlK4DxiRZHXQ59I6k3ok5hWjiMXn8zuOPKzlAn-4F2l-mnCJbMYexSD6nSp3QtV7ofimOYklKmtJbCeQbJRyxSfa-R4igNaSkZMHvBwGfvYkB02_6W3KK36mjcgwDOxX0vNf7Chzis0Q09 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4DxiRZHXQ59I6k3ok5hWjiMXn8zuOPKzlAn-4F2l-mnCJbMYexSD6nSp3QtV7ofimOYklKmtJbCeQbJRyxSfa-R4igNaSkZMHvBwGfvYkB02_6W3KK36mjcgwDOxX0vNf7Chzis0Q09&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1660974262750 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4DxiRZHXQ59I6k3ok5hWjiMXn8zuOPKzlAn-4F2l-mnCJbMYexSD6nSp3QtV7ofimOYklKmtJbCeQbJRyxSfa-R4igNaSkZMHvBwGfvYkB02_6W3KK36mjcgwDOxX0vNf7Chzis0Q09%26google_hm%3DBOvuXKzszEHZu2FrBVbp9AY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DxiRZHXQ59I6k3ok5hWjiMXn8zuOPKzlAn-4F2l-mnCJbMYexSD6nSp3QtV7ofimOYklKmtJbCeQbJRyxSfa-R4igNaSkZMHvBwGfvYkB02_6W3KK36mjcgwDOxX0vNf7Chzis0Q09&google_hm=BOvuXKzszEHZu2FrBVbp9AY
Request Chain 252
  • https://cc.adingo.jp/adx/push/?google_gid=CAESECNab--IBVE-8ifvPuyeJkU&google_cver=1&google_push=AehlK4DajHiPbWWCbTzXA4Ohu_rdB36Eq7mh4R3-u7YNhy9YJtxi8AG18WVmpk77uMZCsNqPx6vsEG3ABha3DqhUuIJZfy81vftbNEVh_mm9vVPlooPh78O_vOWEQu_D4hWwqqAs2B9BXZU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DajHiPbWWCbTzXA4Ohu_rdB36Eq7mh4R3-u7YNhy9YJtxi8AG18WVmpk77uMZCsNqPx6vsEG3ABha3DqhUuIJZfy81vftbNEVh_mm9vVPlooPh78O_vOWEQu_D4hWwqqAs2B9BXZU&google_hm=0d83bee23854111be6463c9a893ea3fd
Request Chain 253
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEJl34IFr8P5qJ6ivjgl7oS8&google_cver=1&google_push=AehlK4CaIzGis0mqwTppsB81PxdBly9kOwurcCJEW9JpGdcqvvwcSl5moc4NKsCC8nLkyXnK-ZLcIFb9pFMz0SmoE7x_xWY3DVjC7ybCf23163wlKDiLYj-LkOBgcsntaka4kQOF-KTJ9WXX1g HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AehlK4CaIzGis0mqwTppsB81PxdBly9kOwurcCJEW9JpGdcqvvwcSl5moc4NKsCC8nLkyXnK-ZLcIFb9pFMz0SmoE7x_xWY3DVjC7ybCf23163wlKDiLYj-LkOBgcsntaka4kQOF-KTJ9WXX1g&google_hm=N2RjNThmNGEtNGNmZi0zZTU4LWJmZDItNzA1MzUzNDc1NGVk
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzOTc1ODYyNjgyMjUyNTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
Request Chain 261
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ca4929bf-f82d-4a49-b123-cb61a9b2d3c7
Request Chain 262
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEBSktDb1WBVwU0TVDwg0seA&google_cver=1&google_push=AehlK4D3XBoNZLuIOGOZSR3bdMrUFB-uGVqF4wg_ILakG4XPyJv2GL_eBAZlj3iykoy31kP0mJ0gqP3sOT2WT5p9xo3DeBvI6z2oqjGNYEXEudu-22T_wjACqmTHRSSjHgANTv4-w6UbAzdZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4D3XBoNZLuIOGOZSR3bdMrUFB-uGVqF4wg_ILakG4XPyJv2GL_eBAZlj3iykoy31kP0mJ0gqP3sOT2WT5p9xo3DeBvI6z2oqjGNYEXEudu-22T_wjACqmTHRSSjHgANTv4-w6UbAzdZ&google_hm=&from_google=pc1
Request Chain 263
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHaQqD4HMvlvCzQ5FXy19Gk&google_cver=1&google_push=AehlK4BUaTOHrqcbgmnylVi_LyoZk38ppXIsENjEh7_mtu0kldWLzRUKhixZWadg_b8Ye-HIup4vZOFXoq8i8xraCnaD_OXaRuqPdqvDBdNLmzZWR4GLEfTmZJMsq0WmPgksddQLXlo_lxw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHaQqD4HMvlvCzQ5FXy19Gk&google_cver=1&google_push=AehlK4BUaTOHrqcbgmnylVi_LyoZk38ppXIsENjEh7_mtu0kldWLzRUKhixZWadg_b8Ye-HIup4vZOFXoq8i8xraCnaD_OXaRuqPdqvDBdNLmzZWR4GLEfTmZJMsq0WmPgksddQLXlo_lxw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u1la8gJfQJuI6kErQfHnCg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BUaTOHrqcbgmnylVi_LyoZk38ppXIsENjEh7_mtu0kldWLzRUKhixZWadg_b8Ye-HIup4vZOFXoq8i8xraCnaD_OXaRuqPdqvDBdNLmzZWR4GLEfTmZJMsq0WmPgksddQLXlo_lxw
Request Chain 264
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJk3Gd2w9BOhJyC5f1sDIb0&google_cver=1&google_push=AehlK4BdhZYiVe_1lWZXdfb3DeeCCoIf4Gz85sCQUDPcGB3bpE7QA4y645kms2WfxrSf4A1LLDY0kfLLwnl7CQOVzxv9ZBV4xARvG_6RxMpxxThPEazYoGp8eViF9xkjJKrJ9Z3GaBoF1QK0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcxSDZTRE8tMTEtNVhTSg==&google_push=AehlK4BdhZYiVe_1lWZXdfb3DeeCCoIf4Gz85sCQUDPcGB3bpE7QA4y645kms2WfxrSf4A1LLDY0kfLLwnl7CQOVzxv9ZBV4xARvG_6RxMpxxThPEazYoGp8eViF9xkjJKrJ9Z3GaBoF1QK0
Request Chain 265
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEJjQ3XExCR9Kch8BwyyNIg&google_cver=1&google_push=AehlK4BJAoHwZifxUM1zGQf2FtBfqmjrdW9r_B-Uq8VyuPmy7erBhGcmMHmga05SZVLUROJLSJqr44UYQE8tHG1XUNrm8BE-FeAV55G_cbR6doM-QZXvlxEuZyFcoXfZF4d794rQJCRFZPQA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=862d37ee&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4BJAoHwZifxUM1zGQf2FtBfqmjrdW9r_B-Uq8VyuPmy7erBhGcmMHmga05SZVLUROJLSJqr44UYQE8tHG1XUNrm8BE-FeAV55G_cbR6doM-QZXvlxEuZyFcoXfZF4d794rQJCRFZPQA
Request Chain 266
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEGZwgtNizYFeqVnHUPsXKLA&google_cver=1&google_push=AehlK4D08xcPq1weoQNEWOivRhxUPPcTUQ91Ul2mGVouciB2KQMsCatd_JeANyKTtbcnnY7pPfWv2_e3mFDBl5z297pWNAmHaSKO5C2A9eaqMmxsBqIEgScxpitjWTaJ9XCT4TTaYyRafWNH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4D08xcPq1weoQNEWOivRhxUPPcTUQ91Ul2mGVouciB2KQMsCatd_JeANyKTtbcnnY7pPfWv2_e3mFDBl5z297pWNAmHaSKO5C2A9eaqMmxsBqIEgScxpitjWTaJ9XCT4TTaYyRafWNH
Request Chain 267
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEteMOy0yI_uADuCWcVL4LY&google_cver=1&google_push=AehlK4CLzrnh1Dsw-FlPQ5gUS7AL8aYbYZSEUcsAJ19yLdFlI4LvTcYYTkrTocBwlSJ3vvzrujFhrJ_PkmybvkZXYN3R4_ZmB7YFxBFw0hFvLcR_0ATyf-zul29iIEaRDsrg6rP9blVBEz1T4Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MGQ1YzgzZmMtNzk1YS00ZmEzLThhZTYtNTk1ZjhjNmVlYjZh&google_push=AehlK4CLzrnh1Dsw-FlPQ5gUS7AL8aYbYZSEUcsAJ19yLdFlI4LvTcYYTkrTocBwlSJ3vvzrujFhrJ_PkmybvkZXYN3R4_ZmB7YFxBFw0hFvLcR_0ATyf-zul29iIEaRDsrg6rP9blVBEz1T4Q
Request Chain 268
  • https://sync.inmobi.com/gob?google_gid=CAESEJCh7hW9B0rMm0LeFKy-Dho&google_cver=1&google_push=AehlK4CorNa17Z4Ubt6olW8uKwlRUa_fnIRty_v28yy-NZstwMaV88QD1DygSLe42b_7BMHX6U2KC5JQN2BMU1GwblqVqEKb37dnD55m23poZcXGPfRYjdgXHOkRCMuH_VDCEzy7fn9emZ_gWg HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4CorNa17Z4Ubt6olW8uKwlRUa_fnIRty_v28yy-NZstwMaV88QD1DygSLe42b_7BMHX6U2KC5JQN2BMU1GwblqVqEKb37dnD55m23poZcXGPfRYjdgXHOkRCMuH_VDCEzy7fn9emZ_gWg&gdpr_consent=&gdpr= HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOvCD7J-UXh8ZWdCx1czZp8XVVEi0LeMxlHZWXRw&google_push=AehlK4CorNa17Z4Ubt6olW8uKwlRUa_fnIRty_v28yy-NZstwMaV88QD1DygSLe42b_7BMHX6U2KC5JQN2BMU1GwblqVqEKb37dnD55m23poZcXGPfRYjdgXHOkRCMuH_VDCEzy7fn9emZ_gWg
Request Chain 275
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c89a564e-d03d-4aee-9dd9-9f6285401c51
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzOTc1ODYyNjgyMjUxNTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
Request Chain 295
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=47fd1e62-03ac-4cf9-9bc1-1652a2c55832 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=47fd1e62-03ac-4cf9-9bc1-1652a2c55832&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A&gdpr=0&gdpr_consent=
Request Chain 296
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L71H6SDO-11-5XSJ&gdpr=0&us_privacy=1---
Request Chain 297
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D47fd1e62-03ac-4cf9-9bc1-1652a2c55832&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F654%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D47fd1e62-03ac-4cf9-9bc1-1652a2c55832%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00N2ZkMWU2Mi0wM2FjLTRjZjktOWJjMS0xNjUyYTJjNTU4MzI%253D%26uid%3D%24UID
Request Chain 308
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c89a564e-d03d-4aee-9dd9-9f6285401c51&dongle=0cfd
Request Chain 309
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMPaNK3bq06WtrS3H4FEL6k&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 311
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D
Request Chain 312
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1495206563655248032152&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1495206563655248032152&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b826e91c-1e21-4303-ba68-1c1e40b1dfc7&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b826e91c-1e21-4303-ba68-1c1e40b1dfc7&_noobservation=1&_expected_cookie=89bd8cee3dfb68bc5494bb83e2af428d
Request Chain 313
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1495206563655248032152&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1495206563655248032152&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3Dc284023d-649b-403d-8974-23522a8e001f%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7
Request Chain 315
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1495206563655248032152?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-RX28FGdE2oR_384RxVdwHgu5S9hvGZoUItlmKFG4iw--~A&dongle=0883
Request Chain 316
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1495206563655248032152 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1495206563655248032152&dcc=t
Request Chain 317
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=k4dDDyHR5_0mh5S14Lpc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NM2GIRCEPFEFENK7GBWWQNKTGE2EY4DD&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NM2GIRCEPFEFENK7GBWWQNKTGE2EY4DD
Request Chain 318
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2458727603983412140&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 319
  • https://match.adsrvr.org/track/cmf/openx?oxid=c47beaea-e475-750a-f5ed-d82b2536456b&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c89a564e-d03d-4aee-9dd9-9f6285401c51&ttd_puid=c47beaea-e475-750a-f5ed-d82b2536456b&gdpr=0&gdpr_consent=
Request Chain 320
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwB0t8Co5soAAPB.iFIAAAAA
Request Chain 321
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUPfCSsFsGMvks8ADsWuB84w588AAAGCucfxKQ
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJKACxCDSVSYe33j__ZnoOw&google_cver=1
Request Chain 341
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 342
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Drkt%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3039758626822540000V10&type=rkt&refUrl=&vid=09742632553039758626822540000V10&ovsid=1975461764844743079
Request Chain 343
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c89a564e-d03d-4aee-9dd9-9f6285401c51
Request Chain 345
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dapx%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=apx&refUrl=&vid=09742632553039758626822540000V10&ovsid=4025926254539303744
Request Chain 346
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dopx%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3039758626822540000V10&type=opx&refUrl=&vid=09742632553039758626822540000V10&ovsid=0c578375-4f75-4fea-96a2-a64597d9d7b7
Request Chain 347
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dr1%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8768167107 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c89a564e-d03d-4aee-9dd9-9f6285401c51 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dr1%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3DRX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=r1&refUrl=&vid=09742632553039758626822540000V10&ovsid=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAzOTc1ODYyNjgyMjU0MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
Request Chain 349
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=dxu&refUrl=&vid=09742632553039758626822540000V10&ovsid=wXe0tAWi1Ophhs5
Request Chain 350
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=70dd1183-314d-409f-8081-0ef3360f9f00
Request Chain 351
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Request Chain 352
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dzem%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=mOPz_9FatwTS680qvVcV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLNJ5IHUXZZIZQXI52UKM3DQMDROZLGGVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDSNZUGI3DGMRVGUZTAMZZG42TQNRSGY4DEMRVGQYDAMBQKYYTAJTWONUWIPJTGAZTSNZVHA3DENRYGIZDKNBQGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLNJ5IHUXZZIZQXI52UKM3DQMDROZLGGVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDSNZUGI3DGMRVGUZTAMZZG42TQNRSGY4DEMRVGQYDAMBQKYYTAJTWONUWIPJTGAZTSNZVHA3DENRYGIZDKNBQGAYDAVRRGA
Request Chain 364
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c89a564e-d03d-4aee-9dd9-9f6285401c51&gdpr=0&gdpr_consent=&expires=30
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHbAJIxTznOL_pDDWthXybk&google_cver=1
Request Chain 367
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Request Chain 369
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 374
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c89a564e-d03d-4aee-9dd9-9f6285401c51&expiration=1663566264&gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELvy2O9E4Xf5O6Df5Dpw9v8&google_cver=1
Request Chain 376
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&dcc=t
Request Chain 379
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=K-dIKirgGikwtUkuJOJVLy3gGysw5B55f-wAFVHe
Request Chain 385
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16216300-74b6-4a00-85ec-3230667a2662&gdpr=0&gdpr_consent=
Request Chain 386
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YwB0uAAHvinZpwAK
Request Chain 388
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wqrsyxkp27p
Request Chain 390
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wXe0tAWi1Ophhs5&gdpr=0&gdpr_consent=
Request Chain 391
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004&rndcb=334848583
Request Chain 395
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8ddb717f789a42aeada1283a35a46b94
Request Chain 400
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f732461-c350-4431-a2ce-2484853ae446-tuct9f9fa38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u1la8gJfQJuI6kErQfHnCg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 403
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BB595AF2-025F-409B-88EA-412B41F1E70A HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEJCNTk1QUYyLTAyNUYtNDA5Qi04OEVBLTQxMkI0MUYxRTcwQRAAGg0IuOmBmAYSBQjoBxAAQgBKAA
Request Chain 404
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=16216300-74b6-4a00-85ec-3230667a2662
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkI1OTVBRjItMDI1Ri00MDlCLTg4RUEtNDEyQjQxRjFFNzBB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDNizq7m-UPXX_LLfs3BrQI&google_cver=1
Request Chain 409
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c89a564e-d03d-4aee-9dd9-9f6285401c51
Request Chain 410
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4025926254539303744&gdpr=0&gdpr_consent=
Request Chain 411
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gtx0DYPbJg6ZjnUJjdlpCITbJwyZ3yJe1teyqQFD
Request Chain 412
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 413
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BB595AF2-025F-409B-88EA-412B41F1E70A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k08T1V5E2uVjK8m6m2tNkjbPGhF4uZg-~A&gdpr=0&gdpr_consent=
Request Chain 415
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2458727603983412140&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 416
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BB595AF2-025F-409B-88EA-412B41F1E70A&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=63831616e31e1b4d&is_secure=true&networkId=17100&version=1&nuid=BB595AF2-025F-409B-88EA-412B41F1E70A&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALXbI3irPKNgNSNUDSAAAAAAA&expiration=1661060664&nuid=BB595AF2-025F-409B-88EA-412B41F1E70A&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 417
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 424
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 425
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L71H6SDO-11-5XSJ&gdpr=0&us_privacy=1YN-
Request Chain 426
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4025926254539303744
Request Chain 430
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004&rndcb=5066954339
Request Chain 433
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F75%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D47fd1e62-03ac-4cf9-9bc1-1652a2c55832%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 434
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A
Request Chain 436
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A
Request Chain 455
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=wXe0tAWi1Ophhs5

456 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
www.bg3.co/a/ 		52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5e5394e4870fbf2ccb3f0a573c956ba994fbd27f9fa37e17ae36735cec59cba2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Aug 2022 05:44:12 GMT
ETag
"d008-UtLQFqz6hHhrwPxlfebVJiPn2GE"
Expires
Sat, 20 Aug 2022 06:44:12 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72499
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 05:44:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"566a4cf199592f12"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 20 Aug 2022 05:44:13 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 05:44:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d1fae90a9114f57d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 20 Aug 2022 05:44:13 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7576
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 05:44:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"df45f464576212d8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 20 Aug 2022 05:44:13 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31989
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 05:44:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"a1b1c4bb043ec9da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 20 Aug 2022 05:44:13 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsLSiHtTLuGOovq25RsIY%2BNdW6BSrrzUZHIccb%2BSeMWNqPaqwB7ljATWZcKz6SFC8CLVFuxm1IOYQ0RojdWs1q4RKWZdZQdora9RehR9icNxDKRBCWcjJYalBdBxGGNqOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
73d8d0dfcebbaac9-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:13 GMT
content-encoding
br
last-modified
Fri, 19 Aug 2022 07:00:15 GMT
server
nginx/1.18.0
etag
W/"62ff34ff-8ea7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
9533
expires
Sat, 20 Aug 2022 06:44:13 GMT
adpushup.js
cdn.adpushup.com/42753/ 		513 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
a51abdc945bd68a425eddc829372fe5380aff8fe0343c7246784db121f65f994

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 20 Aug 2022 05:44:13 GMT
content-encoding
br
last-modified
Fri, 19 Aug 2022 10:07:01 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-type
application/javascript
content-length
120666
expires
Sat, 20 Aug 2022 06:44:13 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1660974254.dop021.la3.t,1660974254.cds103.la3.hn,1660974254.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2655
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qYzxyDdGACbG%2FiZqsLQ6BWf8aaXSIy%2BFHNXjU948N%2BZhf0gtspq7Eb5T9qnEbl9kWHOE3qFbMtQ5YCTR%2B45qdJS9c4VYk%2B1WurBteRVHVJw2ymjNBtc4iGAtbbWS5UPyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73d8d0e08f75aac9-SYD
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
da6fb9e65d6e2a0e5e834bbb4acc3c778dfad0a287b6b4916c50634212d65e8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:15 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
da6fb9e65d6e2a0e5e834bbb4acc3c778dfad0a287b6b4916c50634212d65e8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:15 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5401625171977202&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:14 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.07366187093035026&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:14 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
26df2201c509c0614ef200978637b221.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/26df2201c509c0614ef200978637b221.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b1aa1499455ee132e09924aaa6b02e85cce2505027791f6dc43ae16d18d847

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:14 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 16:34:39 GMT
server
cloudflare
etag
"26DF2201C509C0614EF200978637B221"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auQTpHZYgG0Ayj4IWoLfwrlTS7A8coFOMQC%2BLZX%2FKacC3PPfLewezaTCTehxpmwGx5dYHWdspRUho3%2BED84tgLw9kyTwOKmKcNyVKdeq5%2Br1zph3W2SbPSepOGcTtf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0e258baa953-SYD
content-length
3822
expires
Sat, 27 Aug 2022 05:44:14 GMT
afc37a688d29e16fe48b6a361471636b.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/afc37a688d29e16fe48b6a361471636b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de4507703d0e0926c8521840a1fd8df3d52f32c0fa7dded58a5a945e7f72ad66

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:14 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 07:57:16 GMT
server
cloudflare
etag
"AFC37A688D29E16FE48B6A361471636B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf3BKweOtAY25894DduDcdH4a7aTyBtj2vsSunSyB1rjvFdrVDU%2FSQmklALnTNpNl6jwAkgx4J%2BxoyCJzsZluUhCyM0yo8dlYDWntRhDQFjoo7MR3HhRh%2FrMzCdtW5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0e258bca953-SYD
content-length
7764
expires
Sat, 27 Aug 2022 05:44:14 GMT
26000c8670f500c9970ed5071691591e.jpg
static.bg3.co/imgs/202111/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/26000c8670f500c9970ed5071691591e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa227dc0a845cd2898cfa3a5759f244db73e690a7596ff5af2512b836ed3440c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:15 GMT
cf-cache-status
MISS
last-modified
Tue, 23 Nov 2021 09:43:50 GMT
server
cloudflare
etag
"26000C8670F500C9970ED5071691591E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fd%2FubJAFMy2doj1kH%2BrCYMQ7xvOV6G8FkMDiC5YT2Y1%2Bafnsx4EKBP5p8%2Bu4lyEYyuJUf5q9aA8ecREREWW4uCbX4idsv3JOcocHOITZO1QK%2BA37F0WUInjA1I%2FGEks%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0e258bea953-SYD
content-length
6422
expires
Sat, 27 Aug 2022 05:44:15 GMT
802591a026cd0c552dcb223d4f73b81c.jpg
static.bg3.co/imgs/202106/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/802591a026cd0c552dcb223d4f73b81c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd282152ea026b481b7a56499936bf67eb2dfea143989816d41ef02762b0441

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 09:49:47 GMT
server
cloudflare
etag
"802591A026CD0C552DCB223D4F73B81C"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gTit73h7HMpDw3XiXuWfmkchdEjM7Xz%2FtkfKv9boRzSu%2B%2BKiIrtCVOAq8HVxNDR73wAlP%2FQujSc59N%2B%2B3ql15O1MiPJfyATPtLTXQu4i%2F8TKqENnAyeKcZjZ4%2FGksQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0ead8a1a953-SYD
content-length
10748
expires
Sat, 27 Aug 2022 05:44:16 GMT
f6db53859a20392b62db2f4ef602d409.jpg
static.bg3.co/imgs/202107/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/f6db53859a20392b62db2f4ef602d409.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a84a49257812c4c1717b760ed7c37ce52a13387e2cb6750ffb96ec49f263a4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
cf-cache-status
MISS
last-modified
Fri, 16 Jul 2021 20:27:21 GMT
server
cloudflare
etag
"F6DB53859A20392B62DB2F4EF602D409"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWMIADYM6KDceZeWvWgFSuMBVArCDPyrl%2BbkqAChbt2yY8dynRt0vMTjznQOqE1aH7tXFziT10tp%2FomNFwmM3r%2BNKVGXiRwQ0x7GhplzIfSe3lqQbQezPql75KOwY2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0ead8a2a953-SYD
content-length
3968
expires
Sat, 27 Aug 2022 05:44:16 GMT
ba4a66e3279dd1982698555a2d3cd0c7.jpg
static.bg3.co/imgs/202106/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ba4a66e3279dd1982698555a2d3cd0c7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3631ef029fba34c1b9e27946fba41c118111c96f7764f7796802621ced0ab8c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 05:39:11 GMT
server
cloudflare
etag
"BA4A66E3279DD1982698555A2D3CD0C7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ%2Fdnh8ULjj9pHQMBO1N%2BNJjUVaVC0jWC1TpNZGTRvFh1nnfWWad%2BW3rsw0fg6LPSoL9u93MLdp5EYmJM1rnezBTLcn6Wr1HKOfETZXy6V%2FDIfW%2BnxbHFLE5rPk7o9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0eaf8baa953-SYD
content-length
3777
expires
Sat, 27 Aug 2022 05:44:16 GMT
5bb32b38cb86fb911f9e68338c49aaeb.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5bb32b38cb86fb911f9e68338c49aaeb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c650b33f52e34e00446a248140a8bcd04d831ed6ecd06c6b6d8d80c6b55c12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 00:05:57 GMT
server
cloudflare
etag
"5BB32B38CB86FB911F9E68338C49AAEB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTpxSdiFUn6jV00u%2FwYKkhApaIPVn6v%2BB5k%2FtrRZSS8qG0rb4ct5S2BybOIk45l%2F%2BpGbQAXvL3%2Fm2DxADGDabw4MdnstJPOIrxOuu2HRAOSMk%2BiFCF8UF%2FjTdrCONCk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0eaf8bba953-SYD
content-length
7816
expires
Sat, 27 Aug 2022 05:44:16 GMT
b24f24192103777df64e176718b23f16.jpg
static.bg3.co/imgs/202105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b24f24192103777df64e176718b23f16.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bc9e83fca2d2ae4967da16dc2533cf48a9778dfdd2bf2765b267745a1979a12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:15 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 10:43:00 GMT
server
cloudflare
etag
"B24F24192103777DF64E176718B23F16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPi4kKMyOsB2AjwCRPdGTssMPXKudu9qcS1Un%2FGoOVg%2F3LYLFoMNjqovxhAGhuwY%2BjN5lTuPHRtT0hbtuM8FxP9Ae9mcTYPvZf248daX3yjBEZu06tmXcSexkyLSUic%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0eaf8bda953-SYD
content-length
3324
expires
Sat, 27 Aug 2022 05:44:15 GMT
e4ea63907bd8c24ae5c81308394d0581.jpg
static.bg3.co/imgs/202204/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/e4ea63907bd8c24ae5c81308394d0581.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
862e9a07529e72bb39c8cc71572c748adf5aead4a08a3715a5fb3bfa8d4be87a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
cf-cache-status
MISS
last-modified
Sat, 30 Apr 2022 07:04:19 GMT
server
cloudflare
etag
"E4EA63907BD8C24AE5C81308394D0581"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBGc2i148YycjLJWiYE3iuLuYknpFKegBEvBm3yynzM49dHs7%2FMfKG%2FNmQAU06RyW2VrypNYeSOglb9BAepH4UC4wENLSM95sqZLkfHfosdFkVjtTung6v7QuqMIIsg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0ec6a80a953-SYD
content-length
5102
expires
Sat, 27 Aug 2022 05:44:16 GMT
5ac8297f64bc73add88227f9ef4b174f.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5ac8297f64bc73add88227f9ef4b174f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
572ebdeba9e3125c3bc1090e75e8d8f3a6af9da8b6658d0b66b15bfd25735e97

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 17:56:55 GMT
server
cloudflare
etag
"5AC8297F64BC73ADD88227F9EF4B174F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Bwj2UELj2Th9wXQ%2FikO2Jqh5PilKwUcGwRmWteznWnpqzhPHwLRSx6mZpLTWmTUhzaFVyk3FgG%2F%2BUTDQy3WYU%2BSVmAOHVmSadoNaxWJeoebhIRejJ7qlmasxf3XmNM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0ee8c84a953-SYD
content-length
6200
expires
Sat, 27 Aug 2022 05:44:16 GMT
704dc228e6b922a6e3e0da6113990c8e.jpg
static.bg3.co/imgs/202105/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/704dc228e6b922a6e3e0da6113990c8e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377e246022b620e211db98564b08efd0cf750618c366ad5737f8207de3a1d776

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 12:08:42 GMT
server
cloudflare
etag
"704DC228E6B922A6E3E0DA6113990C8E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihFoi5bhWUr9GlGyj8Hp8m97ay3NCuHorJcNIIxxZacuVkNbwZjPuLSYz4A%2FFGYWZGp%2BSrIK%2Fpbp6uxkU06qAvUHZBtXFCPG6hb6YHzKPMt%2BqBC0WO8u%2BB6LcG9eDYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0ee8c85a953-SYD
content-length
11760
expires
Sat, 27 Aug 2022 05:44:16 GMT
504f8dc8fe3878051328440326b65154.jpg
static.bg3.co/imgs/202105/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/504f8dc8fe3878051328440326b65154.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b67eb6f6ef773c2180143485f4a2fdbd98efaf0da420c864ab1441182d3c2e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:17 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 03:47:44 GMT
server
cloudflare
etag
"504F8DC8FE3878051328440326B65154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EabL%2Fa2d4zHpdcwq44X5aX1IKt%2FgEuOfN6T9c3%2Bwp0an%2F8HvG3peWsYuO4ISHXxNg0cYo69lblyKaFMshdCBhPgCkQnZWJQKLbs86UEEfk9L29xH4UW5Ci0j03EW78%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73d8d0ee8c86a953-SYD
content-length
14696
expires
Sat, 27 Aug 2022 05:44:16 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
281464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2977
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:33:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ab22edc768bc2763"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:33:12 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
281452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23035
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:33:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"65c480cb2d2a17eb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:33:24 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
1013 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c53f4706b6959f19ff2d7b6ac019b91cb3eb325d8e5024c6613e226506d6d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
281464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3843
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:33:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e1102914dcffd250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:33:12 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1660974256.dop021.la3.t,1660974256.cds103.la3.hn,1660974256.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
281373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10239
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:34:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"62cdf4b1a7a2ae40"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:34:43 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5F53 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
3057368a96c56c12aeeb96ba4bc5700265696e2e69ce3c1672d063118f91f99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40299
x-xss-protection
0
server
cafe
etag
7030364858260221325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:44:15 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0F1E 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
eb2e7310186a18f67a70e29a4955a80db843db879b6748e34cc7add166dcd09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40303
x-xss-protection
0
server
cafe
etag
3790908095122839687
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:44:15 GMT
block.jpg
delivery.adrecover.com/ 		631 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1660974255147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Sat, 20 Aug 2022 06:44:16 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 5581 		714 B
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73d8d0e71813a829-SYD
content-encoding
br
content-type
text/html
date
Sat, 20 Aug 2022 05:44:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6utX%2F9yQrMWKfZDYWN%2Bmi03G%2BPdI8VfiNMoQcVSMHTh7oOkgjgYL%2FYyp7%2BdCAj2fsomuHXNor64BkHtjjNpieBTWqGnxmZa40WaSkDYkYyRAxvoQVgNIo6atazTS%2BzU%2Fnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:16 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gtag.json
cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
87131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 05:32:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d737f3c89b0705df"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 05:32:04 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame C001 		714 B
831 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73d8d0e7a8b3a829-SYD
content-encoding
br
content-type
text/html
date
Sat, 20 Aug 2022 05:44:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlXEm%2Fl0%2FK0cnHLMvWySJWB4nPG%2F3wytg71cJ9iJNNTfm0RmCDBLixxaGgEnZQ4hrzJ87SI%2BVBSgP8fLFIEtBK4Pk%2F4hlMlolKEgTu5JUH16DJlVLn1QJAR46%2FwTb7pWfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5581 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
163bfb71e678051ec4084f1b780bc6f561a55b923d335b4450a76223fe0ad819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28560
x-xss-protection
0
server
sffe
etag
"1308 / 247 of 1000 / last-modified: 1660946906"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Aug 2022 05:44:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C001 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
0c9aa48a9dff744077cecac94c091930d9495b118a53160a65090bc8e1ae37fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28489
x-xss-protection
0
server
sffe
etag
"1308 / 58 of 1000 / last-modified: 1660946721"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Aug 2022 05:44:18 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ Frame 5F53 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
07911f80d027f5d10a099a849cadfec5d9b62cc21897b8d6688a587642d43e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
978636821533596774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:44:16 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ Frame 0F1E 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
fcd86feec018c01e74bc7c39bfbd3be5ceffcfa6e8057081abde3c01254a662f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122731
x-xss-protection
0
server
cafe
etag
9914649248762751410
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:44:16 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%A6%81%E8%AE%93%E9%8E%AE%E6%B0%91%E6%93%81%E6%9C%89%E5%B9%B8%E7%A6%8F%E6%84%9F%E3%80%80%E6%9D%B1%E6%B8%AF%E9%8E%AE%E6%B0%91%E4%BB%A3%E8%A1%A8%E9%BB%83%E7%A6%8E%E7%A5%A5%E5%8F%83%E9%81%B8%E9%8E%AE%E9%95%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-Epwck7Yuhe_TSNkd9S-lMQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.11885422306326565&gjid=0.002861692798793891&_r=1&a=6480&z=0.7269590668425101&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
51490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57907
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 15:26:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"900caa8e3e134c7a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 15:26:07 GMT
pb.42753.1660729490688.js
cdn.adpushup.com/prebid/ 		327 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
br
last-modified
Wed, 17 Aug 2022 09:45:26 GMT
server
nginx/1.18.0
etag
W/"62fcb8b6-51a96"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-type
application/javascript
content-length
93943
expires
Sun, 20 Aug 2023 05:44:17 GMT
daee8bf4-75ab-4969-8f00-28e93af7f399
https://www.bg3.co/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/daee8bf4-75ab-4969-8f00-28e93af7f399
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-33308842932164443182.ampproject.net/2208051912001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-33308842932164443182.ampproject.net/2208051912001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame 5F53 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c8d04fee070c60bf0f78a52074f6d3e6bfdd9dcc9fee3d83df476907014e8af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 5F53 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5F53 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 2ECA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1135
content-length
673
content-type
text/html
date
Sat, 20 Aug 2022 05:25:52 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d74ff44bb3d68115cb0aef895f2ee456.cloudfront.net (CloudFront)
x-amz-cf-id
U0ADXrXvUHKlEzKHgS0-Oid0ROwmJav_Oyiit3peDXsyYflcN66T2g==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:18 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 0F1E 		379 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c528c41a5d6e2c5f27f6f823ebb3c3f31a027d70c78d63faeb43349ef58148af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 0F1E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0F1E 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame A071
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1135
content-length
673
content-type
text/html
date
Sat, 20 Aug 2022 05:25:52 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d74ff44bb3d68115cb0aef895f2ee456.cloudfront.net (CloudFront)
x-amz-cf-id
Q-vwcgUlh2XToDQLa9ZYUDOSom4pe1UjJ78G4GNGOxn8kc3T_hqrJg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:18 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-type
application/javascript
content-length
211
expires
Sun, 20 Aug 2023 05:44:17 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 20 Aug 2022 05:44:17 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-type
application/javascript
content-length
17440
expires
Sat, 20 Aug 2022 06:44:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
0c9aa48a9dff744077cecac94c091930d9495b118a53160a65090bc8e1ae37fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28489
x-xss-protection
0
server
sffe
etag
"1308 / 718 of 1000 / last-modified: 1660946721"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Aug 2022 05:44:18 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:17 GMT
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjA5NzQyNTc4NzAsInBhY2tldElkIjoiMDAwMEE3MDEtNTFmYWVkZTMtYWU2YS00NTc1LTgxMzMtZTg4OWExYTM1N2E4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhby1yYW5nLXpoZW4tbWluLXlvbmcteW91LXhpbmctZnUtZ2FuLWRvbmctZ2FuZy16aGVuLW1pbi1kYWktYmlhby1odWFuZy16aGVuLXhpYW5nLWNhbi14dWFuLXpoZW4tY2hhbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:17 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjA5NzQyNTc4NzEsInBhY2tldElkIjoiMDAwMEE3MDEtNTFmYWVkZTMtYWU2YS00NTc1LTgxMzMtZTg4OWExYTM1N2E4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhby1yYW5nLXpoZW4tbWluLXlvbmcteW91LXhpbmctZnUtZ2FuLWRvbmctZ2FuZy16aGVuLW1pbi1kYWktYmlhby1odWFuZy16aGVuLXhpYW5nLWNhbi14dWFuLXpoZW4tY2hhbmcuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:17 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjA5NzQyNTc4NzEsInBhY2tldElkIjoiMDAwMEE3MDEtNTFmYWVkZTMtYWU2YS00NTc1LTgxMzMtZTg4OWExYTM1N2E4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhby1yYW5nLXpoZW4tbWluLXlvbmcteW91LXhpbmctZnUtZ2FuLWRvbmctZ2FuZy16aGVuLW1pbi1kYWktYmlhby1odWFuZy16aGVuLXhpYW5nLWNhbi14dWFuLXpoZW4tY2hhbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:17 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjA5NzQyNTc4NzYsInBhY2tldElkIjoiMDAwMEE3MDEtNTFmYWVkZTMtYWU2YS00NTc1LTgxMzMtZTg4OWExYTM1N2E4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhby1yYW5nLXpoZW4tbWluLXlvbmcteW91LXhpbmctZnUtZ2FuLWRvbmctZ2FuZy16aGVuLW1pbi1kYWktYmlhby1odWFuZy16aGVuLXhpYW5nLWNhbi14dWFuLXpoZW4tY2hhbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:17 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjA5NzQyNTc4NzgsInBhY2tldElkIjoiMDAwMEE3MDEtNTFmYWVkZTMtYWU2YS00NTc1LTgxMzMtZTg4OWExYTM1N2E4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhby1yYW5nLXpoZW4tbWluLXlvbmcteW91LXhpbmctZnUtZ2FuLWRvbmctZ2FuZy16aGVuLW1pbi1kYWktYmlhby1odWFuZy16aGVuLXhpYW5nLWNhbi14dWFuLXpoZW4tY2hhbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:17 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame F73A 		603 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-927893838678301557&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2685&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=79006480&ga_cid=amp-Epwck7Yuhe_TSNkd9S-lMQ&ga_hid=6480&dt=1660974257326&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&bdt=4158&dtd=560&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:18 GMT
expires
Sat, 20 Aug 2022 05:44:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 20 Aug 2022 05:44:18 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
939
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220820
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987b1201ac7cb1eebda2b0575d0895f503fc93c57e7d78a669124e93fafa6619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9794
x-jsd-version
1.0.1437
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA, cache-iad-kiad7000151-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"669-E/O32AsuJnBVplUpuMmFoxEsNSs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbDeAa5NBelLJKdiaRyltI6zxf9o7BZk7zAGC6kMW6sT0zJ270KFCN3LwTdaoC3OCU1hXFAyDYjYjMmJt3Q4V%2Fs8eJfZj33SPdgijlZAcMljNIg%2FFdhgs3%2Ffc14F76u9jUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73d8d0fa3e7ea892-SYD
access-control-expose-headers
*
json
gum.criteo.com/sid/ 		318 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
326de17256a9cc75656c8f20f8f35078d1a5d5d94cc690020ed91e15a6c7572f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3001
strict-transport-security
max-age=31536000; preload;
expires
0
auction
rtb.adxpremium.services/openrtb2/ 		59 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
egon
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:19 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213ad6bf308b2793%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214e022abe7a3008%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216760f628a58b7e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218d2a6dac0d7a7b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221992e4e30900001%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222172ceb827381db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223600bbdbf3335f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2224e0763e9a422a1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214e022abe7a3008%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222172ceb827381db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c820a88d1b3608b5b1c10d6357d9260bd34a32e1150a9967a0c9ff7ee2667f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeOR5Gzm9iM83%2FKc6NEOa%2FKDaoGOtdaUwo%2BT%2BGWuVV6Lakvn7dMhaVOBP3itcr2Y1S8fFeZTnH388yvC0rKufVfDiaMdC%2FhtP8QqhAxI1SJnIjXpQ0lTXk%2FJBRS58pGm8asBZ0Wp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73d8d0fa5be9aad2-SYD
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213ad6bf308b2793%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222172ceb827381db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2224e0763e9a422a1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c820a88d1b3608b5b1c10d6357d9260bd34a32e1150a9967a0c9ff7ee2667f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBpEccXHoRvSwoZU65qauzqsUiAnbUqNHREoPvNWmSs6ipeKn%2Bgkpm458bRakPR3doWCjHt97OmD4kmr7jDJhGhBYyTF%2FK8d%2BL7Upo4jrY3MUXd%2B1c2YOrTbEe%2BnbvHhPhDG3M3G"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73d8d0fa5bebaad2-SYD
expires
0
bid-request
a.teads.tv/hb/ 		16 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 20 Aug 2022 05:44:19 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=94006998455
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.0.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-0-189.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4c36d0f7c513412dbda36a10dde18897df5a6865a9bfd6a5ebbc32650bdd1040

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.0.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-0-189.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6c27ec4f8f27aff15e2a2785626fb6f807b5a60088dd62cf9623c4c292dc7ca6

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.0.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-0-189.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
f3492fc9275c57dcca4ce182c78f6a557fa9cbe765cba5aa447c9bc4eff2ba4f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=17d7d5b3-4df2-4afd-af3b-10c341117696%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&tk_flint=pbjs_lite_v4.43.0&x_source.tid=0d99dfa7-7fe2-429d-b69c-cda78992242c%3Ba93ceeb4-4003-411b-920d-4e1e75119c6b%3Bb5dd4304-5ff3-47c8-87cf-65f4189ad6ea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.8252362006494154
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
50a5ccd40c32161109aada87c54530237ce56da3fcba4530ae94ed91d7b61151

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9eca1139-60ef-4bc6-b124-15af3602046b%2C66842b7b-f885-4d43-845f-97d6bdeddc02%2Cfe8c1572-5884-4ecf-a263-ad0e7a40db39&nocache=1660974258048&pubcid=17d7d5b3-4df2-4afd-af3b-10c341117696&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3870eb9d1d25279ec904448c152056b9427ca15d6b077fc78fd4f2f6eb0f7b62

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7790e7a5-b281-4a55-888d-8b6cb55f3913&nocache=1660974258048&pubcid=17d7d5b3-4df2-4afd-af3b-10c341117696&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:18 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d68c698e-bb66-4e37-9100-49a54a221d4d&nocache=1660974258048&pubcid=17d7d5b3-4df2-4afd-af3b-10c341117696&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:18 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0e735ceb-f8ce-45a3-8ed7-a99fbdd5b5da&nocache=1660974258049&pubcid=17d7d5b3-4df2-4afd-af3b-10c341117696&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:18 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8bb81d2e3072817635fd84e620fd7c670e0b1c8b213f68e79e17aa6b587403d7

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
124
alt-svc
clear
via
1.1 google
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		49 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ad4958c76900083c53f5f0aac32262fb71d7726f7714120a73961bc6c495cb89
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 20 Aug 2022 05:44:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.33; 173.245.209.33; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e24b3dd3-fdd9-498f-95a4-7dd27720cc2d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		459 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e8cbdf1688bae05833c4d3ae337ef116923d92748a8c59539e63cb9cc928f05d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
142
content-length
275
adreq
ads.servenobid.com/ 		818 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7298
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.102.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-102-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.221.159 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-221-159.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:18 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:18 GMT
content-encoding
gzip
etag
"gV5iHc/sd8Rde4C/i53H5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 27 Aug 2022 05:44:18 GMT
pubads_impl_2022081501.js
securepubads.g.doubleclick.net/gpt/ Frame C001 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 10:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133600
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:36:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 15 Aug 2023 10:40:49 GMT
pubads_impl_2022081501.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 10:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133600
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:36:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 15 Aug 2023 10:40:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 20 Aug 2022 05:44:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2ECA 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
fda386053b17355faa5ebb575579ce1b0a605a773c884a9cbb2adbfe85f89e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40304
x-xss-protection
0
server
cafe
etag
16237742076588838299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:44:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A071 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ee0a58bac715609350fa12100e1b78dbf7b4bcc170319a64379dcb6271166897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40303
x-xss-protection
0
server
cafe
etag
17451781383933366130
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:44:19 GMT
pubads_impl_2022081801.js
securepubads.g.doubleclick.net/gpt/ Frame 5581 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133681
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 08:36:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Aug 2023 11:33:55 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-2.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:04:36 GMT
via
1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
age
2384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 28 Jul 2022 16:54:54 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
i8TfCgtY5o6rrqBJw-pLXpRoUylHqAFDBKSk26j53_fSOTLZLywqDw==
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ Frame 2ECA 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
d4e12c724bd3565d49fe59938a5f95207a56e2648c14e771bd0080f2708725e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122731
x-xss-protection
0
server
cafe
etag
7946830395235743411
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:44:19 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI3NjM1NDRfMTY2MDk3NDI1OTE0NSIsInVzZXJJZCI6IjU0MDA3NV8xNjYwOTc0MjU5MTQ1Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNzk0MDAwXzE2NjA5NzQyNTkxNDYiLCJwYWdlUGF0aCI6IiUyRmElMkZ5YW8tcmFuZy16aGVuLW1pbi15b25nLXlvdS14aW5nLWZ1LWdhbi1kb25nLWdhbmctemhlbi1taW4tZGFpLWJpYW8taHVhbmctemhlbi14aWFuZy1jYW4teHVhbi16aGVuLWNoYW5nLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGeWFvLXJhbmctemhlbi1taW4teW9uZy15b3UteGluZy1mdS1nYW4tZG9uZy1nYW5nLXpoZW4tbWluLWRhaS1iaWFvLWh1YW5nLXpoZW4teGlhbmctY2FuLXh1YW4temhlbi1jaGFuZy5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6ImRlc2NyaXB0aW9uUGFnZSIsImV4cGVyaW1lbnRQYWdlIjp0cnVlLCJ0aW1lc3RhbXAiOjE2NjA5NzQyNTkxNDZ9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
server
nginx/1.14.0 (Ubuntu)
L2EveWFvLXJhbmctemhlbi1taW4teW9uZy15b3UteGluZy1mdS1nYW4tZG9uZy1nYW5nLXpoZW4tbWluLWRhaS1iaWFvLWh1YW5nLXpoZW4teGlhbmctY2FuLXh1YW4temhlbi1jaGFuZy5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveWFvLXJhbmctemhlbi1taW4teW9uZy15b3UteGluZy1mdS1nYW4tZG9uZy1nYW5nLXpoZW4tbWluLWRhaS1iaWFvLWh1YW5nLXpoZW4teGlhbmctY2FuLXh1YW4temhlbi1jaGFuZy5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 20 Aug 2022 05:44:19 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=225
content-type
text/html
content-length
555
expires
Sat, 20 Aug 2022 06:44:19 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ Frame A071 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
bce7b7a333407f4649b212295c4ae99cfc020e26db50d87e3c92138bcf0426a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
15332994839126793295
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:44:19 GMT
integrator.js
adservice.google.com.au/adsid/ Frame C001 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C001 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C001 		498 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2385548402192098&correlator=4281401404692378&eid=44770638%2C31068920&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1660974259411&lmt=1644386353&dlt=1660974255372&idt=4016&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=e0ygu4t6il1y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1783002697.1660974259&ga_sid=1660974259&ga_hid=402460600&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a48c69a359585388a187b13a9ba94617f005703e47c7b60a72b4c3782d988e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4f5d742c27d9c5efaa359a54b334c188.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FF1 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f5d742c27d9c5efaa359a54b334c188.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:19 GMT
expires
Sun, 20 Aug 2023 05:44:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 2ECA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2ECA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4304 		41 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
19dedac0d27d9363dedd26336e2a427761508f646d8bf6a7ee590c1eea2bec73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
16027
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:20 GMT
expires
Sat, 20 Aug 2022 05:44:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=1487019078;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html;uh=e51ed67d...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1487019078;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-184661653-1660974259555;pbc=17d7d5b3-4df2-4afd-af3b-10c341117696;ns=0;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1660974259555;tzo=0;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame A071 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A071 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1439 		33 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
f18cebda19308aeea6be683ac234fe77dcf2d644517b6b31fa5b47144688e409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
15264
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:20 GMT
expires
Sat, 20 Aug 2022 05:44:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
205314c4de632c91258c6099846461a3288ca46bd2861e28978e65ed83c51353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72555
x-xss-protection
0
expires
Sat, 20 Aug 2022 05:44:19 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS95YW8tcmFuZy16aGVuLW1pbi15b25nLXlvdS14aW5nLWZ1LWdhbi1kb25nLWdhbmctemhlbi1taW4tZGFpLWJpYW8taHVhbmctemhlbi14aWFuZy1jYW4teHVhbi16aGVuLWNoYW5nLmh0bWwiLCJ0aW1lIjoxNjYwOTc0MjU5NjAwfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:19 GMT
server
nginx/1.14.0 (Ubuntu)
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		150 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4331966246940494&correlator=3069827037710238&eid=31068920&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D824db195c8b1d4d%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D8364700a099b13%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D84fecb67ae15d92%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3De7c30907dbbc8048-22ff9358b4d5004e%3AT%3D1660974257%3ART%3D1660974257%3AS%3DALNI_MbFYQ7SIi5orxYfngTap_f00ErXgw&gpic=UID%3D000008ccc6487a3a%3AT%3D1660974257%3ART%3D1660974257%3AS%3DALNI_MaAO46-V0PxrRMyky5ZR2N9lXtvuQ&arp=1&abxe=1&dt=1660974259880&lmt=1660974259&dlt=1660974253168&idt=6691&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1887609561.1660974260&ga_sid=1660974260&ga_hid=6480&ga_fc=false&ga_cid=amp-Epwck7Yuhe_TSNkd9S-lMQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
210b354d320b8e70dadb27e4b456fb516c3e3f8c49999c076850c4d645729459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47633
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C15 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:19 GMT
expires
Sun, 20 Aug 2023 05:44:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 5581 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5581 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5581 		498 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2115091291420178&correlator=1135308928417607&eid=31069060%2C31067825&output=ldjh&gdfp_req=1&vrg=2022081801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1660974259928&lmt=1644386353&dlt=1660974255288&idt=4615&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=1izci8nbm2t3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1397006383.1660974260&ga_sid=1660974260&ga_hid=695208909&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
58ff3810fdaaeb3ce75f88c1c9e6f13b3b4da2f7ae2a458efc3efcf858e4c7a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
af572ee63eab6a874a02e62220a834c1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC3C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af572ee63eab6a874a02e62220a834c1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:20 GMT
expires
Sun, 20 Aug 2023 05:44:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame C001 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
755a3941416203cadf1a3aa429701144d0ad9413eae03232b0d0a960b659aa5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10957
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5581 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
b8fabde5975e307223faa6b22dd0ce1c28981b5e0eb151fb1d8d939b5588f71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11070
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 1439 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoIUBtHQAY7Mh45WyxQ_V27mABqzX_fBktPaok-ILwI23ARABIABgpfiRgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAZX1m98DyAEJqAMByAMCqgSuAU_QPZtWdDdUDNuqqPM4mj3GoSVhtjtS0NiqU_YREUJqlCdTxqL5KESE7lD_tx1YMpM3lmdccxaP9pv1zqmy9kdk09r2nmv9bh0os6w8pFygbMtBjpYVCqt5MFW3386Jh-T_Yh_73qxL0tTUa361MaVmZr9wHUVDn-n3TN12QHxBrraOjCMC3pPmm1s9CnWjULpr8QIaXZikZbJUOtDgZFK-WacDmIRbm0QDHHJztIAG-_rsw6blhvQ5oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=NDPjbKaNURU&uach_m=[UACH]&cid=CAQSKQCsnQUxYaOqpj1KXqcJT05aiEYM3reychbHBqij-rOWy_tnXO9qjx4gGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 20 Aug 2022 05:44:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 1439 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=4.0150777E-4&viewability=-1&device_id=4&cbdp=0.011&slotVisibility=2&dn=bg3.co&acid=30196797ecb44ba3a2bf596f4aa395cd&ugd=4&size=336x280&pvid=4&csip=rtb-common-istio-7c75f56789-qh8pw.SG&ogbdp=0.02&prvReqId=9037990042285_1834818998_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080807683300336028000000500&mang=1&bidrestime=1660974260076&cid=8CU3SX34C&rme=nurl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:20 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 20 Aug 2022 05:44:20 GMT
log
qsearch-a.akamaihd.net/ Frame 1439 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=6.0&adtyp=0&req_id=0Gilto4pmO_HA7NOfw4BCw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=57.3132&exp=&fdbk_id=&second_bidder=*&search_res=59&floor_bucket=0.00&gpid_format=&seat=BID_API&size=336x280&f_seg=&prdp=0.0110&ogcbdp=0.0200&dfpbd=0.0110&server=1&ogerpm_wd_bkt=0-1&model_version=202208200302_generic_adx_1-cid_1&viewability=-0.0100&dmm_r=0.0000&cut=45&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=AU-NSW&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=1.1500&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1660974260076&cc=AU&strg=harmony&ss=&current_hour=5&time_stamp=2022-08-20+05%3A44%3A20&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=Sydney&akey=&mnckfl=0&bdp_bucket=0.00&algo=default&dc=apac_sg&splid=&dim4=ogerpm_multiplier_used&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=30196797ecb44ba3a2bf596f4aa395cd&infl=flr&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=3&visibility=2&totalTime=3729890&dmm_m1=2022-08-20+05%3A44%3A20.078130881&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7c75f56789-qh8pw.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=4_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.02
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:21 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 20 Aug 2022 05:44:21 GMT
nmedianet.js
contextual.media.net/ Frame 1439 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bb4d689a987054d9df721d239e3a414047409135d2b1122de1eee0c2db59839a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"342d730a9a231e5f31372a11fd0ad3fc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sat, 20 Aug 2022 05:44:21 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-34
expires
Sat, 20 Aug 2022 05:49:21 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 1439 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sat, 20 Aug 2022 05:44:20 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=14486
access-control-allow-credentials
true
content-length
62892
expires
Sat, 20 Aug 2022 09:45:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 1439 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:54:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1439 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 1439 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:27:11 GMT
l
www.google.com/ads/measurement/ Frame 1439 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIacTh8ZLRGbkDDRxJDKKjcLaoPiZhcdewKOG03qa7q2W-WzO27QjoNZbohA62aqJgooGVlTOdkrcK_PCL6gBHZuV63g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8h0&_p=6480&cid=1887609561.1660974260&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660974260&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&dt=%E8%A6%81%E8%AE%93%E9%8E%AE%E6%B0%91%E6%93%81%E6%9C%89%E5%B9%B8%E7%A6%8F%E6%84%9F%E3%80%80%E6%9D%B1%E6%B8%AF%E9%8E%AE%E6%B0%91%E4%BB%A3%E8%A1%A8%E9%BB%83%E7%A6%8E%E7%A5%A5%E5%8F%83%E9%81%B8%E9%8E%AE%E9%95%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E11A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cabxzs3QAY4nLOdCIz7sPkaK1yAas1_3wZLT2qJPiC8CNtwEQASAAYKX4kYCQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoErgFP0MZO5GEpLTO2Pu1rby6FVVMFg2tKeo65hvm4i4-j26MXu7pyxXVPEm8usfo8qqTsyIh1thkM6h9FcXoBofDriRTPVip06Pd2SGcYrhn_VK9vsecS6uemkY8GZwuqhGmttBz2Q_uvSiQIHkMjuwMOJc5sB4fipA7cBkq9Bb8JbrmWVy9Ps_T5xvOvVrey38iLr3JZUd8lvBw4KXvolS2pM9O0xx97ZCZ7T84EWFWABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=4BNeMPaHIxA&uach_m=[UACH]&cid=CAQSKQCsnQUxifiR4EnBzosjgnA9NBuqyYBPEsJbix0E9kzPGxJei89SHwE-GAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 20 Aug 2022 05:44:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame E11A 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=4.0150777E-4&viewability=-1&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=09eda29977cd4c9e9c1ffdc3775c5bd0&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-7c75f56789-z2msj.SG&ogbdp=0.02&prvReqId=15147494682425_615707528_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1660974260023&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:20 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 20 Aug 2022 05:44:20 GMT
log
qsearch-a.akamaihd.net/ Frame E11A 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=6.0&adtyp=0&req_id=HcNd9eC_bCNTtnR3YS9FMw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=-0.0100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1660974260023&cc=AU&strg=no_strategy&ss=&current_hour=5&time_stamp=2022-08-20+05%3A44%3A20&rvshhon=&bdp=0.0200&ct=Sydney&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=09eda29977cd4c9e9c1ffdc3775c5bd0&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=2&totalTime=2630990&dmm_m1=2022-08-20+05%3A44%3A20.025233441&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7c75f56789-z2msj.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:21 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 20 Aug 2022 05:44:21 GMT
nmedianet.js
contextual.media.net/ Frame E11A 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a87b8427c7d1d494cd441b27836db8d531335abe072323532d4340e4d02d6f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"342d730a9a231e5f31372a11fd0ad3fc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sat, 20 Aug 2022 05:44:21 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-34
expires
Sat, 20 Aug 2022 05:49:21 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame E11A 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sat, 20 Aug 2022 05:44:20 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=14486
access-control-allow-credentials
true
content-length
62892
expires
Sat, 20 Aug 2022 09:45:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E11A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:54:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E11A 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:27:11 GMT
l
www.google.com/ads/measurement/ Frame E11A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTa2CLRu8fyZT7gLqFIlZ99_MnRtMjBV9MyzQrYl1inECJpOENCb0a4CpHAD1OcsPbm2ANguw-Q4uMV4EW8gPWItIyu1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E11A 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:21 GMT
container.html
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D590 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:20 GMT
expires
Sun, 20 Aug 2023 05:44:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C48E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:20 GMT
expires
Sun, 20 Aug 2023 05:44:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1C25 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:20 GMT
expires
Sun, 20 Aug 2023 05:44:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C001 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5581 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:20 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Aug 2022 05:44:21 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2F7C 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVvrvfuwO_EM8Yd8BUjVkgjL5OWPSkjskfsCsUchQsQlwl0RZLvHlTcplub4voXPDXsM48BEDVUXc9JTGfA1CiRcQgVQA
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D590 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoNnIP4I129WVZIBSY4nrMvSv568qkI2FpyrO5Sgnm402o9AcYRxD23Sv_15UZNuDoe1SsMYdzrv7EbxDoTLgTgkJAXQ&cry=1&dbm_d=AKAmf-Anygjnc8IDAVB7d_6WCCXMQ1mM-Rqt2aKZ09vEY6PIkc7nOPpDop2rGXgNE83oox_QSUtP4k5m8MFK4FC0s7pIL1k7R5zlKcNgNzsuKxRLGip6u7B9a9vlQmvh5K84ZivngU4kNE3Sowv73Zr-nPHpwPMSXcBEJ-1eTeFN0gSAfc_oDLpfM__vthS2zwgamFMoyxYzLMHaqDktFizVj3JLAtemWMlhcEvKX1-X5ulI5ySFZDM0bJ4cDiBT8ox2OmAGW0L_ckDh02TyXhvZAvOEjc4RF5zqz59tR6biRro2yMU-acbVR1fJrFHVkI5nSVbu6sQv9sMrVxsyDatbC8mNTuP3DzwO8AJp1_Qc7vxNZJAF0H_V71Up-bU2vb4B5ZS8P47KfuoFR2p_AX62NpHsV1y4nTctYmkAFn_z6RLoQYTbE4bHcRfoEn9oPwK4ems_7370qJ_jB7aEd8mvqCEbrSYJ58S2uix0ceQvGV97WwVgxqWaTfAc8nOzBSwe5EI8L4VYBLvkUOKOeUvgBxghaxJWGmaVtpFjeyfZzDFJ0abljo0Krpylsm_-MOonoEFcDNaJnMkgZAdqHHSFxZ_YnFiURM-AZTj4vy4AUFgeqNuhACCRY4rHtawUuYcT0ASNMgvj0htPvl8Lysh9BWRKEdI5LZCrtjhvEYrrCGx6fsGn3_pnFBx9yAhvBbV1I-VYC9g8D5gNo-pLA_GK9kaEPJo5GRj1NaxykvMRWU4A8klsDBxSASNBoTg9WYWcba7p9VKwUM_MYTcZm-baJ9CBLmutb2AWYR3A98EqrkE6vx-vdX-SIjg71Qx5cTVsuGYLYHACoJJNxMakpz_OwfuxmVR-4lJZqGXhr7ThcxDfhC0Zy6BeWFxw_EXS4wbd3c3FeNyFWiBMhsnPyx2k9ieRBxbc1EBzvso__oIcLia5zmctmTxyAHJGBWIaoBFVC--Htv9RR4uzoUK9SJcuKgxbUh7okGTr8mCCERK23DHB3SxqxadWiFsDejMJ4vwymOvonU-QzmOTx0kZwg-OXbM0j9huMcsNBJPAZfTKNTwAsBTGwrDDLU_NBasUa-Sd4kod8cH4jgQwqju_MQVdqnRkF1Xgv50c0e0KNYgNddb5hi51UKGHnbTPsYsWRHbRXr1mJcbLioLIf7bmoDOX0N6tRwL5oinKHBdYN_4wPLZIg-bJtYtor-H-mZCwMf0iiv503q9zZVOuCWEMCHd4BM9F-TaySuCmYTEQ2mzBt6DFulGz_R8kUdom8q76bKWKP61EqhdYqo-ygClVU57CAACCOP89MAsROfE_09dIfeSt73TeGDwMiG6YQZx3dfwDbIFFRdBOXH8_KNLyOEelP-nIjhJSzI3v7Khv_bzCPhpxc1E4_FOsLc0B5nuo5yIV-3fuieyeSieXtOYjs580xen1PbOdhBG7VySIclC6SZ9jP8GxaVOEHaIdZGYJy1m0ta-6GOj5_RNUdiLEWcKw5JI6Ki3JDOHpKjMVKkJBUqOW7hW20xLoIl59Kub_Z8EkoRxYpLy6W_47w_IuIn7rLnwtBO9IceIfQ6WcitbBIwLp-UMgAt2ezgYz42aODRvSJIHL7EqN6EJupCzyJeZHbo3CbI8rad_TWKCz3aNBe_D8x6aDJ1Zj8W889nZ6k4ys1nH5bmoOgKSUeYwtT_zvzp-zfUJNpbPepv7gN_pfF1ZUQXOOlj9mEnNPFH2DGqQqNN6aFUljv0P0V4t-rrD9w9NB20NwxfpgtgfXlTIPIbcX0sz81XqnDAlelVNdE6vnMNLndJ_2n0TOy15mB31_kuFOxTy_xYTPrG9slf6n4PVYfYGe-5lK61AW9tf8jqRb1Mrtwie4AQ7kVCDIcxeiE6ZxSNSK2IrA2I03Df12AJbNgdaGG_stpPNRjVYuYlmkTLLKYcf3ozZdOPKWJFaj-H25hVHIdx4p6lxIWiTy-ctD8Ow_d5ESKDQY6MpwXy8ah3M63d4K8MMp_E4MATntV1bn7PEirK-W-nmEEXKgxaQlbQBFnsxq-ZeG3ci93jLCfPC9S39BBbhUtX4bC8R9vkY5Uy230fkKf9LB6uvuY3AYnwJ18nc32xEu_xSfp_QzA90-1EErahYmCl8yoD5v4OnTrhZrXY60GF8jCSeIBvnhH_S-kff0M18R-E4eyVm8h7MxseWTNDegny-ub7G6bU4MWP2jaLzzIzIq3dgeBxc6tsf_XnGpvIHBJYT4GJh1nllTG9Tn49crU5dtMx6CkpRJZx6HihgQcX2Q0H8k7SxvDj5_G5Sxt3VBIw6bP6frQZ175U-OPkd09Ff2SgjuTb1dnERqzs8fYWgetPap-45KwJNLnbO3WGI_jOEod7sMdkAEUaDvVlRN5gcqv4Z5cu7NR71397rzrHG4SeiGX45Tsln0Y_wI3xjFA0xlTldJwaroyLhgLSM-La__tFh6HPaB3nsQ_AJBPG8OkMFD16EWlXfkHzKaSROISM29FmoLrfxwTL4vzQxoNmueyZJm0HNxBop99BiVpUTW0zECmIrWHrT2nMVBsyOIf_K0f4O5MLS2IgA8vnhg9Fxa8HO8J50wY0J5QNQMl-Ep1xKz9iAiThyREHWROobcbsNyDUePBkI5erDwqRR-QfV7Iu7eWm1mCJu3ELK2uXL67RRwoyTIHMAJLyFnF7nuybkDc1BY3-PfbzGZiFbelhgPR_CJws_zlygeYH_8NZ0A0eIi0buhL3OQMKoaWrAEfzdjXvLXLv0b2Ry7fl9YjoVgm92fdZK3S6pcEufNJtxz8tMIh_xNVRoN_pRUYHH4mll73h2j-A1x322DvI4RHXVhBjwq6yDCacGm2ra5PLuzJNRRkGwS1jKwfaJ7s9TtUJJYWVwzvSo9Jo4VSedcopXg8D78PwQIVuv-X1awLp4m0ClbQduhZjcfglDJOyOefaFM2VRFv8aqprnE7nIKUvAq6uGcxl1Gy7Z-5l0fp5VkqgkPjXy850Pas-YD7nTPbK6jZPTgPgL7NWZDC026WWLj-8FaedARO44GVIk-yP7X6DHiIi0nEUqYldeAPSjel6EOob-u9atpyByDyWGfq-vtTfT_BdcqqDKxHjALpJYlGrgLG74A3a6W_QyvVpoHtpu1MJ-g6PQyFr2hsa31ADwjHxrc9j9Xi4rx9dPcopP4RMzOo7u_tt3NIaE&cid=CAASJeRobbbhqeT8DEnlyVGqo8Ne3YNN6GrzrMTGnFp2Nr8bmn28Lfc&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
583f2392f3653d6bdfaf3809bca9e6f2eaf9ea667b32f889e350dc865bc405f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34059
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D590 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQdZF_kvetgBnPBtAW3qpZFDf0EJGJB4dz9CpDmze8fOjY47e9x-isahqRg3DTZkBxvZaZ660_Z30U-4rrrjdvAeqvve5F_AZ9i3FMoscrS2uezU8
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D590 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:54:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D590 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D590 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:27:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6752 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVcRiI6_kkGCDZvMJxlyKyCNSe9kBX_lHz_ifc8QTYHPu59lShW8sSLan5aAurMK5_6A-AbVdrICB5FigOOmlBDQ7N6Iw
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C48E 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6iXqjoxs-wEDSBdNkFZmHLp17j5CmJ1or9uxWOmOOlNlEDSdfeIbvjGWAqKdFSdR-aiNnVdtpFSk73XlvOrhB_tb72w&cry=1&dbm_d=AKAmf-AmO9Ijc4szhjGJ0Ylxl0nSM2NV2cQIvWmnZjhTrkASj2ikvA6pnz_dbNSST43G7bM6oNtgyVEw8hT6xrA405qnWa1gtblNACpuVd0w55SXiRyBdK8JEwD-D7kn5XpHEazE1H9PKxcl8q7isgpA2-KdT_G7COKWQh_V7hD4bbJbhTZ43c_69wwkCKVRqXlqDUNGmgE6PKEvlItq4O8_LwwrDe9wFbjrWjOUc5TOA9tDwOpH_VwLTBk1aSZIZftROBAPwy58kVJDWkLSTJE8qJTXvUMa1Yr_Lf1IVH_rOf-RmpdQVeUpwBVHhZz0DmFOUEvvVLfv9bCPY-56VyP4OJ_FKO_r-otjyxFwtQvE4FUheGZgQ3JXy-XO1FreXTVbGUSFTIIidOsze3aO5OwTilpegnnkYReeXmFbENUb8TKFZLTHg2odGHpu7wm95ejRFfh2v1yeP6pM__HMO8Te-UvG97EkVWBSCyl_uu8Exa_LrLsrXnEf2I8-777L5gxnwplPs994TH-R0ryC9pw2gNsATUDNc_7e-RaEZmddUxvLDiu2p7lpcxQlsnH8t03w5ab7hSp6uBiL_UTtRwZsUHwD9xEzcE0s_Yp7zDzk21Y5t5_hQunMeYs7HDZkj-onPbROjXeCaiz-8XKrCBQ-BF854ncmTuDFHOCkuiWFHD05F36K2IL3EMR44A4ES44fMIH04zYGAI3_ii0UlT8xZt2i5wkawQkxH3cLfla72SwrnEvy62hlS3D8KNTfw2jqH4m529yZQE7JHtw3orwm9OUiWOTx-ITU0GKjgmJD0mkYs_LcYYFZhntAGAppoXS3zKjhFLlhNuKD5IwdSJk2sdJPpxXTSzhv_X25aXNdBWIM92zyEr_XL6s_UksKpetkNI0CfK4Mko7d1IItECdLP0XUMG6_ahxdWd9VsG_Jx6bBMmoNsAqzOJ5LF9DvEkJsJC0g661J8Z7TCK0HvnmwQI3rNSmbGJfcIqAQSPnjMvQhWPkEQju9-g0JOd4fBTV5DHbB5EyN_xbXg3YLKAdDm0mZiVyd78gGDNxUbWJyve1DOalDarYBrH-9kFgTPe3VYvRVuhOF5YWRP9YIC2rgvSDnwYx9XPG1oxMwpixvOAFXYSpLDBWsj4YhKjGV7-MGrAOOary0aItYlTjtB0Z-YwsjmNoMvk8ynhOrNdxWjL6nRKkWvG3xpfS6zC0htAxtknGWDlRcihDR6zDnnhxbOLnimlfRo7KCNai7fu3LLKkbgFMS50_1PlStYYHmtdF_0IUG57iLj8MxEnzJOfJecqdeLaVX80SX3FXc3A_-C82oULSBv2G4y3_7j8gUVSz_ug44W-QhytPWSHNL-1-UBCbTKu5mhPzUEvAd4NkA77zoyakmo-IKqYIfhpRvhRxtmZE1zRFjjg6M4DKrxjONT8UiwOFniCjrX_XA6MBvDkuv0i5wV6nMDNYhyGjSxwpbiL5K9PBRW5IDbj2E50yhqt2hcF67ruGq7FS9xRmT8EmyLUFPkKpoDYmzvWpPjRn2w1MoCp3CpzufvQTSltAiTlj-7Dpyi-CKV9c63YMP7_IbRUVB-SBymDPx2PTcZcI1w5nXyo_B4YXAReEPG7Q0vHtvA8DVSqL2aTSloga2u7DJ2u6PmtnG-ickxbVIP_uQaUaAj_edhfNyTczkOOgNrmSast3BkbBVg-XdVzivi6p-_rNwPSGw7V2JLoS5O8rpGrmJZ1S5Z0qn0IqpTJhtuSSEL-Q8AMZfYBm8RvaDUBYaqqaLXJipIV2rxyFAgU1fftAbChal5ggSGAr8xz10mHxBnvITwDtgwcC29EZMPKTy3M5m1mhrwkXzBfhT6dAEOEm54TPBZ9gMiiXQ9IzUqrq0kKH_LHXsdG9pOE7RGasrKzKwbsro8C53VMUxFRuXod4vcvrmem3ULmfVKAoLycX9U2s5EpVV0Ym6vYJpW1TqjcRy1mUDh4TMZ8ZtiCYSLvN9-j_3acxDyaUU2rRO4O8UJYXZzqvwE5uwVRDQ3dFtNM-Nte22djXJAx6aWQcZBD3KXL-lWdKSwv3JiAAS54q6mYVeYvrFGvN3Xu9f4NK6I51DSkwpT0_RngyZfsaEFtwwdHVjdkw3d6g8jo5EySM7TkJIytQi91f-sKrEZkkOw3e-k18b-cpM0vLZx0HqoCqu8XC7OVvktQ5VRFoi3lS2ooJk2SgYl2eHfSPknLhZBRFIe0SlEtuyWFUX8240p9BjEisHcXdE9fx1rjyOnfTFHQjucCTiU2t4G_q5AKcSSJkaXnQDD5ASpx7E7riX3AKvCSbidnBK2plNr2W9ucmmDUILK_9l4ToIjKMjoYI6MREERQxs0joq5RU6y0meXhlMfDdppP5whX7Ugnyv_eZKIcrcOg8wx5bllsnuPm5X_-wDI72udTciASARvTkzY-82OE5LxkVoA3KopD2Ov5_ivVLLp3nef3uhfWrXmwcau463D5xCqThvKUpMU3tFExKnwnqKmijitYepX4rfKl8BM1zYL5juah6rNlE-930Z7fUnzKHadU9Dt4UutSfuBVMoiCwokMbzftLhoOespf-CQ5nnZEOkN5n5fWE9o52tsaIXwMpGXP7htr0-iAx51Z-idiSJo9JfSBkK7i155gJ1Fi764Nivi6igr8PZevZ-3YvNMqrm2ua8mBP5MMFNd0UsuggWMypvhjYk03Nguc2RzmM7AN-AqLqaEIg6e4_UX0xisTuPiPuEgOo-izQsR_eoZB2UrZX7GwxugBhTDfYTr_5gEidbjBy0UzFzy1SfHdAqFIz2qGfsU8c8s4wt-VORvFAJo18_86Zar4qO4F9ZF84Og29GnBjxASesLCn6p5DO7Pxslib-2d_-cOntfLfjvEQwwWantf653kw0em8ZqfSebYdstq7aVvwr4ip3wHN4fNn16juqvbFcUHSprytYTtNazxsMUAhxKT5fEMHdShROg3hIl1T0q9Xj9_5fXAmVxKNM7-y-BmcQPAC6dYd8fuUkP5_a6cmvKdPu_T5LykdEvcfayIgnkPlropRAjYs6Xx3Ny8K7QY_MbCjdHGJjrnZtwYJq3vLGbYHM_BjKTNypEzmVRWD7OHXBZWgQQ6CHktSqhKH8wtMJI6wW1_bFl_pHOS51a6MOyjNdSjwDET4byANTEkcewcUOZNK0mhTHpozGNg3DobYX8Y3Del6_s_9k&cid=CAASJeRoYuF935clzzv_NiiodzhMtHFVn8arSZgj3WgfzlM36hfL8_U&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
d32484f9967623ac308f1d5406d313bf0674e8be1b369152accaf66733c2b028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34134
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C48E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AbxQelE35oq5O7YlXJ2IXj9jqylE84depbsUxhSAs8zGc5O5v_ACvAoDFXSRDOv18jm0SuYHJlBTwlXrRFsSdGkbMvOfi3eUmK4NjJi_0hDbtIbjY
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame C48E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:54:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C48E 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame C48E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:27:11 GMT
css
fonts.googleapis.com/ Frame 1C25 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
f1535199f71b96d423d3f991a5a0a92ca5779e74d2e23a509b5022ef347129a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 20 Aug 2022 04:44:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 20 Aug 2022 05:44:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Aug 2022 05:44:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 1C25 		2 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 05:36:01 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1C25 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaDqXtHQAY6fEAcqx1Aax07DABq3VqO1o6dyezNwPib-bkY8yEAEguoTAM2Cl-JGAkAGgAcGuiv4DyAEJ4AIAqAMByAPLBKoEygJP0PJBOHBSeb4UGX6XGvZkm0xibqejD2tDyIjb2qn9_2m3H803zO__VWeBBuRWQYiaZ4dWv_USpwvdvOqvBq4z23Yy0DlvBA9x2BGT90Zg37xayu8ramTEjFLwddItP7JX0N4BiZ2TLAqIxcyjAIonQPC5mP24akeH54vltGl83MXth2GDw-BSCTZvHnggdOKiGVhpqr42jNuTkGpz-RYS-xp0-8vfDq7fahWbUq5_ctinArbyOElEeMOOMgF9nu1hYIhK3wQUzb4WBrgQxPNbagBx_m_vdaZppLlktyBmzpdcI9VV6kD80sFlB8MP4EvAL1zw1mlz0jCaT7yBv1ojDGiGH4TyD4Hq_cbNHWIq6qgYc9XgGBP3cnPgrgWvhnZS4mws6e3vD1I_YbdG5hQeOdHpu3kLJO46MtdFsTHVBOrrHoS0hnNKO4XABIH079HvAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAen0fUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELH_AdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTCogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=RS_yi1WFPwM&uach_m=[UACH]&template_id=494
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 1C25 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:52:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:52:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 1C25 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:54:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C25 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 1C25 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:27:11 GMT
l
www.google.com/ads/measurement/ Frame 1C25 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWmNFOUJF84JZMYOUjoD_KVptRVObwC87aD5IOi1zy3MePIgR-UI7e3iz0rKgkhtiNTFe477gATxHWt_KzB8nVuBmh4w
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame 1C25 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 13:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 03:48:15 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1C25 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTKjOIKv-DT3blkfok2_sehRX3iztRVQq4iyHv-jATxEieIGgKXrhpvD4uRzWg&usqp=CAI
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
sffe /
Resource Hash
62595d93db984ca635bbf920da3a9480a0f537f8007135f9b761427361a57404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:29:19 GMT
x-content-type-options
nosniff
age
902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20726
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 03:53:03 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 20 Aug 2023 05:29:19 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 1C25 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRMf-nU3PbWijEGarZf8nFdnks0Yw8cr0VTXi9x0G5dJmP-CJlFkxDk75td0yg&usqp=CAI
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f113.1e100.net
Software
sffe /
Resource Hash
b32a5302c2c29f53fe831716d9e414dc52119c4ec18cd216ada91e105d7b8d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Dec 2021 01:36:21 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14839
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 20 Aug 2023 05:44:21 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 1C25 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRhIif0DS6g9r_wFodRfp5OHy8KWNXLpOhnBn8bK3raqMNwqoqwcWdCPXjlgA&usqp=CAI
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f113.1e100.net
Software
sffe /
Resource Hash
e07f2a6e452e9ec0f26ed7f102a6ea9a6cf1f4247a135032060e53162809abe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Jan 2022 21:01:51 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26630
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 20 Aug 2023 05:44:21 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 1C25 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQkudrzTxZq3gkdkY-ktFV5-easNx7RIR3ADusQyANzlJgHLQsgrYCXHaD6nQU&usqp=CAI
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f113.1e100.net
Software
sffe /
Resource Hash
370efdd0ddc70b544bd783d661fedac6c7d9960740c2d6640c36395f1b412946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 Jan 2022 13:33:02 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25274
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 20 Aug 2023 05:44:21 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 1C25 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTtgT7jS-9pb2hfkTeCnYzqc6DlDDJdsGoGY-q_9eDdZhsgSKDYw5nTEpxseQ&usqp=CAI
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f113.1e100.net
Software
sffe /
Resource Hash
649b84d1f05a260e86dfcb7ab4f4e03e33994a7ecdd45e772bec2a1ea83b3b70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Dec 2021 11:10:38 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16719
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 20 Aug 2023 05:44:21 GMT
7321642076629450800
tpc.googlesyndication.com/simgad/ Frame 1C25
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDn8cn4oAEQ3AsY9wIyCMwylmbgI4OK
  • https://tpc.googlesyndication.com/simgad/7321642076629450800
130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7321642076629450800
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
dc5a5296ee533695e29ff23e85882eb74bd094482d5c31a0aeacc635b3b4775c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 07:27:48 GMT
x-content-type-options
nosniff
age
80193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132885
x-xss-protection
0
last-modified
Tue, 05 May 2020 23:20:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Aug 2023 07:27:48 GMT

Redirect headers

date
Fri, 19 Aug 2022 06:07:47 GMT
x-content-type-options
nosniff
server
cafe
age
84994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/7321642076629450800
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 18 Sep 2022 06:07:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2320 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
142737
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CE50 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
4bbbd8001269beac1f780e81463066362e6d3fdf95ebdc53ac2cb00989594623
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Mk_9TrYzp-Q-8KYa0qzCNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Mk_9TrYzp-Q-8KYa0qzCNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:21 GMT
expires
Sat, 20 Aug 2022 05:44:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2B1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
142737
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 79AC 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
e9586027420209db9003ae6157cbd1ae6fad347acdae2abf5b07d85fa50dc7c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8iCD0jtWNJpV_Du1_QB-0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-8iCD0jtWNJpV_Du1_QB-0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:21 GMT
expires
Sat, 20 Aug 2022 05:44:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 2F7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1&C=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVvrvfuwO_EM8Yd8BUjVkgjL5OWPSkjskfsCsUchQsQlwl0RZLvHlTcplub4voXPDXsM48BEDVUXc9JTGfA1CiRcQgVQA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73d8d110dd39a977-SYD
pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9dxyWLyxj7dMHRE%2B%2BX5KcMAFLQgIFaZhj0RwmnqbJqA5QVvZd3IOeS3SEmOUrQTqJLzcsP%2BHDA8WoaBTlOf06ie0IBIDAGPorJP1cXF16QF3aRzyIBwfOx06ruyDgLu9x2VPpU6pnmQcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSMGj9Ny2G6afAWbZze7TyhMIDQRIplqVS%2F145iWpyvV1Z%2FGrzA2xDWYp3QU40M6AcIiP%2B2u0OvREGprGx0r01Z5Wxrj97rn%2Bnckz5TauY2sLE6yPq04bYWwBiFVIUrwh8HB%2Fgzi3zuK5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1&C=1
cache-control
no-cache
cf-ray
73d8d10e8821a7f0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 2F7C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwB0tZPh8AfnYMN3HnlXIwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVvrvfuwO_EM8Yd8BUjVkgjL5OWPSkjskfsCsUchQsQlwl0RZLvHlTcplub4voXPDXsM48BEDVUXc9JTGfA1CiRcQgVQA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73d8d113b829a977-SYD
pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fxi6n3Z88TRbQvGvyK77tmv6NnghdjXb3K%2FyPnJw2ZPeuGAfT3JjEJnAlK5SPPMDTyG7QGnA%2F9%2FXGtKXf5u2xZDed5BSzG1ViSzmeZEOsW1h%2FgKaAGYLYrIOotEk1hn1kc7xqc49l8daiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFwk8ormUTtxSEckkQ6QfOg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2F7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMzKR1zc2vzIugxv0jsQ3tc&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMzKR1zc2vzIugxv0jsQ3tc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVvrvfuwO_EM8Yd8BUjVkgjL5OWPSkjskfsCsUchQsQlwl0RZLvHlTcplub4voXPDXsM48BEDVUXc9JTGfA1CiRcQgVQA
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:21 GMT
X-Proxy-Origin
173.245.209.33; 173.245.209.33; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
22f3299e-100c-45f2-a9be-28baadc3fc5a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMzKR1zc2vzIugxv0jsQ3tc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F7C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNTkyNjI1NDUzOTMwMzc0NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNTkyNjI1NDUzOTMwMzc0NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVvrvfuwO_EM8Yd8BUjVkgjL5OWPSkjskfsCsUchQsQlwl0RZLvHlTcplub4voXPDXsM48BEDVUXc9JTGfA1CiRcQgVQA
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:21 GMT
X-Proxy-Origin
173.245.209.33; 173.245.209.33; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
56ca3158-7b01-4796-8793-2ad27c124bb9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNTkyNjI1NDUzOTMwMzc0NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6752
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJKACxCDSVSYe33j__ZnoOw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJKACxCDSVSYe33j__ZnoOw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVcRiI6_kkGCDZvMJxlyKyCNSe9kBX_lHz_ifc8QTYHPu59lShW8sSLan5aAurMK5_6A-AbVdrICB5FigOOmlBDQ7N6Iw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJKACxCDSVSYe33j__ZnoOw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6752
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgxNDM5MjAtMmQwMi0yYmFlLWUwMGQtODI5MmVmZDQ4YjBi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgxNDM5MjAtMmQwMi0yYmFlLWUwMGQtODI5MmVmZDQ4YjBi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVcRiI6_kkGCDZvMJxlyKyCNSe9kBX_lHz_ifc8QTYHPu59lShW8sSLan5aAurMK5_6A-AbVdrICB5FigOOmlBDQ7N6Iw
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 Aug 2022 05:44:21 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgxNDM5MjAtMmQwMi0yYmFlLWUwMGQtODI5MmVmZDQ4YjBi
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 6752
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEh5r_UF97pkd0ATctkbCqU&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEh5r_UF97pkd0ATctkbCqU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVcRiI6_kkGCDZvMJxlyKyCNSe9kBX_lHz_ifc8QTYHPu59lShW8sSLan5aAurMK5_6A-AbVdrICB5FigOOmlBDQ7N6Iw
Protocol
H2
Server
23.36.49.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-49-63.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 20 Aug 2022 05:44:22 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEh5r_UF97pkd0ATctkbCqU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6752
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTBiYTBkYTYtMDgxMi00NzFjLWFlNjMtMmMyODAwOWMzYmM5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTBiYTBkYTYtMDgxMi00NzFjLWFlNjMtMmMyODAwOWMzYmM5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVcRiI6_kkGCDZvMJxlyKyCNSe9kBX_lHz_ifc8QTYHPu59lShW8sSLan5aAurMK5_6A-AbVdrICB5FigOOmlBDQ7N6Iw
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTBiYTBkYTYtMDgxMi00NzFjLWFlNjMtMmMyODAwOWMzYmM5
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 20 Aug 2022 05:44:22 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D590 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Origin
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 07:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 07:08:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame D590 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoNnIP4I129WVZIBSY4nrMvSv568qkI2FpyrO5Sgnm402o9AcYRxD23Sv_15UZNuDoe1SsMYdzrv7EbxDoTLgTgkJAXQ&cry=1&dbm_d=AKAmf-Anygjnc8IDAVB7d_6WCCXMQ1mM-Rqt2aKZ09vEY6PIkc7nOPpDop2rGXgNE83oox_QSUtP4k5m8MFK4FC0s7pIL1k7R5zlKcNgNzsuKxRLGip6u7B9a9vlQmvh5K84ZivngU4kNE3Sowv73Zr-nPHpwPMSXcBEJ-1eTeFN0gSAfc_oDLpfM__vthS2zwgamFMoyxYzLMHaqDktFizVj3JLAtemWMlhcEvKX1-X5ulI5ySFZDM0bJ4cDiBT8ox2OmAGW0L_ckDh02TyXhvZAvOEjc4RF5zqz59tR6biRro2yMU-acbVR1fJrFHVkI5nSVbu6sQv9sMrVxsyDatbC8mNTuP3DzwO8AJp1_Qc7vxNZJAF0H_V71Up-bU2vb4B5ZS8P47KfuoFR2p_AX62NpHsV1y4nTctYmkAFn_z6RLoQYTbE4bHcRfoEn9oPwK4ems_7370qJ_jB7aEd8mvqCEbrSYJ58S2uix0ceQvGV97WwVgxqWaTfAc8nOzBSwe5EI8L4VYBLvkUOKOeUvgBxghaxJWGmaVtpFjeyfZzDFJ0abljo0Krpylsm_-MOonoEFcDNaJnMkgZAdqHHSFxZ_YnFiURM-AZTj4vy4AUFgeqNuhACCRY4rHtawUuYcT0ASNMgvj0htPvl8Lysh9BWRKEdI5LZCrtjhvEYrrCGx6fsGn3_pnFBx9yAhvBbV1I-VYC9g8D5gNo-pLA_GK9kaEPJo5GRj1NaxykvMRWU4A8klsDBxSASNBoTg9WYWcba7p9VKwUM_MYTcZm-baJ9CBLmutb2AWYR3A98EqrkE6vx-vdX-SIjg71Qx5cTVsuGYLYHACoJJNxMakpz_OwfuxmVR-4lJZqGXhr7ThcxDfhC0Zy6BeWFxw_EXS4wbd3c3FeNyFWiBMhsnPyx2k9ieRBxbc1EBzvso__oIcLia5zmctmTxyAHJGBWIaoBFVC--Htv9RR4uzoUK9SJcuKgxbUh7okGTr8mCCERK23DHB3SxqxadWiFsDejMJ4vwymOvonU-QzmOTx0kZwg-OXbM0j9huMcsNBJPAZfTKNTwAsBTGwrDDLU_NBasUa-Sd4kod8cH4jgQwqju_MQVdqnRkF1Xgv50c0e0KNYgNddb5hi51UKGHnbTPsYsWRHbRXr1mJcbLioLIf7bmoDOX0N6tRwL5oinKHBdYN_4wPLZIg-bJtYtor-H-mZCwMf0iiv503q9zZVOuCWEMCHd4BM9F-TaySuCmYTEQ2mzBt6DFulGz_R8kUdom8q76bKWKP61EqhdYqo-ygClVU57CAACCOP89MAsROfE_09dIfeSt73TeGDwMiG6YQZx3dfwDbIFFRdBOXH8_KNLyOEelP-nIjhJSzI3v7Khv_bzCPhpxc1E4_FOsLc0B5nuo5yIV-3fuieyeSieXtOYjs580xen1PbOdhBG7VySIclC6SZ9jP8GxaVOEHaIdZGYJy1m0ta-6GOj5_RNUdiLEWcKw5JI6Ki3JDOHpKjMVKkJBUqOW7hW20xLoIl59Kub_Z8EkoRxYpLy6W_47w_IuIn7rLnwtBO9IceIfQ6WcitbBIwLp-UMgAt2ezgYz42aODRvSJIHL7EqN6EJupCzyJeZHbo3CbI8rad_TWKCz3aNBe_D8x6aDJ1Zj8W889nZ6k4ys1nH5bmoOgKSUeYwtT_zvzp-zfUJNpbPepv7gN_pfF1ZUQXOOlj9mEnNPFH2DGqQqNN6aFUljv0P0V4t-rrD9w9NB20NwxfpgtgfXlTIPIbcX0sz81XqnDAlelVNdE6vnMNLndJ_2n0TOy15mB31_kuFOxTy_xYTPrG9slf6n4PVYfYGe-5lK61AW9tf8jqRb1Mrtwie4AQ7kVCDIcxeiE6ZxSNSK2IrA2I03Df12AJbNgdaGG_stpPNRjVYuYlmkTLLKYcf3ozZdOPKWJFaj-H25hVHIdx4p6lxIWiTy-ctD8Ow_d5ESKDQY6MpwXy8ah3M63d4K8MMp_E4MATntV1bn7PEirK-W-nmEEXKgxaQlbQBFnsxq-ZeG3ci93jLCfPC9S39BBbhUtX4bC8R9vkY5Uy230fkKf9LB6uvuY3AYnwJ18nc32xEu_xSfp_QzA90-1EErahYmCl8yoD5v4OnTrhZrXY60GF8jCSeIBvnhH_S-kff0M18R-E4eyVm8h7MxseWTNDegny-ub7G6bU4MWP2jaLzzIzIq3dgeBxc6tsf_XnGpvIHBJYT4GJh1nllTG9Tn49crU5dtMx6CkpRJZx6HihgQcX2Q0H8k7SxvDj5_G5Sxt3VBIw6bP6frQZ175U-OPkd09Ff2SgjuTb1dnERqzs8fYWgetPap-45KwJNLnbO3WGI_jOEod7sMdkAEUaDvVlRN5gcqv4Z5cu7NR71397rzrHG4SeiGX45Tsln0Y_wI3xjFA0xlTldJwaroyLhgLSM-La__tFh6HPaB3nsQ_AJBPG8OkMFD16EWlXfkHzKaSROISM29FmoLrfxwTL4vzQxoNmueyZJm0HNxBop99BiVpUTW0zECmIrWHrT2nMVBsyOIf_K0f4O5MLS2IgA8vnhg9Fxa8HO8J50wY0J5QNQMl-Ep1xKz9iAiThyREHWROobcbsNyDUePBkI5erDwqRR-QfV7Iu7eWm1mCJu3ELK2uXL67RRwoyTIHMAJLyFnF7nuybkDc1BY3-PfbzGZiFbelhgPR_CJws_zlygeYH_8NZ0A0eIi0buhL3OQMKoaWrAEfzdjXvLXLv0b2Ry7fl9YjoVgm92fdZK3S6pcEufNJtxz8tMIh_xNVRoN_pRUYHH4mll73h2j-A1x322DvI4RHXVhBjwq6yDCacGm2ra5PLuzJNRRkGwS1jKwfaJ7s9TtUJJYWVwzvSo9Jo4VSedcopXg8D78PwQIVuv-X1awLp4m0ClbQduhZjcfglDJOyOefaFM2VRFv8aqprnE7nIKUvAq6uGcxl1Gy7Z-5l0fp5VkqgkPjXy850Pas-YD7nTPbK6jZPTgPgL7NWZDC026WWLj-8FaedARO44GVIk-yP7X6DHiIi0nEUqYldeAPSjel6EOob-u9atpyByDyWGfq-vtTfT_BdcqqDKxHjALpJYlGrgLG74A3a6W_QyvVpoHtpu1MJ-g6PQyFr2hsa31ADwjHxrc9j9Xi4rx9dPcopP4RMzOo7u_tt3NIaE&cid=CAASJeRobbbhqeT8DEnlyVGqo8Ne3YNN6GrzrMTGnFp2Nr8bmn28Lfc&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:42:17 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame D590 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoNnIP4I129WVZIBSY4nrMvSv568qkI2FpyrO5Sgnm402o9AcYRxD23Sv_15UZNuDoe1SsMYdzrv7EbxDoTLgTgkJAXQ&cry=1&dbm_d=AKAmf-Anygjnc8IDAVB7d_6WCCXMQ1mM-Rqt2aKZ09vEY6PIkc7nOPpDop2rGXgNE83oox_QSUtP4k5m8MFK4FC0s7pIL1k7R5zlKcNgNzsuKxRLGip6u7B9a9vlQmvh5K84ZivngU4kNE3Sowv73Zr-nPHpwPMSXcBEJ-1eTeFN0gSAfc_oDLpfM__vthS2zwgamFMoyxYzLMHaqDktFizVj3JLAtemWMlhcEvKX1-X5ulI5ySFZDM0bJ4cDiBT8ox2OmAGW0L_ckDh02TyXhvZAvOEjc4RF5zqz59tR6biRro2yMU-acbVR1fJrFHVkI5nSVbu6sQv9sMrVxsyDatbC8mNTuP3DzwO8AJp1_Qc7vxNZJAF0H_V71Up-bU2vb4B5ZS8P47KfuoFR2p_AX62NpHsV1y4nTctYmkAFn_z6RLoQYTbE4bHcRfoEn9oPwK4ems_7370qJ_jB7aEd8mvqCEbrSYJ58S2uix0ceQvGV97WwVgxqWaTfAc8nOzBSwe5EI8L4VYBLvkUOKOeUvgBxghaxJWGmaVtpFjeyfZzDFJ0abljo0Krpylsm_-MOonoEFcDNaJnMkgZAdqHHSFxZ_YnFiURM-AZTj4vy4AUFgeqNuhACCRY4rHtawUuYcT0ASNMgvj0htPvl8Lysh9BWRKEdI5LZCrtjhvEYrrCGx6fsGn3_pnFBx9yAhvBbV1I-VYC9g8D5gNo-pLA_GK9kaEPJo5GRj1NaxykvMRWU4A8klsDBxSASNBoTg9WYWcba7p9VKwUM_MYTcZm-baJ9CBLmutb2AWYR3A98EqrkE6vx-vdX-SIjg71Qx5cTVsuGYLYHACoJJNxMakpz_OwfuxmVR-4lJZqGXhr7ThcxDfhC0Zy6BeWFxw_EXS4wbd3c3FeNyFWiBMhsnPyx2k9ieRBxbc1EBzvso__oIcLia5zmctmTxyAHJGBWIaoBFVC--Htv9RR4uzoUK9SJcuKgxbUh7okGTr8mCCERK23DHB3SxqxadWiFsDejMJ4vwymOvonU-QzmOTx0kZwg-OXbM0j9huMcsNBJPAZfTKNTwAsBTGwrDDLU_NBasUa-Sd4kod8cH4jgQwqju_MQVdqnRkF1Xgv50c0e0KNYgNddb5hi51UKGHnbTPsYsWRHbRXr1mJcbLioLIf7bmoDOX0N6tRwL5oinKHBdYN_4wPLZIg-bJtYtor-H-mZCwMf0iiv503q9zZVOuCWEMCHd4BM9F-TaySuCmYTEQ2mzBt6DFulGz_R8kUdom8q76bKWKP61EqhdYqo-ygClVU57CAACCOP89MAsROfE_09dIfeSt73TeGDwMiG6YQZx3dfwDbIFFRdBOXH8_KNLyOEelP-nIjhJSzI3v7Khv_bzCPhpxc1E4_FOsLc0B5nuo5yIV-3fuieyeSieXtOYjs580xen1PbOdhBG7VySIclC6SZ9jP8GxaVOEHaIdZGYJy1m0ta-6GOj5_RNUdiLEWcKw5JI6Ki3JDOHpKjMVKkJBUqOW7hW20xLoIl59Kub_Z8EkoRxYpLy6W_47w_IuIn7rLnwtBO9IceIfQ6WcitbBIwLp-UMgAt2ezgYz42aODRvSJIHL7EqN6EJupCzyJeZHbo3CbI8rad_TWKCz3aNBe_D8x6aDJ1Zj8W889nZ6k4ys1nH5bmoOgKSUeYwtT_zvzp-zfUJNpbPepv7gN_pfF1ZUQXOOlj9mEnNPFH2DGqQqNN6aFUljv0P0V4t-rrD9w9NB20NwxfpgtgfXlTIPIbcX0sz81XqnDAlelVNdE6vnMNLndJ_2n0TOy15mB31_kuFOxTy_xYTPrG9slf6n4PVYfYGe-5lK61AW9tf8jqRb1Mrtwie4AQ7kVCDIcxeiE6ZxSNSK2IrA2I03Df12AJbNgdaGG_stpPNRjVYuYlmkTLLKYcf3ozZdOPKWJFaj-H25hVHIdx4p6lxIWiTy-ctD8Ow_d5ESKDQY6MpwXy8ah3M63d4K8MMp_E4MATntV1bn7PEirK-W-nmEEXKgxaQlbQBFnsxq-ZeG3ci93jLCfPC9S39BBbhUtX4bC8R9vkY5Uy230fkKf9LB6uvuY3AYnwJ18nc32xEu_xSfp_QzA90-1EErahYmCl8yoD5v4OnTrhZrXY60GF8jCSeIBvnhH_S-kff0M18R-E4eyVm8h7MxseWTNDegny-ub7G6bU4MWP2jaLzzIzIq3dgeBxc6tsf_XnGpvIHBJYT4GJh1nllTG9Tn49crU5dtMx6CkpRJZx6HihgQcX2Q0H8k7SxvDj5_G5Sxt3VBIw6bP6frQZ175U-OPkd09Ff2SgjuTb1dnERqzs8fYWgetPap-45KwJNLnbO3WGI_jOEod7sMdkAEUaDvVlRN5gcqv4Z5cu7NR71397rzrHG4SeiGX45Tsln0Y_wI3xjFA0xlTldJwaroyLhgLSM-La__tFh6HPaB3nsQ_AJBPG8OkMFD16EWlXfkHzKaSROISM29FmoLrfxwTL4vzQxoNmueyZJm0HNxBop99BiVpUTW0zECmIrWHrT2nMVBsyOIf_K0f4O5MLS2IgA8vnhg9Fxa8HO8J50wY0J5QNQMl-Ep1xKz9iAiThyREHWROobcbsNyDUePBkI5erDwqRR-QfV7Iu7eWm1mCJu3ELK2uXL67RRwoyTIHMAJLyFnF7nuybkDc1BY3-PfbzGZiFbelhgPR_CJws_zlygeYH_8NZ0A0eIi0buhL3OQMKoaWrAEfzdjXvLXLv0b2Ry7fl9YjoVgm92fdZK3S6pcEufNJtxz8tMIh_xNVRoN_pRUYHH4mll73h2j-A1x322DvI4RHXVhBjwq6yDCacGm2ra5PLuzJNRRkGwS1jKwfaJ7s9TtUJJYWVwzvSo9Jo4VSedcopXg8D78PwQIVuv-X1awLp4m0ClbQduhZjcfglDJOyOefaFM2VRFv8aqprnE7nIKUvAq6uGcxl1Gy7Z-5l0fp5VkqgkPjXy850Pas-YD7nTPbK6jZPTgPgL7NWZDC026WWLj-8FaedARO44GVIk-yP7X6DHiIi0nEUqYldeAPSjel6EOob-u9atpyByDyWGfq-vtTfT_BdcqqDKxHjALpJYlGrgLG74A3a6W_QyvVpoHtpu1MJ-g6PQyFr2hsa31ADwjHxrc9j9Xi4rx9dPcopP4RMzOo7u_tt3NIaE&cid=CAASJeRobbbhqeT8DEnlyVGqo8Ne3YNN6GrzrMTGnFp2Nr8bmn28Lfc&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5537
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:12:04 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C48E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Origin
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 07:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 07:08:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame C48E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6iXqjoxs-wEDSBdNkFZmHLp17j5CmJ1or9uxWOmOOlNlEDSdfeIbvjGWAqKdFSdR-aiNnVdtpFSk73XlvOrhB_tb72w&cry=1&dbm_d=AKAmf-AmO9Ijc4szhjGJ0Ylxl0nSM2NV2cQIvWmnZjhTrkASj2ikvA6pnz_dbNSST43G7bM6oNtgyVEw8hT6xrA405qnWa1gtblNACpuVd0w55SXiRyBdK8JEwD-D7kn5XpHEazE1H9PKxcl8q7isgpA2-KdT_G7COKWQh_V7hD4bbJbhTZ43c_69wwkCKVRqXlqDUNGmgE6PKEvlItq4O8_LwwrDe9wFbjrWjOUc5TOA9tDwOpH_VwLTBk1aSZIZftROBAPwy58kVJDWkLSTJE8qJTXvUMa1Yr_Lf1IVH_rOf-RmpdQVeUpwBVHhZz0DmFOUEvvVLfv9bCPY-56VyP4OJ_FKO_r-otjyxFwtQvE4FUheGZgQ3JXy-XO1FreXTVbGUSFTIIidOsze3aO5OwTilpegnnkYReeXmFbENUb8TKFZLTHg2odGHpu7wm95ejRFfh2v1yeP6pM__HMO8Te-UvG97EkVWBSCyl_uu8Exa_LrLsrXnEf2I8-777L5gxnwplPs994TH-R0ryC9pw2gNsATUDNc_7e-RaEZmddUxvLDiu2p7lpcxQlsnH8t03w5ab7hSp6uBiL_UTtRwZsUHwD9xEzcE0s_Yp7zDzk21Y5t5_hQunMeYs7HDZkj-onPbROjXeCaiz-8XKrCBQ-BF854ncmTuDFHOCkuiWFHD05F36K2IL3EMR44A4ES44fMIH04zYGAI3_ii0UlT8xZt2i5wkawQkxH3cLfla72SwrnEvy62hlS3D8KNTfw2jqH4m529yZQE7JHtw3orwm9OUiWOTx-ITU0GKjgmJD0mkYs_LcYYFZhntAGAppoXS3zKjhFLlhNuKD5IwdSJk2sdJPpxXTSzhv_X25aXNdBWIM92zyEr_XL6s_UksKpetkNI0CfK4Mko7d1IItECdLP0XUMG6_ahxdWd9VsG_Jx6bBMmoNsAqzOJ5LF9DvEkJsJC0g661J8Z7TCK0HvnmwQI3rNSmbGJfcIqAQSPnjMvQhWPkEQju9-g0JOd4fBTV5DHbB5EyN_xbXg3YLKAdDm0mZiVyd78gGDNxUbWJyve1DOalDarYBrH-9kFgTPe3VYvRVuhOF5YWRP9YIC2rgvSDnwYx9XPG1oxMwpixvOAFXYSpLDBWsj4YhKjGV7-MGrAOOary0aItYlTjtB0Z-YwsjmNoMvk8ynhOrNdxWjL6nRKkWvG3xpfS6zC0htAxtknGWDlRcihDR6zDnnhxbOLnimlfRo7KCNai7fu3LLKkbgFMS50_1PlStYYHmtdF_0IUG57iLj8MxEnzJOfJecqdeLaVX80SX3FXc3A_-C82oULSBv2G4y3_7j8gUVSz_ug44W-QhytPWSHNL-1-UBCbTKu5mhPzUEvAd4NkA77zoyakmo-IKqYIfhpRvhRxtmZE1zRFjjg6M4DKrxjONT8UiwOFniCjrX_XA6MBvDkuv0i5wV6nMDNYhyGjSxwpbiL5K9PBRW5IDbj2E50yhqt2hcF67ruGq7FS9xRmT8EmyLUFPkKpoDYmzvWpPjRn2w1MoCp3CpzufvQTSltAiTlj-7Dpyi-CKV9c63YMP7_IbRUVB-SBymDPx2PTcZcI1w5nXyo_B4YXAReEPG7Q0vHtvA8DVSqL2aTSloga2u7DJ2u6PmtnG-ickxbVIP_uQaUaAj_edhfNyTczkOOgNrmSast3BkbBVg-XdVzivi6p-_rNwPSGw7V2JLoS5O8rpGrmJZ1S5Z0qn0IqpTJhtuSSEL-Q8AMZfYBm8RvaDUBYaqqaLXJipIV2rxyFAgU1fftAbChal5ggSGAr8xz10mHxBnvITwDtgwcC29EZMPKTy3M5m1mhrwkXzBfhT6dAEOEm54TPBZ9gMiiXQ9IzUqrq0kKH_LHXsdG9pOE7RGasrKzKwbsro8C53VMUxFRuXod4vcvrmem3ULmfVKAoLycX9U2s5EpVV0Ym6vYJpW1TqjcRy1mUDh4TMZ8ZtiCYSLvN9-j_3acxDyaUU2rRO4O8UJYXZzqvwE5uwVRDQ3dFtNM-Nte22djXJAx6aWQcZBD3KXL-lWdKSwv3JiAAS54q6mYVeYvrFGvN3Xu9f4NK6I51DSkwpT0_RngyZfsaEFtwwdHVjdkw3d6g8jo5EySM7TkJIytQi91f-sKrEZkkOw3e-k18b-cpM0vLZx0HqoCqu8XC7OVvktQ5VRFoi3lS2ooJk2SgYl2eHfSPknLhZBRFIe0SlEtuyWFUX8240p9BjEisHcXdE9fx1rjyOnfTFHQjucCTiU2t4G_q5AKcSSJkaXnQDD5ASpx7E7riX3AKvCSbidnBK2plNr2W9ucmmDUILK_9l4ToIjKMjoYI6MREERQxs0joq5RU6y0meXhlMfDdppP5whX7Ugnyv_eZKIcrcOg8wx5bllsnuPm5X_-wDI72udTciASARvTkzY-82OE5LxkVoA3KopD2Ov5_ivVLLp3nef3uhfWrXmwcau463D5xCqThvKUpMU3tFExKnwnqKmijitYepX4rfKl8BM1zYL5juah6rNlE-930Z7fUnzKHadU9Dt4UutSfuBVMoiCwokMbzftLhoOespf-CQ5nnZEOkN5n5fWE9o52tsaIXwMpGXP7htr0-iAx51Z-idiSJo9JfSBkK7i155gJ1Fi764Nivi6igr8PZevZ-3YvNMqrm2ua8mBP5MMFNd0UsuggWMypvhjYk03Nguc2RzmM7AN-AqLqaEIg6e4_UX0xisTuPiPuEgOo-izQsR_eoZB2UrZX7GwxugBhTDfYTr_5gEidbjBy0UzFzy1SfHdAqFIz2qGfsU8c8s4wt-VORvFAJo18_86Zar4qO4F9ZF84Og29GnBjxASesLCn6p5DO7Pxslib-2d_-cOntfLfjvEQwwWantf653kw0em8ZqfSebYdstq7aVvwr4ip3wHN4fNn16juqvbFcUHSprytYTtNazxsMUAhxKT5fEMHdShROg3hIl1T0q9Xj9_5fXAmVxKNM7-y-BmcQPAC6dYd8fuUkP5_a6cmvKdPu_T5LykdEvcfayIgnkPlropRAjYs6Xx3Ny8K7QY_MbCjdHGJjrnZtwYJq3vLGbYHM_BjKTNypEzmVRWD7OHXBZWgQQ6CHktSqhKH8wtMJI6wW1_bFl_pHOS51a6MOyjNdSjwDET4byANTEkcewcUOZNK0mhTHpozGNg3DobYX8Y3Del6_s_9k&cid=CAASJeRoYuF935clzzv_NiiodzhMtHFVn8arSZgj3WgfzlM36hfL8_U&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:42:17 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame C48E 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6iXqjoxs-wEDSBdNkFZmHLp17j5CmJ1or9uxWOmOOlNlEDSdfeIbvjGWAqKdFSdR-aiNnVdtpFSk73XlvOrhB_tb72w&cry=1&dbm_d=AKAmf-AmO9Ijc4szhjGJ0Ylxl0nSM2NV2cQIvWmnZjhTrkASj2ikvA6pnz_dbNSST43G7bM6oNtgyVEw8hT6xrA405qnWa1gtblNACpuVd0w55SXiRyBdK8JEwD-D7kn5XpHEazE1H9PKxcl8q7isgpA2-KdT_G7COKWQh_V7hD4bbJbhTZ43c_69wwkCKVRqXlqDUNGmgE6PKEvlItq4O8_LwwrDe9wFbjrWjOUc5TOA9tDwOpH_VwLTBk1aSZIZftROBAPwy58kVJDWkLSTJE8qJTXvUMa1Yr_Lf1IVH_rOf-RmpdQVeUpwBVHhZz0DmFOUEvvVLfv9bCPY-56VyP4OJ_FKO_r-otjyxFwtQvE4FUheGZgQ3JXy-XO1FreXTVbGUSFTIIidOsze3aO5OwTilpegnnkYReeXmFbENUb8TKFZLTHg2odGHpu7wm95ejRFfh2v1yeP6pM__HMO8Te-UvG97EkVWBSCyl_uu8Exa_LrLsrXnEf2I8-777L5gxnwplPs994TH-R0ryC9pw2gNsATUDNc_7e-RaEZmddUxvLDiu2p7lpcxQlsnH8t03w5ab7hSp6uBiL_UTtRwZsUHwD9xEzcE0s_Yp7zDzk21Y5t5_hQunMeYs7HDZkj-onPbROjXeCaiz-8XKrCBQ-BF854ncmTuDFHOCkuiWFHD05F36K2IL3EMR44A4ES44fMIH04zYGAI3_ii0UlT8xZt2i5wkawQkxH3cLfla72SwrnEvy62hlS3D8KNTfw2jqH4m529yZQE7JHtw3orwm9OUiWOTx-ITU0GKjgmJD0mkYs_LcYYFZhntAGAppoXS3zKjhFLlhNuKD5IwdSJk2sdJPpxXTSzhv_X25aXNdBWIM92zyEr_XL6s_UksKpetkNI0CfK4Mko7d1IItECdLP0XUMG6_ahxdWd9VsG_Jx6bBMmoNsAqzOJ5LF9DvEkJsJC0g661J8Z7TCK0HvnmwQI3rNSmbGJfcIqAQSPnjMvQhWPkEQju9-g0JOd4fBTV5DHbB5EyN_xbXg3YLKAdDm0mZiVyd78gGDNxUbWJyve1DOalDarYBrH-9kFgTPe3VYvRVuhOF5YWRP9YIC2rgvSDnwYx9XPG1oxMwpixvOAFXYSpLDBWsj4YhKjGV7-MGrAOOary0aItYlTjtB0Z-YwsjmNoMvk8ynhOrNdxWjL6nRKkWvG3xpfS6zC0htAxtknGWDlRcihDR6zDnnhxbOLnimlfRo7KCNai7fu3LLKkbgFMS50_1PlStYYHmtdF_0IUG57iLj8MxEnzJOfJecqdeLaVX80SX3FXc3A_-C82oULSBv2G4y3_7j8gUVSz_ug44W-QhytPWSHNL-1-UBCbTKu5mhPzUEvAd4NkA77zoyakmo-IKqYIfhpRvhRxtmZE1zRFjjg6M4DKrxjONT8UiwOFniCjrX_XA6MBvDkuv0i5wV6nMDNYhyGjSxwpbiL5K9PBRW5IDbj2E50yhqt2hcF67ruGq7FS9xRmT8EmyLUFPkKpoDYmzvWpPjRn2w1MoCp3CpzufvQTSltAiTlj-7Dpyi-CKV9c63YMP7_IbRUVB-SBymDPx2PTcZcI1w5nXyo_B4YXAReEPG7Q0vHtvA8DVSqL2aTSloga2u7DJ2u6PmtnG-ickxbVIP_uQaUaAj_edhfNyTczkOOgNrmSast3BkbBVg-XdVzivi6p-_rNwPSGw7V2JLoS5O8rpGrmJZ1S5Z0qn0IqpTJhtuSSEL-Q8AMZfYBm8RvaDUBYaqqaLXJipIV2rxyFAgU1fftAbChal5ggSGAr8xz10mHxBnvITwDtgwcC29EZMPKTy3M5m1mhrwkXzBfhT6dAEOEm54TPBZ9gMiiXQ9IzUqrq0kKH_LHXsdG9pOE7RGasrKzKwbsro8C53VMUxFRuXod4vcvrmem3ULmfVKAoLycX9U2s5EpVV0Ym6vYJpW1TqjcRy1mUDh4TMZ8ZtiCYSLvN9-j_3acxDyaUU2rRO4O8UJYXZzqvwE5uwVRDQ3dFtNM-Nte22djXJAx6aWQcZBD3KXL-lWdKSwv3JiAAS54q6mYVeYvrFGvN3Xu9f4NK6I51DSkwpT0_RngyZfsaEFtwwdHVjdkw3d6g8jo5EySM7TkJIytQi91f-sKrEZkkOw3e-k18b-cpM0vLZx0HqoCqu8XC7OVvktQ5VRFoi3lS2ooJk2SgYl2eHfSPknLhZBRFIe0SlEtuyWFUX8240p9BjEisHcXdE9fx1rjyOnfTFHQjucCTiU2t4G_q5AKcSSJkaXnQDD5ASpx7E7riX3AKvCSbidnBK2plNr2W9ucmmDUILK_9l4ToIjKMjoYI6MREERQxs0joq5RU6y0meXhlMfDdppP5whX7Ugnyv_eZKIcrcOg8wx5bllsnuPm5X_-wDI72udTciASARvTkzY-82OE5LxkVoA3KopD2Ov5_ivVLLp3nef3uhfWrXmwcau463D5xCqThvKUpMU3tFExKnwnqKmijitYepX4rfKl8BM1zYL5juah6rNlE-930Z7fUnzKHadU9Dt4UutSfuBVMoiCwokMbzftLhoOespf-CQ5nnZEOkN5n5fWE9o52tsaIXwMpGXP7htr0-iAx51Z-idiSJo9JfSBkK7i155gJ1Fi764Nivi6igr8PZevZ-3YvNMqrm2ua8mBP5MMFNd0UsuggWMypvhjYk03Nguc2RzmM7AN-AqLqaEIg6e4_UX0xisTuPiPuEgOo-izQsR_eoZB2UrZX7GwxugBhTDfYTr_5gEidbjBy0UzFzy1SfHdAqFIz2qGfsU8c8s4wt-VORvFAJo18_86Zar4qO4F9ZF84Og29GnBjxASesLCn6p5DO7Pxslib-2d_-cOntfLfjvEQwwWantf653kw0em8ZqfSebYdstq7aVvwr4ip3wHN4fNn16juqvbFcUHSprytYTtNazxsMUAhxKT5fEMHdShROg3hIl1T0q9Xj9_5fXAmVxKNM7-y-BmcQPAC6dYd8fuUkP5_a6cmvKdPu_T5LykdEvcfayIgnkPlropRAjYs6Xx3Ny8K7QY_MbCjdHGJjrnZtwYJq3vLGbYHM_BjKTNypEzmVRWD7OHXBZWgQQ6CHktSqhKH8wtMJI6wW1_bFl_pHOS51a6MOyjNdSjwDET4byANTEkcewcUOZNK0mhTHpozGNg3DobYX8Y3Del6_s_9k&cid=CAASJeRoYuF935clzzv_NiiodzhMtHFVn8arSZgj3WgfzlM36hfL8_U&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 04:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5537
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 04:12:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B77F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
31753
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 20:55:08 GMT
etag
48472445140208031
expires
Sat, 20 Aug 2022 20:55:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame A2B1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 21:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
289653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:16:48 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 2320 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 21:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
289653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:16:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D590 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 22:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 22:05:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7C67 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
31753
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 20:55:08 GMT
etag
48472445140208031
expires
Sat, 20 Aug 2022 20:55:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D590 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83cd5b5ee5caf9aeb5430ad97e146c6e8820396aea5ae41c00401d97e6f11431

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 79AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=2385548402192098&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame CE50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081801&jk=2115091291420178&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C48E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 22:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 22:05:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3326 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
31753
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 20:55:08 GMT
etag
48472445140208031
expires
Sat, 20 Aug 2022 20:55:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C48E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
728709bb752d1283ec57290b7343f81e5b38e27516d90f9eacc60b28242ad17c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1C25 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74065ce015044360dcb6423a2cb498a5a6697ebe541249b387d6323cdad85b24

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 1C25 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 19:51:22 GMT
x-content-type-options
nosniff
age
381180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 19:51:22 GMT
i.match
s.tribalfusion.com/z/ Frame B77F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GR...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1...
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GRMu6371mnHdDLV6YakzvhQpG_NGxZVTyMfnY6T9-006DS8eqhDYdEic&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GRMu6371mnHdDLV6YakzvhQpG_NGxZVTyMfnY6T9-006DS8eqhDYdEic%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73d8d113bf91a93b-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
396
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73d8d1120dcfa93b-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GRMu6371mnHdDLV6YakzvhQpG_NGxZVTyMfnY6T9-006DS8eqhDYdEic&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CfFilSBUbSY9gvwF_324xl7pMC9zLEiNL_turks1HNSpIedwUC9Yl9hSG4D5LZXc6HYDZdBUG0vMT-NIy8K5i7MonkvH1GRMu6371mnHdDLV6YakzvhQpG_NGxZVTyMfnY6T9-006DS8eqhDYdEic%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B77F
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEDbBGY_ohpV28_xop9eLsDY&google_cver=1&google_push=AehlK4D9CCbmlBOZCk1_ntfedmbXyIm6xcTDbnEz4g8Wyub_nJHRgf_YbEzMa4zlFNaZwoQKd8aO2A_9sK4YSosTpE9NVjEYsNRd2ZjM_...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UzZtTC0yVU9EMVNqT0RheXRuUUFZdw%3D%3D&google_push=AehlK4D9CCbmlBOZCk1_ntfedmbXyIm6xcTDbnEz4g8Wyub_nJHRgf_YbEzMa4zlFNaZwoQKd8aO2A_9sK4YS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UzZtTC0yVU9EMVNqT0RheXRuUUFZdw%3D%3D&google_push=AehlK4D9CCbmlBOZCk1_ntfedmbXyIm6xcTDbnEz4g8Wyub_nJHRgf_YbEzMa4zlFNaZwoQKd8aO2A_9sK4YSosTpE9NVjEYsNRd2ZjM_KCtAInjgVt03HbdFg48E3Pi3hCW30vJPAamq3iseJIeYLJdq4g
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UzZtTC0yVU9EMVNqT0RheXRuUUFZdw%3D%3D&google_push=AehlK4D9CCbmlBOZCk1_ntfedmbXyIm6xcTDbnEz4g8Wyub_nJHRgf_YbEzMa4zlFNaZwoQKd8aO2A_9sK4YSosTpE9NVjEYsNRd2ZjM_KCtAInjgVt03HbdFg48E3Pi3hCW30vJPAamq3iseJIeYLJdq4g
date
Sat, 20 Aug 2022 05:44:22 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
298
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
us.php
c.eu1.dyntrk.com/adx/ga/ Frame B77F 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELf1aISViNxuZC42VgRNCqQ&google_cver=1&google_push=AehlK4B7QkRIXM4I-U0nGv95ROLzu_S4yKFwieeLjRjSTjwWu07MWP8Uwxc9JBK5sxyRThqZOe6MZXsjhXjDlJsef3C5-JlVUOnZY69XYArfoKWWwuU1MMLfBzsnZ7qnsNMHe5hCDwLskOJqPdCqQzHVCJ0
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.80.92 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3011863.ip-162-19-80.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
pixel
cm.g.doubleclick.net/ Frame B77F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAw71mgh89urcL4QPK9lbWw&google_cver=1&google_push=AehlK4CEhH9Y72uoIEvOXFlm3CRbRIiMR4Iis7SrwNlFaHJEK4szovJAxRmc-Nd_tIR3RnsXX8PwbOgRKlJOVJF...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aQFb4wAVQVlNE1Vbf-jWSK310SE&google_push=AehlK4CEhH9Y72uoIEvOXFlm3CRbRIiMR4Iis7SrwNlFaHJEK4szovJAxRmc-Nd_tIR3RnsXX8PwbOgRKlJOVJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aQFb4wAVQVlNE1Vbf-jWSK310SE&google_push=AehlK4CEhH9Y72uoIEvOXFlm3CRbRIiMR4Iis7SrwNlFaHJEK4szovJAxRmc-Nd_tIR3RnsXX8PwbOgRKlJOVJFP6wvlpqmQ_RskFBYKxt8AAnNwX7LcBX3w2Vg9ejdjjzkO1itIiduVP-L3cGA1SxvERQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=aQFb4wAVQVlNE1Vbf-jWSK310SE&google_push=AehlK4CEhH9Y72uoIEvOXFlm3CRbRIiMR4Iis7SrwNlFaHJEK4szovJAxRmc-Nd_tIR3RnsXX8PwbOgRKlJOVJFP6wvlpqmQ_RskFBYKxt8AAnNwX7LcBX3w2Vg9ejdjjzkO1itIiduVP-L3cGA1SxvERQ
Date
Sat, 20 Aug 2022 05:44:22 GMT
Connection
keep-alive
Content-Length
296
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame B77F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELQ6xklS2hZBYlfiFCpuYtU&google_cver=1&google_push=AehlK4DCKezacPP2O03VWnWaGSnkrfldSc3BDsw-S25F8vZBRUeBm93tlPl1RrxI4pY0RO8C9atKqZQGyu7k...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DCKezacPP2O03VWnWaGSnkrfldSc3BDsw-S25F8vZBRUeBm93tlPl1RrxI4pY0RO8C9atKqZQGyu7k-BXNZvpJ0m1RCPHkg7a7CTnu2CDN7qUZ_up7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DCKezacPP2O03VWnWaGSnkrfldSc3BDsw-S25F8vZBRUeBm93tlPl1RrxI4pY0RO8C9atKqZQGyu7k-BXNZvpJ0m1RCPHkg7a7CTnu2CDN7qUZ_up7-LSI1qYmU76SaCR0z1QF-eZIwJMRysnLIeA
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DCKezacPP2O03VWnWaGSnkrfldSc3BDsw-S25F8vZBRUeBm93tlPl1RrxI4pY0RO8C9atKqZQGyu7k-BXNZvpJ0m1RCPHkg7a7CTnu2CDN7qUZ_up7-LSI1qYmU76SaCR0z1QF-eZIwJMRysnLIeA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame B77F
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEB7QAHSjXgddlClIVQ0d_0Y&google_cver=1&google_push=AehlK4AGb1b6OlpxJAjNMfBCyZAM2sWgRN_1m03vZ21eIiLsUNg7QVqeaC8f-21TQnf8-7v_cFrdXBMFL9PWiirMJ19zfw2tJGC...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AGb1b6OlpxJAjNMfBCyZAM2sWgRN_1m03vZ21eIiLsUNg7QVqeaC8f-21TQnf8-7v_cFrdXBMFL9PWiirMJ19zfw2tJGC6iBdASqxtMGbVh8itz3xHk6gmvvpdlXs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AGb1b6OlpxJAjNMfBCyZAM2sWgRN_1m03vZ21eIiLsUNg7QVqeaC8f-21TQnf8-7v_cFrdXBMFL9PWiirMJ19zfw2tJGC6iBdASqxtMGbVh8itz3xHk6gmvvpdlXsk6iWK459vqif79h-_ZO-NA-M&google_hm=ZzlmODM4ZmM1MTJhN2VkMzUyZWY=
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AGb1b6OlpxJAjNMfBCyZAM2sWgRN_1m03vZ21eIiLsUNg7QVqeaC8f-21TQnf8-7v_cFrdXBMFL9PWiirMJ19zfw2tJGC6iBdASqxtMGbVh8itz3xHk6gmvvpdlXsk6iWK459vqif79h-_ZO-NA-M&google_hm=ZzlmODM4ZmM1MTJhN2VkMzUyZWY=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame B77F 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEPiTI4q5EA17JXEEpQ0Moww&google_cver=1&google_push=AehlK4BvUx9M-6A9__QoXAglrl_z2eJPFOLiWXNJMkGhSbLUFX7rXkvvQp3EZOhorO0IAbPVEOrUYJTI9nZut6KA7FpJmvzWJ4JZ1B3kOTqGwCzpL49CsOpRGBs-AfgfrpOYVKAE7PTDFPrJXwdEwyQ0K1A
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame B77F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRPCIRlY1zuRMuAZ5jg6Y-94heHyJz06TrWc-UqZnOJT_3C5a0UNwfuS1JnOTtclhA0lRe
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Aug 2022 05:44:22 GMT
pixel
cm.g.doubleclick.net/ Frame 7C67
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI6H7_DK6_r8OA-WEFXdQyI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI6H7_DK6_r8OA-WEFXdQyI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d1hlMHRBV2kxT3BoaHM1&google_gid=CAESEI6H7_DK6_r8OA-WEFXdQyI&google_cver=1&google_push=AehlK4CRgA5qSYqk50I1UrDj5gwaydhSwC7LmWoQynYD8wD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d1hlMHRBV2kxT3BoaHM1&google_gid=CAESEI6H7_DK6_r8OA-WEFXdQyI&google_cver=1&google_push=AehlK4CRgA5qSYqk50I1UrDj5gwaydhSwC7LmWoQynYD8wDbuiWopYJZ4Z-GhEg7mcF4YI2sUhgiwNV74bKWgl413uDofrC8uLsbH99NoycW-hMLJYHLs1snIv8g_kTpfGjrgqSboQE8Rw
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:21 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-04d2d43691b0ba1ae@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d1hlMHRBV2kxT3BoaHM1&google_gid=CAESEI6H7_DK6_r8OA-WEFXdQyI&google_cver=1&google_push=AehlK4CRgA5qSYqk50I1UrDj5gwaydhSwC7LmWoQynYD8wDbuiWopYJZ4Z-GhEg7mcF4YI2sUhgiwNV74bKWgl413uDofrC8uLsbH99NoycW-hMLJYHLs1snIv8g_kTpfGjrgqSboQE8Rw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 7C67
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfn...
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF3ULOjhzeaJgrdeVe_0wnEYsAvFAF0_XRtQWAp3T3g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF3ULOjhzeaJgrdeVe_0wnEYsAvFAF0_XRtQWAp3T3g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73d8d113bf92a93b-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2729
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73d8d1120dd1a93b-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqk2y8M3kde82sxffrVBPg&google_cver=1&google_push=AehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF3ULOjhzeaJgrdeVe_0wnEYsAvFAF0_XRtQWAp3T3g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CIk9eYs8DaRJLQIVioCD1dft8yskiVy1GU9G5T3p3qyE5oebx7QwE-1FMn4K2LN4QfhLaofjTUVJvQ_tYqaH2eTHhpmfnZF3ULOjhzeaJgrdeVe_0wnEYsAvFAF0_XRtQWAp3T3g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C67
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEHmoc8V_Uj01yOu54chvit4&google_cver=1&google_push=AehlK4B7lkMALvz8O2JaR_F5-SNGSowpkPNEpQfSBBfaw6038w3mVfpI8tagZbhrv1J_j3YT2AEMVya...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4B7lkMALvz8O2JaR_F5-SNGSowpkPNEpQfSBBfaw6038w3mVfpI8tagZbhrv1J_j3YT2AEMVyan_61FEMp_8SoV7h1a3ASOoReS_PbA8lAoS5r2wYU_3qO_H5Y5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4B7lkMALvz8O2JaR_F5-SNGSowpkPNEpQfSBBfaw6038w3mVfpI8tagZbhrv1J_j3YT2AEMVyan_61FEMp_8SoV7h1a3ASOoReS_PbA8lAoS5r2wYU_3qO_H5Y5Dp_O1Ua43E1t&google_hm=-XES3AxEQ0eOQSu-nB0u2SE
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4B7lkMALvz8O2JaR_F5-SNGSowpkPNEpQfSBBfaw6038w3mVfpI8tagZbhrv1J_j3YT2AEMVyan_61FEMp_8SoV7h1a3ASOoReS_PbA8lAoS5r2wYU_3qO_H5Y5Dp_O1Ua43E1t&google_hm=-XES3AxEQ0eOQSu-nB0u2SE
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C67
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEOGm8awZHrw3ieF-pn-8Zb4&google_cver=1&google_push=AehlK4CbT2qhcIJw_2vHIISqXgAuKxZtRy-ec3_LRRxo2sxTU_dVnBQYmDk-BuNxCbPlB_UuGhlc5...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4CbT2qhcIJw_2vHIISqXgAuKxZtRy-ec3_LRRxo2sxTU_dVnBQYmDk-BuNxCbPlB_UuGhlc5ouzqRXWigq2tA7B6PKiOms86ymo_Q8qXvr_YIYL7GhJrd2n1a8JEo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4CbT2qhcIJw_2vHIISqXgAuKxZtRy-ec3_LRRxo2sxTU_dVnBQYmDk-BuNxCbPlB_UuGhlc5ouzqRXWigq2tA7B6PKiOms86ymo_Q8qXvr_YIYL7GhJrd2n1a8JEozklY8iMyl0gg&google_hm=c3hXN3JqV1RFcVNHQWhYanFnUG5pRUhCbWo0&from_google=sp1
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:22 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4CbT2qhcIJw_2vHIISqXgAuKxZtRy-ec3_LRRxo2sxTU_dVnBQYmDk-BuNxCbPlB_UuGhlc5ouzqRXWigq2tA7B6PKiOms86ymo_Q8qXvr_YIYL7GhJrd2n1a8JEozklY8iMyl0gg&google_hm=c3hXN3JqV1RFcVNHQWhYanFnUG5pRUhCbWo0&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 7C67
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEJipcZr6KJ9yCydgVfaERlY&google_cver=1&google_push=AehlK4DLmLNrgjpGgbKUvTxXlgbV5bgk1KrEarytJPq-1PRdPEHBkTrQ7JWB6Pj8EMuaS1KeI8UQlFB1cSwd_LtThpVcR3AOkE4O96zL...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjE4QkIyM0QxRUU4RDIyQQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjE4QkIyM0QxRUU4RDIyQQ==
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjE4QkIyM0QxRUU4RDIyQQ==
date
Sat, 20 Aug 2022 05:44:22 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 7C67 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEPiTI4q5EA17JXEEpQ0Moww&google_cver=1&google_push=AehlK4C0b6u5VViIezRhkIYol7TR_3lps5YNoS0Tor2rYbqc5gBFKX9tOViP1OfZ4ZGwDpL4dITiKeyiNhQwvp_SwqwxYKdkRpLCztce8BAj613kQeE0mtRxcyJD9hn8IQATk1bUQVoV
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
spacer.gif
an.yandex.ru/resource/ Frame 7C67
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEHDym3Xfa-FifKC093yLa6g?ext-param=AehlK4CAEdrjc0yXC6cKiHGpdwABPwcS-wpcUKmrXGOb6bieG-LwoJO-HAgrC0X7F-oa7kTFjO35-8Z7L0w2X309-xiLAWRzPigM0_91Q6gTnPdX0tRQ6J2bFi2G...
  • https://an.yandex.ru/mapuid/google/CAESEHDym3Xfa-FifKC093yLa6g?redir-setuniq=1&ext-param=AehlK4CAEdrjc0yXC6cKiHGpdwABPwcS-wpcUKmrXGOb6bieG-LwoJO-HAgrC0X7F-oa7kTFjO35-8Z7L0w2X309-xiLAWRzPigM0_91Q6gT...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEHDym3Xfa-FifKC093yLa6g&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:24 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Sat, 05 Aug 2023 05:44:24 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7C67 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYu0og1UEfy6O1EZtox2ikWXrD9IfPhBTYEHSSlVfjuhLH9Z7bBYecteA7OZx8gcTr-5zU4w
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
smtr
contextual.media.net/ Frame 1439 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=131738877&size=336x280&cc=AU&chnm=HARMONY&pid=8POHZR87R&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1660974261987125843&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44eaxNq4e&bcpf=B44eax8fOnRrolnfOur8Nq4e&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p1162629177t202208200544&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd44867c62e54c1e0ea6f78bdab55fb5f5da37e1433b789a1cfce226b22ff70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sat, 20 Aug 2022 05:44:22 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-jk56
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33562
x-sc-w
22-zb1w
bping.php
lg3.media.net/ Frame 1439 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=518&&vgd_cdv=781&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=131738877&vi=1660974261987125843&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886994965&r=1660974261996&requrl=https%3A%2F%2Fwww.bg3.co&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1660974261192702743&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p1162629177t202208200544&vgd_pgids=1&vgd_uspa=0&hvsid=00001660974261993029185682254426&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 20 Aug 2022 05:44:22 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=67745
content-length
15
checksync.php
contextual.media.net/ Frame 6ED8 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d9e838e11e53e28982fab39b9239fd02223517740e15a36d80cc781c2d2cfcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sat, 20 Aug 2022 05:44:22 GMT
expires
Mon, 22 Aug 2022 05:44:22 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 1439 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4436&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=0Gilto4pmO_HA7NOfw4BCw&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=4.0150777E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=336x280&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080807683300336028000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=12.0&adj0=0.0&tmax=300&s_ip=172.217.47.3&adj2=0.0&adj1=0.0&feedback_id=0Gilto4pmO_HA7NOfw4BCw&adtypes=0&mx_aabpc=0&reqid=0Gilto4pmO_HA7NOfw4BCw&sc=AU-NSW&sd=1&mowxReqId=30196797ecb44ba3a2bf596f4aa395cd_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1660974260076&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-131738877-34-13&coppa_enf=true&bdp=0.020&ct=Sydney&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=30196797ecb44ba3a2bf596f4aa395cd&actltime=19&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.011&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEH6y37mt5JNLabpebnM3gzQ&chnl=HARMONY&pst=0&reqsize=336x280&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1660974860331&lmt_status=N&reftype=0&prvAccId=131738877&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.011&pvdTmax=252&ltime=19.0&epc=131738877&ctr_vendor=EXCHANGE&prvReqId=9037990042285_1834818998_52982010441&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=26&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-jvq9f&currsrc_date=2022-08-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-20+05%3A44%3A20&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET7Dx1uZMMyIleAgHnhrOH_rcuz7UxVpVXX1OUvvpI0vkrWxGFBO2SZV6ft9u8io7VGM&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-qh8pw.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D472~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082000~iurl_b%3D63816.21~url_tkc%3D2~std%3D~last%3D~vis_url_b%3D0.17~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D74%2C74~et%3D9~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022081910~vis_b%3D166.93~url_b%3D0.02~url_tvi%3D1953~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D97335391a67a729904180958400b477a~sd%3D1~uid%3DaQw3JqVQWHmiX3ugh~btd%3D15749759548019670152535502477589427031368148274129145121892978740046573585367044~d2p_l%3D70~3pcf%3D1.65~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.96~ogd2p_b%3D0.93~vurl_b%3D0.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D22.01~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.95~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.81~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.011%7Edmm%3Dharmony%7Esuid%3DCAESEH6y37mt5JNLabpebnM3gzQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D4.0150777E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D252&utime=1934&sf=0&cpr=0.01391348091253497
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 20 Aug 2022 05:44:22 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 20 Aug 2022 11:44:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CDE5 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
31754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 20:55:08 GMT
etag
48472445140208031
expires
Sat, 20 Aug 2022 20:55:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame A2B1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6Ru6gQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3326
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHQWEcnPEuAkPLVk465sJV4&google_cver=1&google_push=AehlK4Bk_PZe7yIHRI8vnuki8pb6EJWUAoW3jlWdxLkgJJ_Dk2o6URzK-21sCKfigGnoC0AKynn12AjpQa0U-Tfy...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4Bk_PZe7yIHRI8vnuki8pb6EJWUAoW3jlWdxLkgJJ_Dk2o6URzK-21sCKfigGnoC0AKynn12AjpQa0U-TfyrMISIR2DHt_N
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4Bk_PZe7yIHRI8vnuki8pb6EJWUAoW3jlWdxLkgJJ_Dk2o6URzK-21sCKfigGnoC0AKynn12AjpQa0U-TfyrMISIR2DHt_N
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 20 Aug 2022 05:44:22 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4Bk_PZe7yIHRI8vnuki8pb6EJWUAoW3jlWdxLkgJJ_Dk2o6URzK-21sCKfigGnoC0AKynn12AjpQa0U-TfyrMISIR2DHt_N
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 20 Aug 2022 05:44:21 GMT
pixel
cm.g.doubleclick.net/ Frame 3326
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAIovLYeNoYvaThqqRwzaFI&google_cver=1&google_push=AehlK4AktMEE1EICx4MorTaEmmfvsiXVcpBNc9fQoQrUF2nZj2C8tamGoEnPh_YYj88pAyBOOzl8etAlHUvuH...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAIovLYeNoYvaThqqRwzaFI&google_push=AehlK4AktMEE1EICx4MorTaEmmfvsiXVcpBNc9fQoQrUF2nZj2C8tamGoEnPh_YYj88pAyBOOzl8etAlHUvuH...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4AktMEE1EICx4MorTaEmmfvsiXVcpBNc9fQoQrUF2nZj2C8tamGoEnPh_YYj88pAyBOOzl8etAlHUvuHeBiIzflDcN1nmNe&google_hm=V1hnVWN6cWlITFlxVHlx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4AktMEE1EICx4MorTaEmmfvsiXVcpBNc9fQoQrUF2nZj2C8tamGoEnPh_YYj88pAyBOOzl8etAlHUvuHeBiIzflDcN1nmNe&google_hm=V1hnVWN6cWlITFlxVHlxR0NzUEc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4AktMEE1EICx4MorTaEmmfvsiXVcpBNc9fQoQrUF2nZj2C8tamGoEnPh_YYj88pAyBOOzl8etAlHUvuHeBiIzflDcN1nmNe&google_hm=V1hnVWN6cWlITFlxVHlxR0NzUEc=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3326
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAw71mgh89urcL4QPK9lbWw&google_cver=1&google_push=AehlK4CD5qF7Yb4wjUnUKl0QMMUh-u3dRxtsiAz156SuFpquVCaDnwJv3gGj8tiAnGiLoJ62foX6p6NO6Finq0m...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1fsb_4LITzFVK7fqptfW0a310SE&google_push=AehlK4CD5qF7Yb4wjUnUKl0QMMUh-u3dRxtsiAz156SuFpquVCaDnwJv3gGj8tiAnGiLoJ62foX6p6NO6Finq0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1fsb_4LITzFVK7fqptfW0a310SE&google_push=AehlK4CD5qF7Yb4wjUnUKl0QMMUh-u3dRxtsiAz156SuFpquVCaDnwJv3gGj8tiAnGiLoJ62foX6p6NO6Finq0muSVnW46JKBaA6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1fsb_4LITzFVK7fqptfW0a310SE&google_push=AehlK4CD5qF7Yb4wjUnUKl0QMMUh-u3dRxtsiAz156SuFpquVCaDnwJv3gGj8tiAnGiLoJ62foX6p6NO6Finq0muSVnW46JKBaA6
Date
Sat, 20 Aug 2022 05:44:23 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 3326
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJIx59iTaYiXKwSP2-IAgYY&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJIx59iTaYiXKwSP2-IAgYY&google_hm=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&google_nid=index&google_push=AehlK4CvzYEn2s8DPAE86KhkMQ8oAs4tDxmmg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJIx59iTaYiXKwSP2-IAgYY&google_hm=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&google_nid=index&google_push=AehlK4CvzYEn2s8DPAE86KhkMQ8oAs4tDxmmgtkSoLWibAymVfE6u3SUVwAE_NrKpqsw5v1XVXr5johALS2FFIIKyPU3wdRXIUw
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TF8HBA812J4QjosQ7X9pO1mcvpCTEriHOoP1amF%2B1Wkeuk5tooGIMAPeZSZkrCXeLy3kNYGr1btw0fru7LZypq%2BpItj0NkruPDREtEjnxT%2FLa8aY35jxokdPFdwrx1D5KDqWu4UHzxvGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJIx59iTaYiXKwSP2-IAgYY&google_hm=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&google_nid=index&google_push=AehlK4CvzYEn2s8DPAE86KhkMQ8oAs4tDxmmgtkSoLWibAymVfE6u3SUVwAE_NrKpqsw5v1XVXr5johALS2FFIIKyPU3wdRXIUw
cache-control
no-cache
cf-ray
73d8d1136aa7a7f9-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 3326
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEB7QAHSjXgddlClIVQ0d_0Y&google_cver=1&google_push=AehlK4AZ37S7obDoc98A84tqusEj8kJVhPy-uhPKbf1i9ejmtwVZQ-LVFg65TfFje49KUqO7MkXrKlsl0okFYTo03y_VeL9C1vg
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AZ37S7obDoc98A84tqusEj8kJVhPy-uhPKbf1i9ejmtwVZQ-LVFg65TfFje49KUqO7MkXrKlsl0okFYTo03y_VeL9C1vg&google_hm=ZzEwYmIxZDdjYjYxYzQ1Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AZ37S7obDoc98A84tqusEj8kJVhPy-uhPKbf1i9ejmtwVZQ-LVFg65TfFje49KUqO7MkXrKlsl0okFYTo03y_VeL9C1vg&google_hm=ZzEwYmIxZDdjYjYxYzQ1ZjM0YjI=
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AZ37S7obDoc98A84tqusEj8kJVhPy-uhPKbf1i9ejmtwVZQ-LVFg65TfFje49KUqO7MkXrKlsl0okFYTo03y_VeL9C1vg&google_hm=ZzEwYmIxZDdjYjYxYzQ1ZjM0YjI=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3326
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENdpiGn1B3mJ-tDZrjabYTg&google_cver=1&google_push=AehlK4CWdbyrP1uvsS1BiGg5Hnjmd7hNxswh6bX1UtVMJLhK3Ekz_1c20rdps5cDOJVj8sulh54WoAbuHbF80lBoJrTFZAi9_ng
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CWdbyrP1uvsS1BiGg5Hnjmd7hNxswh6bX1UtVMJLhK3Ekz_1c20rdps5cDOJVj8sulh54WoAbuHbF80lBoJrTFZAi9_ng...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D&google_push=AehlK4CWdbyrP1uvsS1BiGg5Hnjmd7hNxswh6bX1UtVMJLhK3Ekz_1c2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D&google_push=AehlK4CWdbyrP1uvsS1BiGg5Hnjmd7hNxswh6bX1UtVMJLhK3Ekz_1c20rdps5cDOJVj8sulh54WoAbuHbF80lBoJrTFZAi9_ng
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D&google_push=AehlK4CWdbyrP1uvsS1BiGg5Hnjmd7hNxswh6bX1UtVMJLhK3Ekz_1c20rdps5cDOJVj8sulh54WoAbuHbF80lBoJrTFZAi9_ng
date
Sat, 20 Aug 2022 05:44:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gobRedirectFromId5
sync.inmobi.com/ Frame 3326
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEBZfSX7IBECshRB0BkKeSsI&google_cver=1&google_push=AehlK4Cvt2nfb7UafH8Eak_zClFZl7UDmZLt0rVNfwgTl7wEkeA7EiTyxCMV-5AzVLClQtndTIPvKxMHR1hyq5jglcTt4HOEZrrIwQ
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4Cvt2nfb7UafH8Eak_zClFZl7UDmZLt0rVNfwgTl7wEkeA7EiTyxCMV-5AzVLCl...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOF2ym3GvyhqheCBhZLTn6v7B_xIC_LYtCr9TTTA&google_push=AehlK4Cvt2nfb7UafH8Eak_zClFZl7UDmZLt0rVNfwgTl7wEkeA7EiTyxCMV-5AzVLClQtndTIPvKxMHR1hyq5jglcTt...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 3326 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEjqGmrT6AKsfcUplmvh0XXufJq5fAo9GaSCFx-ppoN_fHuZhes4fhwzQh56Ei3MAMrkfC2w
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 1439 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8fdec7ade53f6db530b7b1d57f6228b3f04ffa5e82214b8e108072e8c2e983b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 2320 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?x4Abmw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
smtr
contextual.media.net/ Frame E11A 		89 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&kwrf=https%3A%2F%2Fadx.holmesmind.com&nse=5&vi=1660974261839064983&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44eaxNq4e&bcpf=B44eaxNq48fOnRrolnfOur8e&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p1162629177t202208200544&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b5def0cb9e5f7cbbcb3a8da32fddc4199d875440fdf40e9423a4f75857b8f07f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sat, 20 Aug 2022 05:44:22 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-srlb
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33562
x-sc-w
22-kgqm
bping.php
lg3.media.net/ Frame E11A 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=556&&vgd_cdv=781&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1660974261839064983&ugd=4&lf=6&kwrf=https%3A%2F%2Fadx.holmesmind.com&cc=AU&sc=NSW&lper=100&wsip=2886994965&r=1660974262227&requrl=https%3A%2F%2Fwww.bg3.co&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1660974261103193179&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p1162629177t202208200544&vgd_pgids=1&vgd_uspa=0&hvsid=00001660974262224029185682257590&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 20 Aug 2022 05:44:22 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=67745
content-length
15
checksync.php
contextual.media.net/ Frame 88BA 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d9e838e11e53e28982fab39b9239fd02223517740e15a36d80cc781c2d2cfcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sat, 20 Aug 2022 05:44:22 GMT
expires
Mon, 22 Aug 2022 05:44:22 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame E11A 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4490&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=HcNd9eC_bCNTtnR3YS9FMw&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=4.0150777E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=10.0&adj0=0.0&tmax=300&s_ip=172.253.211.9&adj2=0.0&adj1=0.0&feedback_id=HcNd9eC_bCNTtnR3YS9FMw&adtypes=0&mx_aabpc=0&reqid=HcNd9eC_bCNTtnR3YS9FMw&sc=AU-NSW&sd=1&mowxReqId=09eda29977cd4c9e9c1ffdc3775c5bd0_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1660974260023&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-34-10&coppa_enf=true&bdp=0.020&ct=Sydney&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=09eda29977cd4c9e9c1ffdc3775c5bd0&actltime=18&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEOwT_wCbzlZ5N5FgjX_Ynng&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1660974860276&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.02&pvdTmax=255&ltime=18.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=15147494682425_615707528_52982010413131&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=21&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-6hq9c&currsrc_date=2022-08-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-20+05%3A44%3A20&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET5abQahEfIAWf39LEtoa9Z5MxQYKGuLA5_kD4CQ2H32q6yN2Qy5SDdBgj5R-i5cQIwc&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-z2msj.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D472~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082000~iurl_b%3D63816.21~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.16~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D74%2C74~et%3D8~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022081910~vis_b%3D142.33~url_b%3D0.02~url_tvi%3D2017~smm_wr%3D28.2661~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022081920~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw44gkDtDFyMubUi~btd%3D75035309251726826100623875879603895036700668951422443840734355736035534835089408~d2p_l%3D70~3pcf%3D0.86~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D0.96~ogd2p_b%3D0.93~vurl_b%3D0.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D18.5~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.95~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.26~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEOwT_wCbzlZ5N5FgjX_Ynng%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D4.0150777E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=2204&sf=0&cpr=0.7093514263577161
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 20 Aug 2022 05:44:22 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 20 Aug 2022 11:44:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9A0A 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
31754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 20:55:08 GMT
etag
48472445140208031
expires
Sat, 20 Aug 2022 20:55:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E11A 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bc869c95057ac1e84d2d2ae85bce2a0ff7108283010734d8b56a3b05037d84d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame CDE5
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ5yrcJQ6Uw6Lo9AtYAeCOM&google_cver=1&google_push=AehlK4BjdpFIomX8Qknd7vT_-xC4cIFl9saYYeZcLNhllATUHWgT-jJ...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=424dd8f4dd8e1ffe&is_secure=true&networkId=14000&version=1&google_gid=CAESEJ5yrcJQ6Uw6Lo9AtYAeCOM&google_cver=1&google_push=AehlK4BjdpFI...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJpBgGiEtWegMLOD9oAAAAAAA&expiration=1661060663&google_cver=1&is_secure=true&google_gid=CAESEJ5yrcJQ6Uw6Lo9AtYAeC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJpBgGiEtWegMLOD9oAAAAAAA&expiration=1661060663&google_cver=1&is_secure=true&google_gid=CAESEJ5yrcJQ6Uw6Lo9AtYAeCOM&google_push=AehlK4BjdpFIomX8Qknd7vT_-xC4cIFl9saYYeZcLNhllATUHWgT-jJCyLrGpihy1Y-Qpz9wABb1jvJXVK6s682jyUFv-BIO44Hy-ULzOgcaNwedeNX7J56cI4XHvEity5ifS7Q_4dw6sb83
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJpBgGiEtWegMLOD9oAAAAAAA&expiration=1661060663&google_cver=1&is_secure=true&google_gid=CAESEJ5yrcJQ6Uw6Lo9AtYAeCOM&google_push=AehlK4BjdpFIomX8Qknd7vT_-xC4cIFl9saYYeZcLNhllATUHWgT-jJCyLrGpihy1Y-Qpz9wABb1jvJXVK6s682jyUFv-BIO44Hy-ULzOgcaNwedeNX7J56cI4XHvEity5ifS7Q_4dw6sb83
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame CDE5
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEFFXLCeBK2XFNpUVv3gxtPw&google_cver=1&google_push=AehlK4CphzjA_7S4BIEWN_-h-U3rxnF6jU6PXYSkEmcU5LTxd3KTPgd0MCIqxiSXM5XFxyIzHgeOQNu...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4CphzjA_7S4BIEWN_-h-U3rxnF6jU6PXYSkEmcU5LTxd3KTPgd0MCIqxiSXM5XFxyIzHgeOQNuzT_9aHT06h-UO7C8xhiAj8axshU_ki1E2OC3766AESE_jplt_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4CphzjA_7S4BIEWN_-h-U3rxnF6jU6PXYSkEmcU5LTxd3KTPgd0MCIqxiSXM5XFxyIzHgeOQNuzT_9aHT06h-UO7C8xhiAj8axshU_ki1E2OC3766AESE_jplt_FmG7jWcsei8icklm&google_hm=jdtxf3iaQq6toSg6NaRrlCE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4CphzjA_7S4BIEWN_-h-U3rxnF6jU6PXYSkEmcU5LTxd3KTPgd0MCIqxiSXM5XFxyIzHgeOQNuzT_9aHT06h-UO7C8xhiAj8axshU_ki1E2OC3766AESE_jplt_FmG7jWcsei8icklm&google_hm=jdtxf3iaQq6toSg6NaRrlCE
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CDE5
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJFFhpsC3O1CjJxxGH4zLIM&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjgxZGQ4OGYtNGQ2YS00OWNlLWIyNDEtZTViMDI2NjU0YzM0&google_gid=CAESEJFFhpsC3O1CjJxxGH4zLIM&google_cver=1&google_push=AehlK4AD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjgxZGQ4OGYtNGQ2YS00OWNlLWIyNDEtZTViMDI2NjU0YzM0&google_gid=CAESEJFFhpsC3O1CjJxxGH4zLIM&google_cver=1&google_push=AehlK4ADx8jFe2DcOgUdlACJ535mB3uoRObBFolyCHCoJhVzqCl3uRdaNubgCzD8Lsl_NIApfrdNo7HsJPx8cNk-tbO9n8jyQk-SD_auMpTmDV75EaX6sNHCke3sEtaOWPbXZYPsjpBxwQrJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjgxZGQ4OGYtNGQ2YS00OWNlLWIyNDEtZTViMDI2NjU0YzM0&google_gid=CAESEJFFhpsC3O1CjJxxGH4zLIM&google_cver=1&google_push=AehlK4ADx8jFe2DcOgUdlACJ535mB3uoRObBFolyCHCoJhVzqCl3uRdaNubgCzD8Lsl_NIApfrdNo7HsJPx8cNk-tbO9n8jyQk-SD_auMpTmDV75EaX6sNHCke3sEtaOWPbXZYPsjpBxwQrJ
date
Sat, 20 Aug 2022 05:44:23 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame CDE5 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESELEV7SWzb_62z7z0Hk8zbq4&google_cver=1&google_push=AehlK4B_R8qx3zHFwpKihiK3Q-TY3hA5_rHiERZsAT0hoVy2CisjPAomA2EcQtV9AIYxAKeTxLxdPMu3bkwmIN2NZJ6USxVAIAJ7SnFbD3ZyRze4FHAPbGJ8Y3fHOddixXiVFSf1W1Ukze3O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Aug 2022 05:44:22 GMT
pixel
cm.g.doubleclick.net/ Frame CDE5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4DxiRZHXQ59I6k3ok5hWjiMXn8zuOPKzlAn-4F2l-mnCJbMYexSD6nSp3QtV7ofimOYklKmtJbCeQbJRyxSfa-R4igNaSkZMHvBwGfvYkB02_6W3KK36mjcgwDOxX0...
  • https://sync.targeting.unrulymedia.com/csync/RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4DxiRZHXQ59I6k3ok5hW...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DxiRZHXQ59I6k3ok5hWjiMXn8zuOPKzlAn-4F2l-mnCJbMYexSD6nSp3QtV7ofimOYklKmtJbCeQbJRyxSfa-R4igNaSkZMHvBwGfvYkB02_6W3KK36mjcgwDOxX0vNf7C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DxiRZHXQ59I6k3ok5hWjiMXn8zuOPKzlAn-4F2l-mnCJbMYexSD6nSp3QtV7ofimOYklKmtJbCeQbJRyxSfa-R4igNaSkZMHvBwGfvYkB02_6W3KK36mjcgwDOxX0vNf7Chzis0Q09&google_hm=BOvuXKzszEHZu2FrBVbp9AY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DxiRZHXQ59I6k3ok5hWjiMXn8zuOPKzlAn-4F2l-mnCJbMYexSD6nSp3QtV7ofimOYklKmtJbCeQbJRyxSfa-R4igNaSkZMHvBwGfvYkB02_6W3KK36mjcgwDOxX0vNf7Chzis0Q09&google_hm=BOvuXKzszEHZu2FrBVbp9AY
date
Sat, 20 Aug 2022 05:44:23 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXebee5caceccc41d9bb616b0556e9f406004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame CDE5
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESECNab--IBVE-8ifvPuyeJkU&google_cver=1&google_push=AehlK4DajHiPbWWCbTzXA4Ohu_rdB36Eq7mh4R3-u7YNhy9YJtxi8AG18WVmpk77uMZCsNqPx6vsEG3ABha3DqhUuIJZfy81vftbN...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DajHiPbWWCbTzXA4Ohu_rdB36Eq7mh4R3-u7YNhy9YJtxi8AG18WVmpk77uMZCsNqPx6vsEG3ABha3DqhUuIJZfy81vftbNEVh_mm9vVPlooPh78O_vOWEQu_D4h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DajHiPbWWCbTzXA4Ohu_rdB36Eq7mh4R3-u7YNhy9YJtxi8AG18WVmpk77uMZCsNqPx6vsEG3ABha3DqhUuIJZfy81vftbNEVh_mm9vVPlooPh78O_vOWEQu_D4hWwqqAs2B9BXZU&google_hm=0d83bee23854111be6463c9a893ea3fd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DajHiPbWWCbTzXA4Ohu_rdB36Eq7mh4R3-u7YNhy9YJtxi8AG18WVmpk77uMZCsNqPx6vsEG3ABha3DqhUuIJZfy81vftbNEVh_mm9vVPlooPh78O_vOWEQu_D4hWwqqAs2B9BXZU&google_hm=0d83bee23854111be6463c9a893ea3fd
date
Sat, 20 Aug 2022 05:44:22 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame CDE5
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEJl34IFr8P5qJ6ivjgl7oS8&google_cver=1&google_push=AehlK4CaIzGis0mqwTppsB81PxdBly9kOwurcCJEW9JpGdcqvvwcSl5moc4NKsCC8nLkyXnK-ZLcIFb9pFMz0Sm...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AehlK4CaIzGis0mqwTppsB81PxdBly9kOwurcCJEW9JpGdcqvvwcSl5moc4NKsCC8nLkyXnK-ZLcIFb9pFMz0SmoE7x_xWY3DVjC7ybCf23163wlKDiLYj-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AehlK4CaIzGis0mqwTppsB81PxdBly9kOwurcCJEW9JpGdcqvvwcSl5moc4NKsCC8nLkyXnK-ZLcIFb9pFMz0SmoE7x_xWY3DVjC7ybCf23163wlKDiLYj-LkOBgcsntaka4kQOF-KTJ9WXX1g&google_hm=N2RjNThmNGEtNGNmZi0zZTU4LWJmZDItNzA1MzUzNDc1NGVk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AehlK4CaIzGis0mqwTppsB81PxdBly9kOwurcCJEW9JpGdcqvvwcSl5moc4NKsCC8nLkyXnK-ZLcIFb9pFMz0SmoE7x_xWY3DVjC7ybCf23163wlKDiLYj-LkOBgcsntaka4kQOF-KTJ9WXX1g&google_hm=N2RjNThmNGEtNGNmZi0zZTU4LWJmZDItNzA1MzUzNDc1NGVk
date
Sat, 20 Aug 2022 05:44:22 GMT
cache-control
no-store
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
attr
cm.g.doubleclick.net/pixel/ Frame CDE5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlW-b6UHE4ABbXqH1PdADHycq7m7mVm2_fjLTMknLvffEkDc9lNt3fB_j_y5UK0tWbR8avcA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F625 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
144101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 13:42:41 GMT
expires
Fri, 18 Aug 2023 13:42:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/7654897982036809312/ Frame 62C9 		86 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
21f6d7e99eb4821d7d8937b37a4b273172ff942aa1fa3b32b4942c44985c01ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
108433
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20027
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 23:37:09 GMT
expires
Fri, 18 Aug 2023 23:37:09 GMT
last-modified
Fri, 13 May 2022 01:12:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D590 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAIn-lOsIa2HINmtHXp6bsOm30QE-035T-o_PmeBn4HV7N_xhG80vBadJQcNaJqKmoLEkgbHwfjH4KKoamCbNG9-vjjkcFCMYj6E4Vh1q3-md83NserfyPRL41WTqbsz5DviFkmSpidjdd1TQ_lvEnwZ-AlLUtZHC7pHz3E-UIOcndsdwYNDw9bD6cBy3OvjLzo_8BtZGmvYXCyOGutJHybTtlc2q3NDBAE3vCGFoT7549lN0JB3gALqUX3aL1-w_m-XWgwFnyP-urqQjbRozZWyVhdSxUrnsnirR-Ps7KO4GfHVoxR2oCsnzk-uPIhTK5bM55Iv17GZrvkO-xh8E87SYw88gd19h6RqAEuXGzwrTswM4l9mGG5vORJJSZIV9O5gUOwifxY7n0b3wPn35cLABz-DnZrisUbIEnTaeGOulWXXpYexgO2vNtYotFAibb-nmy3VmsyMCplO33PXD__SerIC-KYXjn9Pb9PT6Ye9hZHRoaO4bnKsvdiBNUw6Apu8-FO4tDCDlIu8EpkEEJvVlvbkd0PA4aH_up7_VmJgXIPEiJkSoldbbEHqrVvS_drmwfJJy3sXXA3I2Q15VKgL3E4lik1s_sUg1om3kEnKZj7flspGuIrprTHBPQFCkajFEiBCm_SerH4kSMMk1_My7MD0VWRhO9nyyQ0rO5in167zgSLBfcWjRCjKydh636w1kvRGM0rlwdwEuvzClMMpSOqC2tgjp6NUw7O97_2KL4R9OJtUieI1CUmeviG2cqinKgV-NS8r2NfFhTJf_Jgu70pUpQY76n4jrIEWJmRpBDQsYNhdnz017R66pPG_e6Ku_LfWXNZrTT1cP14yPonnI3a_9fV9l4wAWOtLqdm7clgRWklSERhp3YRgJY7W2vXi5moc7BIkhBB2i6ddt9jnO54edktOk1JKAcjrnfPKlwZtCbeMS-XdvrOEDoKG5oV81owx-HXMTuvS5upl2KkEoNUy7spTQd4Ppbiy2jTGjUyklXh5GoM6UY-jFRYP8qMCsXhvakzXBu2q51xrMsZAKJzKGYW2NhehgyVqq0dRQCoX9i0GUsoS686-3esxrL_LsQVYTCXi1Cfpj0Wa-Ml43qd75LYnBnzO9H4JxXZ6SQtc4YvttTifoOLZ3d9Afjzv1ch1eRmk73YMNQ7c19UXDD4aydbZ4D1WL64LjIt5QPolH7Y7MLpFXw6tf6fJW5Hk0GO2UcHuq-Kx8RYFk8JdXg&sai=AMfl-YSr261RWBaPQEyQAKhjHAUGtN1O4jogpqcHE0IFPlIxd3Z17CrXE1aUT0uE45m8o9GWd-Ou1_glrkvNoEW5UPQVRICxJ8BYpIogMF0Ys2vZvDsGcY0OxkPHwpcK7mMiHdTEZbGVPjLUFLgMeyAqoHzcvi7pC9D-_glwYm2jnpsQ_h2AnB9vPxbx62iOUbsaAsZvai_Jkju6ZL0jq1fmdKhI&sig=Cg0ArKJSzJDjkoLxYxdUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=832&cbvp=1&cstd=829&cisv=r20220817.72006&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 20 Aug 2022 05:44:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame D590 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.205.242 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.361.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:22 GMT
Server
MMBD/3.361.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
nrt-router-x14, nrt-bidder-x27
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 20 Aug 2022 05:44:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A195 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
144101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 13:42:41 GMT
expires
Fri, 18 Aug 2023 13:42:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cksync
cs.media.net/ Frame 6ED8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzOTc1ODYyNjgyMjUyNTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 6ED8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ca4929bf-f82d-4a49-b123-cb61a9b2d3c7
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ca4929bf-f82d-4a49-b123-cb61a9b2d3c7
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ca4929bf-f82d-4a49-b123-cb61a9b2d3c7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
pixel
cm.g.doubleclick.net/ Frame 9A0A
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEBSktDb1WBVwU0TVDwg0seA&google_cver=1&google_push=AehlK4D3XBoNZLuIOGOZSR3bdMrUFB-uGVqF4wg_ILakG4XPyJv2GL_eBAZlj3iykoy31kP0mJ0gqP3sOT...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4D3XBoNZLuIOGOZSR3bdMrUFB-uGVqF4wg_ILakG4XPyJv2GL_eBAZlj3iykoy31kP0mJ0gqP3sOT2WT5p9xo3DeBvI6z2oqjGNYEXEudu-22T_wjACqmTHRSSjHg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4D3XBoNZLuIOGOZSR3bdMrUFB-uGVqF4wg_ILakG4XPyJv2GL_eBAZlj3iykoy31kP0mJ0gqP3sOT2WT5p9xo3DeBvI6z2oqjGNYEXEudu-22T_wjACqmTHRSSjHgANTv4-w6UbAzdZ&google_hm=&from_google=pc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:22 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AehlK4D3XBoNZLuIOGOZSR3bdMrUFB-uGVqF4wg_ILakG4XPyJv2GL_eBAZlj3iykoy31kP0mJ0gqP3sOT2WT5p9xo3DeBvI6z2oqjGNYEXEudu-22T_wjACqmTHRSSjHgANTv4-w6UbAzdZ&google_hm=&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 9A0A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u1la8gJfQJuI6kErQfHnCg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u1la8gJfQJuI6kErQfHnCg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BUaTOHrqcbgmnylVi_LyoZk38ppXIsENjEh7_mtu0kldWLzRUKhixZWadg_b8Ye-HIup4vZOFXoq8i8xraCnaD_OXaRuqPdqvDBdNLmzZWR4GLEfTmZJMsq0WmPgksddQLXlo_lxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u1la8gJfQJuI6kErQfHnCg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BUaTOHrqcbgmnylVi_LyoZk38ppXIsENjEh7_mtu0kldWLzRUKhixZWadg_b8Ye-HIup4vZOFXoq8i8xraCnaD_OXaRuqPdqvDBdNLmzZWR4GLEfTmZJMsq0WmPgksddQLXlo_lxw
date
Sat, 20 Aug 2022 05:44:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9A0A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJk3Gd2w9BOhJyC5f1sDIb0&google_cver=1&google_push=AehlK4BdhZYiVe_1lWZXdfb3DeeCCoIf4Gz85sCQUDPcGB3bpE7QA4y645kms2WfxrSf4A1LLDY...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcxSDZTRE8tMTEtNVhTSg==&google_push=AehlK4BdhZYiVe_1lWZXdfb3DeeCCoIf4Gz85sCQUDPcGB3bpE7QA4y645kms2WfxrSf4A1LLDY0kfLLwnl7CQOVzxv9ZBV4xARvG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcxSDZTRE8tMTEtNVhTSg==&google_push=AehlK4BdhZYiVe_1lWZXdfb3DeeCCoIf4Gz85sCQUDPcGB3bpE7QA4y645kms2WfxrSf4A1LLDY0kfLLwnl7CQOVzxv9ZBV4xARvG_6RxMpxxThPEazYoGp8eViF9xkjJKrJ9Z3GaBoF1QK0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcxSDZTRE8tMTEtNVhTSg==&google_push=AehlK4BdhZYiVe_1lWZXdfb3DeeCCoIf4Gz85sCQUDPcGB3bpE7QA4y645kms2WfxrSf4A1LLDY0kfLLwnl7CQOVzxv9ZBV4xARvG_6RxMpxxThPEazYoGp8eViF9xkjJKrJ9Z3GaBoF1QK0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9A0A
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEJjQ3XExCR9Kch8BwyyNIg&google_cver=1&google_push=AehlK4BJAoHwZifxUM1zGQf2FtBfqmjrdW9r_B-Uq8VyuPmy7erBhGcmMHmga05SZVLUROJLSJqr44UYQE8tHG1X...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=862d37ee&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4BJAoHwZifxUM1zGQf2FtBfqmjrdW9r_B-Uq8VyuPmy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=862d37ee&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4BJAoHwZifxUM1zGQf2FtBfqmjrdW9r_B-Uq8VyuPmy7erBhGcmMHmga05SZVLUROJLSJqr44UYQE8tHG1XUNrm8BE-FeAV55G_cbR6doM-QZXvlxEuZyFcoXfZF4d794rQJCRFZPQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 20 Aug 2022 05:44:22 GMT
via
1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=862d37ee&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4BJAoHwZifxUM1zGQf2FtBfqmjrdW9r_B-Uq8VyuPmy7erBhGcmMHmga05SZVLUROJLSJqr44UYQE8tHG1XUNrm8BE-FeAV55G_cbR6doM-QZXvlxEuZyFcoXfZF4d794rQJCRFZPQA
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
9X1UQANZPuGaxQ8mn3BLRjOh-PJ-bglB1n-8pzVhAhdYfmU6ma2sBg==
pixel
cm.g.doubleclick.net/ Frame 9A0A
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEGZwgtNizYFeqVnHUPsXKLA&google_cver=1&google_push=AehlK4D08xcPq1weoQNEWOivRhxUPPcTUQ91Ul2mGVouciB2KQMsCatd_JeANyKTtbcnnY7pPfWv2_e3mFDBl5z297pW...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4D08xcPq1weoQNEWOivRhxUPPcTUQ91Ul2mGVouciB2KQMsCatd_JeANyKTtbcnnY7pPfWv2_e3mFDBl5z297pWNAmHaSKO5C2A9eaqMmxsBqIEgScxpi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4D08xcPq1weoQNEWOivRhxUPPcTUQ91Ul2mGVouciB2KQMsCatd_JeANyKTtbcnnY7pPfWv2_e3mFDBl5z297pWNAmHaSKO5C2A9eaqMmxsBqIEgScxpitjWTaJ9XCT4TTaYyRafWNH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4D08xcPq1weoQNEWOivRhxUPPcTUQ91Ul2mGVouciB2KQMsCatd_JeANyKTtbcnnY7pPfWv2_e3mFDBl5z297pWNAmHaSKO5C2A9eaqMmxsBqIEgScxpitjWTaJ9XCT4TTaYyRafWNH
date
Sat, 20 Aug 2022 05:44:23 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 9A0A
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEteMOy0yI_uADuCWcVL4LY&google_cver=1&google_push=AehlK4CLzrnh1Dsw-FlPQ5gUS7AL8aYbYZSEUcsAJ19yLdFlI4LvTcYYTkrTocBwlSJ3vvzrujFhrJ_PkmybvkZXY...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MGQ1YzgzZmMtNzk1YS00ZmEzLThhZTYtNTk1ZjhjNmVlYjZh&google_push=AehlK4CLzrnh1Dsw-FlPQ5gUS7AL8aYbYZSEUcsAJ19yLdFlI4LvTcYYTkrTocBw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MGQ1YzgzZmMtNzk1YS00ZmEzLThhZTYtNTk1ZjhjNmVlYjZh&google_push=AehlK4CLzrnh1Dsw-FlPQ5gUS7AL8aYbYZSEUcsAJ19yLdFlI4LvTcYYTkrTocBwlSJ3vvzrujFhrJ_PkmybvkZXYN3R4_ZmB7YFxBFw0hFvLcR_0ATyf-zul29iIEaRDsrg6rP9blVBEz1T4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MGQ1YzgzZmMtNzk1YS00ZmEzLThhZTYtNTk1ZjhjNmVlYjZh&google_push=AehlK4CLzrnh1Dsw-FlPQ5gUS7AL8aYbYZSEUcsAJ19yLdFlI4LvTcYYTkrTocBwlSJ3vvzrujFhrJ_PkmybvkZXYN3R4_ZmB7YFxBFw0hFvLcR_0ATyf-zul29iIEaRDsrg6rP9blVBEz1T4Q
date
Sat, 20 Aug 2022 05:44:23 GMT
content-length
0
gobRedirectFromId5
sync.inmobi.com/ Frame 9A0A
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJCh7hW9B0rMm0LeFKy-Dho&google_cver=1&google_push=AehlK4CorNa17Z4Ubt6olW8uKwlRUa_fnIRty_v28yy-NZstwMaV88QD1DygSLe42b_7BMHX6U2KC5JQN2BMU1GwblqVqEKb37dnD55m...
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4CorNa17Z4Ubt6olW8uKwlRUa_fnIRty_v28yy-NZstwMaV88QD1DygSLe42b_7...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOvCD7J-UXh8ZWdCx1czZp8XVVEi0LeMxlHZWXRw&google_push=AehlK4CorNa17Z4Ubt6olW8uKwlRUa_fnIRty_v28yy-NZstwMaV88QD1DygSLe42b_7BMHX6U2KC5JQN2BMU1GwblqV...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9A0A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxpWLiUBXiH9tVa5hb-uCdvpoqZ3P1NnqlgAu1-lSqojacDv2UwgKAy-MCw1gIduFBniEDOLs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259130&bpp=12&bdt=237&idt=390&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=5260778923606&frm=8&ife=1&pv=2&ga_vid=1795047843.1660974260&ga_sid=1660974260&ga_hid=266314318&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068487%2C31069049%2C44771163%2C31068921&oid=2&pvsid=4206563028032491&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.jn96nl9nmlba&fsb=1&dtd=404
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/11589256862032369085/ Frame AA92 		85 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
09fe3a339dce9f0599a961a0562139acac9160b7617f912704f9a9d794263c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
552332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20005
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 20:18:50 GMT
expires
Sun, 13 Aug 2023 20:18:50 GMT
last-modified
Fri, 13 May 2022 01:13:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C48E 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfaIp5ZF5qy5qZtYFYscR5XKkRZkJeSgUiSMvucz7gUuVNHgVBzU3EGJ9Gq6KolS2P-owBuuYCtnvuRwi7tHVrrO5w4NV-E5Ui5wkXE4uFZVP21aH9eFy0TMWb0quOix3dsQCt1SBz1Fe38T7opHKznbadBu-LN4s1SPzR7QsETK0-LngG-f3mCRK0teTAMns6oANIUo0LMlww87Ih8Ho2RkmDlFZ4Zd6zzhsYkx172-qVh6ck6rJQvxaEKXglxMOg2dnpNtLd2nybdXVWp_I6ksnabJYPmO8T6klFT-TBJzKUrguacytIGwe6Wmy8PYiK3bMzv9LV0CtXEDU50V7VQK4241wyowOlk9e3sq8h-FiCM1vjtMi2oUUDiftPpS3gz91_VexMqSO_Nsti7tgyrCpPVXYlEOzFoa6xxt4ZblZ8LWBr777tuWKBc0M3zB8KkS0DgrzgfX8na9kQ9nnYCfAuvwC6Uevd7l6YzRAx6oQJ3E7-LQJPwuWXmztqjPXpxHRxOOfJ1hlWQuDn87JdYXwr095FGWam2wQVBsC-hBqrd5sHqnudM06QVt6L-RfRxeBzL15jjpIWdcFxjyxQygBJ31KUYFSDwB90Mlsqmudnt0F0qbZjEQEvdv9RFPpmK6YBFxomG3HKp5S3RpJ5VGbiADShdzABdKMF3s3mp7hmS6YncvmdasTk63cqiWgR_jX9MI6L02cdM6xaZZB9WBOYKbKMOc7kVMzni54v5016LpSt4Nn3aei-sH6X4RitdtgNZcKtE7_RYIG4tJ3C3ZqW5oAWxSB8y0N2NZvESLiHxoVdPtipIRuiI7Ph8rMK0TmjYCGntJ-n9KkI5j-EVBCId4t6wvfjTZFoHnNiv2HM4JhnUWitRw2ySre0S5wGprzNi2mXkyxxtY3Uxk9d5mB3S_wcCbjCJFsXIahYTjV8DaaBNPQDrlonNX6WkqfcY8SdkIsuyr3AlZMsiArthBS5sbU83PkAz7f3Bv2zmHbzoUj8MGhx2ZzabNWqAkJZYv4vx8KAfT9lhpx-2W94K3gDKPv97Ty6cG0f1JmWdyq_E66IWWXxQXLhIRAn-tBA2E_SEpDYkjut1ReLhZ4wlKTxP64hk7OsjUwtm5-Ptfh4_Rcq2HPhNdRta59ShcpCDyx1V4EcNfFNEINFp65MGKtfwc1ojfKvisaO7N3AhFygx8sDpWoaeVUeaNNsLWQbSIg9kA3mQVo8ouYj1hoQz7q-GaDP&sai=AMfl-YQkd81-6wXygLCysJeak8wWxzhjN_QIRXKudHuw-scVnUTYfr-X5yWG6Ahp35avWYB7K1-x4tBugOl8XJ4FgVKY0HC1bO9xQbRWCWBMOIjyajv4bM6xUxPgOje95lx9_k00EdBVVwK-wwTI1_khhut-CxKJFjTUPZDlOoj9b7WNqs-R9fpvNG-TI6Ttby84Dst7l-J7LSq_vwm_KUrYoGfN&sig=Cg0ArKJSzIa-tEhFv3zeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=896&cbvp=1&cstd=894&cisv=r20220817.61207&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 20 Aug 2022 05:44:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame C48E 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.205.242 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.361.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:22 GMT
Server
MMBD/3.361.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
nrt-router-x12, nrt-bidder-x38
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 20 Aug 2022 05:44:21 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame F625 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 21:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
289654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:16:48 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame A195 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 21:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
289654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:16:48 GMT
cksync
cs.media.net/ Frame 88BA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c89a564e-d03d-4aee-9dd9-9f6285401c51
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c89a564e-d03d-4aee-9dd9-9f6285401c51
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c89a564e-d03d-4aee-9dd9-9f6285401c51
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync
cs.media.net/ Frame 88BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzOTc1ODYyNjgyMjUxNTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C001 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=2385548402192098&bg=!HB-lH1vNAAYUOm8VNDo7ACkAdvg8WgElxCL4psOacVH_OLBS6RqhV76LuCf92DBWKtg1kY0BXEItbwIAAADMUgAAAAJoAQeZArkwrVpCqALKemN9DHDrvxleJZGsLbsmcPRIX5m1YCS1bRWz_KsTIap0YN36q8Tznxx4yomQniIyN53C0C3b7WaMbBa1P_Xlrt1LD_cwOLgCS2wBIGrslRuFo0vWu4kQwcZETpTZ8BF9jsQE8Qi8NzjrmDyJHT2pYNibuct4wpf-NcxPjHZVFCnc9uIJPGIYScy73k1BS9YA_jlF6uUFT7hosqGtOpzcvEpPd54Ete5LbADYGInS86bDvjPZTPjioOZIN5oD5t1fObZzc5vTdaIURtQYZQ8LSwbmXdkIyaIm6iI0SyDuahJSxX0MTMMz8YoThn66z1DWKI97QGHBolyU0qK2X6DODbCTvt9NckdJreUQcPiPTKbmJ4IjGDLCEGsdNsKFs7uh1vjEnukgnnWSFyyI_z4BkXJubW_EpPiE0ZfufdoTe8G8Hkuiw4L8lL8xtBGFNFhnDqv120vE8WPJ-bVQsjBxfbFuyE0xUWZCTrvhoZHT1cRBA6KIHHFZ23Nc2bEhKLpMtDpr-qIEckGHQUxnyyD4tIVIjWUWX1mYbn5DRPwWMBHTBiwwfb6CWpKSLF6k12eZTCSKyxVCsmjP8gWZRS2EQBm-rAONdDEtfi5A9WcAofUMm7pgM18gyVTLaZI7P5w_vq9Vjc3rtyjO606EkKO3dDzjWKTGmFuj4G0-mNxoJtpUEupBnhoecyt8jFI1-bC3D_4JP7JFQeR1Mu8iq_K1BwplGL9TWwrjxctjMLCKm8Q7xxQohfyfiNwAPxCLHbCwX19ZU4mDG5OqqM6bwUOXM5a3BJae9vt7qrFu2djtWy7Afi940gSrJcQz19gWhINm2uumA0C4D3pIzLKKtiYPd1kyiEwB3Efy--cOoYcRNuwMsRDLhyInGMfLirF3471rE4pAd5ac-3Pfw5NczHjBFl7j
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5581 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081801&jk=2115091291420178&bg=!CgmlCU3NAAYUOm8VNDo7ACkAdvg8WqQOzB-xFV2Acvh9fDd3POK-bwkvxTNYmIZ2bMWBFaSvc224cQIAAAC1UgAAAAJoAQeZAqcI0kCNycFCUBkxQi3K4D357Q_yxZhw1fI1m2mUtPHukSbAhKawXpweJNC1UnRR2x047HPMO3IpTT4wEaOUlK6c2PFhmKthSUS0NQZgW8A1hzgHnBXG95gf_RALbGnQZ786FAr9OxSfRl2vD5cGfQmvstqVGiPrculsKbuISXdG6T-To34pumpMR12VxSqtpenz0FXZBxCGXCGMaQ4azyz9Ygyx02CN4eh1ZIOy3KbuJ8f5Ah760oCYFozWOMNBQm2nMFgz42AAWvpbb752-pyH9Bp0SAfhfd9SmDLVicFxp2TQW0OFzhhslcim5m5T_89E1-narXBhNuFY8P7lbOYro0n6eQUXktXkPvrFKJuXd5o0cOk4gNCJ7m0K6RT6F2ez9k8aJ5JMw1YHO6A61kXAxrf09kq234bMT3s0wgei1aQej58iDlJhYPRY22eLO8zxLfA7ucikblJdTuRkQArVQfZ4DcvDw97EctWhTbEd5Ns-rXO-H6NKbG1v3AXYU-T3d9_q-6ttGbsSXNUW4PRixNRAjSyjrgW5GVhxK4qBNbmzGY-b7T3Y2Xut4d-915pCTzh1MQjPa0NcrJ6MEVg9FaH7QbugL8Yc0uw3oD2rWAG9B5-pZUwCFeHRYm_kSV6ZTusEeKeYeU0mgkkX-PSpDzZAMPO8hWJC2WlDx_lUfGuGD2OR-kbHkDPT1qhVYwY-v-FqyQSjRJ_z6FdCToPSFuu6SeJ3mjR5pHwugN9bb9ZU3EdsPXfTvoqDVOeqDCzXEuGD4fPS5nD3dLBGpvGSE13WP1pnH1mxL4jCBB2VpPlqhJ2DsnpDwlowsHn_HfoeX-o-bTCECI-UGJPZdGX1V6AagDC_cEQkYPL23vxHQdRR5lnrO81N3hofv3cQfYVsQKP43i_2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 80A0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 21:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
289654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:16:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D590 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxhtU0ip1zQ1PZc8SVLwZoCV2n4VEhf0umVcN1AgVfkvx9oXhADQuP29UVXwgoiAxwHPh1Oke9soypgyW7l5DA1wthALmmW7x7FdDMoQty7T5qEbVlPIgEtWFbuIvoPKSzEzGjUP8orA&sai=AMfl-YSlUFfI0BF2UHAJwEAwR5v3Eo7SPYX_gFWtUtNDI3gRTLKBTVkAAIKaI54_4xJM47H9-uBoMcvEX4kf8lGs43-Y8_oGDNkmdn_g0guI-h4TTGYYLCkukvj4DBhz&sig=Cg0ArKJSzCAhJ502tJuOEAE&cid=CAASJeRobbbhqeT8DEnlyVGqo8Ne3YNN6GrzrMTGnFp2Nr8bmn28Lfc&id=lidar2&mcvt=1019&p=60,450,310,750&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660974260548&rpt=1168&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 55A7 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 55A7 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 55A7 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 55A7 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5507&&&vgd_l2type=sca&fp=3wJgoNJVjVcVg0_NA611a66rk56kwkMP9XXJwbDf72bmp3h2olaEL5_B0LFpT0k63vTkATFI0MoaCaAalztntp0ghE-EzpUPeICshbP78Fp2ut3f08NBL_G1vLux1nvW&cme=l4x29x8SoNu3r_FcabJVR7omFK6Pd8DqNPh8l07A22AYCEAjUtO9LFFx1OMKSuuWdLwyuPa-L-G_SWm1QGOTeWWZ3Ui1Er4iR5tkiLSAkyLrj_cpNv6ZSvQef3_Mz3rokhn2DuI832RMdOoMX7zbBCa85EupuFzwwbplRGgvZBBi6QA-F5mAUKvA_2LRwz-itbQLueoidPoLGSpKPm1daA%3D%3D%7C%7CzgYDFaY6yvv6gB2u6esx3AKMxrjBa8MgTZeLDyKS2yJuuEIffzKhF7t9BCZT0HknD4I4Mt8dAqO8ywAQpjQITmFlMntdc9g9dhF8ZdC--Uvr5RJl_KRTff_J4YvOAd5Phdc3M2W7nC_cOn1uJDEer_MD8f2qXZt59fvnDE9162oXlaCQCiiHNh90JRGSHi13zzLQpnJCGwqYvgCzLDkiHbSrc6h4iLLevY4ObDxv2Fo%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=7&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785128&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=30111142&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.45%7C12%3D0.49%7C63%3D0.33%7C66%3D0.24%7C62%3D1.20%7C1%3D0.47%7Cps%3D0.951%7C3%3D0.11%7C4%3D4.62&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.21%7C12%3D0.67%7C63%3D0.33%7C66%3D0.94%7C62%3D0.82%7C1%3D0.24%7Cps%3D0.951%7C3%3D0.37%7C4%3D5.00&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=340189069&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.33%7C12%3D0.35%7C63%3D0.33%7C66%3D1.13%7C62%3D1.05%7C1%3D0.33%7Cps%3D0.557%7C3%3D0.26%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Website+Maker+App&kwd[]=Stocks+To+Invest+In&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=27190006&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.81%7C12%3D0.27%7C63%3D0.33%7C66%3D0.94%7C62%3D1.29%7C1%3D0.80%7Cps%3D0.557%7C3%3D0.57%7C4%3D5.00&ktd[]=1126174818435328&ktrkt[]=Stocks+To+Invest+In&kwd[]=Best+Bank+for+a+Savings+Account&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=324879789&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.50%7C12%3D0.60%7C63%3D0.33%7C66%3D0.94%7C62%3D0.68%7C1%3D0.53%7Cps%3D0.557%7C3%3D0.15%7C4%3D5.00&ktd[]=1126174818566400&ktrkt[]=Best+Bank+for+a+Savings+Account&kwd[]=How+to+Start+an+Online+Business&kwt[]=391&kbc[]=1224808752&kwp[]=6&kid[]=14374179&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.63%7C12%3D0.28%7C63%3D0.33%7C66%3D1.13%7C62%3D0.64%7C1%3D0.63%7Cps%3D0.557%7C3%3D0.24%7C4%3D5.00&ktd[]=1126174818566400&ktrkt[]=How+to+Start+an+Online+Business&cid=8CUABW64L&vwid=1660974261987125843&vi=1660974261987125843&tdAdd[]=ib%3D0&vsid=3039758626822557&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=781&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785128&vgd_nrrv=1219&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8POHZR87R&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1660974261192702743&sttm=1660974261993&upk=1660974262.20905&hvsid=00001660974261993029185682254426&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080807683300336028000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POHZR87R&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3039758626822557&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvHhf~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9Wf999~8xLjMGvFAWuF.fu~xLjM7UNvf~Q7Ov~j1Q7v~e8QMxLjMGv9.uh~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vhH%2ChH~J7vi~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9Wuiu9~e8QMGvuFF.iA~xLjMGv9.9f~xLjM7e8vuiXA~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~Q8OvihAAXAiu1Fh1hfii9HuW9iXWH99GHhh1~QOvu~x8Ov1gBA6%20%2FgpqY8tAxyw~G7OvuXhHihXiXHW9uiFh9uXfXAXX9fHhhXWiHfh9AuAFWuHWfhHufiuHXufuWifihWhH99HFXhAXWXAFh9HH~OfEMjvh9~AENkvu.FX~x8Yv9~myMYQwv9.9u~OYYMQ7Lyvw1LYmz5~OfEMGv9.iF~myOfEMGv9.iA~exLjMGv9.9i~QQvIK~x8Bvou~NJv9~LEQMGvff.9u~exLjMjvX9~%3DVvfhfA~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu9.iX~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.Wu~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9uu~OYYvw1LYmz5~Qx8Ov%3DK4b4qF5AhY7X6IT1GEJGzcAylg~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvOJk1xj7~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvH.9uX9hhh4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXf&vgd_optout=0&vgd_cfud=220407&vgd_scsver=289&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001660974261993029185682254426&subBdr=186&bdrid=4&rc=0&rand=1660974262801&acid=30196797ecb44ba3a2bf596f4aa395cd&matm=1660974262801&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2418&vgd_rtime=2406&vgd_etm=17&vgd_l1hcsd=A12%7C5535&vgd_l1ch=1&vgd_lhl=2763&vgd_pgid=p1162629177t202208200544&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7c75f56789-qh8pw.SG&vgd_sbSup=1&vgd_nrrs=1219&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 20 Aug 2022 05:44:22 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=69075
content-length
15
activeview
pagead2.googlesyndication.com/pcs/ Frame C48E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKqWUNqY-x8tGr84fY73qZ63gr8wHCrSHfjQQG-3xQPD_pC-TgBzxkC314Y9W2aVT7Mmr0Slg0GnXxe0RottLAXUi3nTDymmWpIMJy_tg8cimPeHjultfwqhbADSjNgAeFtWkucLqjDg&sai=AMfl-YS98HiqcZtEa0sHm9NhgLZqb6vkUNB0rmSxMZ_zwho2zzlRi8Eagcj5_JuMpsVPSfdLsjjm44Y2es_CG7tDipsju7wLDR-2P0mcBEKxWKbi5iFFjVycP28Z4H3h&sig=Cg0ArKJSzNSiKM958XFSEAE&cid=CAASJeRoYuF935clzzv_NiiodzhMtHFVn8arSZgj3WgfzlM36hfL8_U&id=lidar2&mcvt=1049&p=1110,436,1200,1164&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660974260565&rpt=1213&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ 		108 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
67f895dc44f9c1df5a7e56ac784c4a8e9b8b64c2bfd1db81b0dd50639da7ee35

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 19 Sep 2022 05:44:22 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 028B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.1.2 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Aug 2022 05:44:23 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 99B9 		532 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c815e6129b5532c4cf76bd81235efb0ad865e0e180ebccb52dc222d9a86c61ee

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
325
content-type
text/html
date
Sat, 20 Aug 2022 05:44:22 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 44B8 		1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
684a1bce9034f8a819e98aa54442bc390df922415123edb369a492c164ebd7e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
455
content-type
text/html; charset=utf-8
date
Sat, 20 Aug 2022 05:44:22 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 85B8 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1660974258634
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame 954C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.129 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
22807
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 19 Aug 2022 23:24:18 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
x-amz-cf-id
4eunpvKAc2X35RXs1CtE6Y8II1UhHwbN04wRP0YjV3RhMT6P-xfglg==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame FA83 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Aug 2022 05:44:23 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame D4C2 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a32f145ebce429e33c7295b9ee1f383ae8b8cf476bd137924c2f26636003087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Sat, 20 Aug 2022 05:44:22 GMT
expires
Mon, 22 Aug 2022 05:44:22 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame E6F6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.195 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 20 Aug 2022 05:44:23 GMT
ETag
"623de86a-cf34"
Expires
Sun, 21 Aug 2022 05:44:25 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=47fd1e62-03ac-4cf9-9bc1-1652a2c55832
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=47fd1e62-03ac-4cf9-9bc1-1652a2c55832&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:23 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A&gdpr=0&gdpr_consent=
date
Sat, 20 Aug 2022 05:44:23 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L71H6SDO-11-5XSJ&gdpr=0&us_privacy=1---
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L71H6SDO-11-5XSJ&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:23 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L71H6SDO-11-5XSJ&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D47fd1e62-03ac-4cf9-9bc1-1652a2c55832&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F654%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D47fd1e62-03ac-4cf9-9bc1-1652a2...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F654%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D47fd1e62-03ac-4cf9-9bc1-1652a2c55832%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00N2ZkMWU2Mi0wM2FjLTRjZjktOWJjMS0xNjUyYTJjNTU4MzI%253D%26uid%3D%24UID
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Server
37.157.2.236 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F654%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D47fd1e62-03ac-4cf9-9bc1-1652a2c55832%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00N2ZkMWU2Mi0wM2FjLTRjZjktOWJjMS0xNjUyYTJjNTU4MzI%253D%26uid%3D%24UID
date
Sat, 20 Aug 2022 05:44:22 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
/
onetag-sys.com/usync/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 62C9 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 16:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 16:51:51 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame AA92 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 16:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Aug 2022 16:51:51 GMT
truncated
/ Frame 6E38 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6E38 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6E38 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 6E38 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5376&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7Qcks-rPBplUfcHunzWAa6LZU1WC-eqw0P7gIR3M1I2vjmA71ds1EqufnkyjGpRjqCiT5mM9svwRZ3V-VmV5-elIs2VtRnXKqn&cme=fcS1cTBFtTDUXIbg4d3pePeznoibYx6473IVqSSQWrjyTI0klVyxp1p8k6FvwI7sf-Ts8FaPLlguLlrK8Vbq447O-3d6LhsBxQvELo95dvBiaSoLLTTabMSprHRAUPUZxUQ1t8Yisg66EL5qVq0_uXUKTZRJIW-cL-ysfHUaSzxtySQa-E3mLVq_eR9h0lhyKncLM9Cq9ZPZBpNHPtJ7eg%3D%3D%7C%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7Cxrl5Md8q4--Fy0OUtnqyq87TUqV3eBzav9_8O2wUo_jlgFwn8JB2Og%3D%3D%7CRcEt1PEscuCMTXpWkxExP51JAfjU-5HngdalKHAXAiaasMp7BJmiFwtvYQsoYPtcvBxO7SfPqfcSfy7yQARwy7phQV67AST3zzlbK_BGRcvorE4orCGUzlClzMcnsstT0zky5zXm3k42S1YNo7iyg9aNMuCULrqfta1d0V5YJ3v_ZUDhuRsIxbbRW5BwqEVOYoTnD8m1HC1H-tMHhKZyVVEDxBM002Zv3hIbkeGJ2XfChpBYQtc8LA%3D%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785123&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=30111142&kbc2[]=0%7C1%3D0.47%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.45%7C12%3D0.49%7C63%3D0.33%7C66%3D0.24%7C62%3D1.20%7Cps%3D0.951%7C3%3D0.11%7C4%3D4.62&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=0%7C1%3D0.24%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.21%7C12%3D0.67%7C63%3D0.33%7C66%3D0.94%7C62%3D0.82%7Cps%3D0.951%7C3%3D0.37%7C4%3D5.00&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=340189069&kbc2[]=1%3D0.33%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.33%7C12%3D0.35%7C63%3D0.33%7C66%3D1.13%7C62%3D1.05%7Cps%3D0.557%7C3%3D0.26%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Website+Maker+App&kwd[]=Stocks+To+Invest+In&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=27190006&kbc2[]=1%3D0.80%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.81%7C12%3D0.27%7C63%3D0.33%7C66%3D0.94%7C62%3D1.29%7Cps%3D0.557%7C3%3D0.57%7C4%3D5.00&ktd[]=1126174818435328&ktrkt[]=Stocks+To+Invest+In&kwd[]=How+to+Start+an+Online+Business&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=14374179&kbc2[]=pmb%3D1%7C1%3D0.63%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.38%7C60%3D0.63%7C12%3D0.28%7C63%3D0.33%7C66%3D1.13%7C62%3D0.64%7Cps%3D0.557%7C3%3D0.24%7C4%3D5.00&ktd[]=1126174818566400&ktrkt[]=How+to+Start+an+Online+Business&cid=8CUABW64L&vwid=1660974261839064983&vi=1660974261839064983&tdAdd[]=ib%3D0&vsid=3039758626822540&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=781&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=holmesmind.com&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785123&vgd_nrrv=1219&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1660974261103193179&sttm=1660974262224&upk=1660974262.1868&hvsid=00001660974262224029185682257590&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3039758626822540&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvHhf~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9Wf999~8xLjMGvFAWuF.fu~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.uF~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vhH%2ChH~J7vW~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9Wuiu9~e8QMGvuHf.AA~xLjMGv9.9f~xLjM7e8vf9uh~QYYMBLvfW.fFFu~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9Wuif9~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBHHyUr7rs5cxGP8~G7OvhX9AXA9ifXuhfFWfFu99FfAWhXWhiF9AWiX9AFh99FFWiXuHffHHAWH9hAHAXXhAF9AXXAHWAX9WiH9W~OfEMjvh9~AENkv9.WF~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iF~myOfEMGv9.iA~exLjMGv9.9i~QQvIK~x8Bvou~NJv9~LEQMGvuW.X~exLjMjvX9~%3DVvfhfA~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu9.iX~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.fF~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4aB_MB%3DGlj2XIXsydtM3zzy~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvH.9uX9hhh4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXX&vgd_optout=0&vgd_cfud=220331&vgd_scsver=289&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001660974262224029185682257590&subBdr=186&bdrid=313&rc=0&rand=1660974263033&acid=09eda29977cd4c9e9c1ffdc3775c5bd0&matm=1660974263034&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2559&vgd_rtime=2549&vgd_etm=8&vgd_l1hcsd=A12%7C5535&vgd_l1ch=1&vgd_lhl=2851&vgd_pgid=p1162629177t202208200544&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7c75f56789-z2msj.SG&vgd_sbSup=1&vgd_nrrs=1219&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fadx.holmesmind.com%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 20 Aug 2022 05:44:23 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=69074
content-length
15
gen_204
pagead2.googlesyndication.com/pagead/ Frame F625 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUccwtXQAY82ECvHA4t4P2sio6AcAAAAAOAHgBAI&bg=!HR6lHlrNAAYUOm8VNDo7ACkAdvg8WmhYPyho7WC8uM3y2k6xiWYONMU1cp28Tdi3BdORw5DXPgj9pwIAAAEfUgAAAAFoAQcKAHkptVSv3fwKA3BRuZHQx4nEOZJDfP66N4dNtb7gXRMDziFhkGlzIwddf04TrnSAP90aMM7o6tXFWsNZ1J24td1NZNUlGrcMCKa6kDCytB1xmdbXWc2IUrhxmph9GRt0AACnHPKSMjg-hdq3pli6w5oYVCE7snP-c2Z-mQLdULy7MkXrHWTUXky73hyp74hYbz4LQ-cKFxh7ZhPBtl9cRt46MlH-sR_wLVTELRyA8J53xuIOik94xDoaodoY3gZoBzL9ka9Q3TmWAklYRKVDISya6jPbim71IaBnO0AQZPlkhMrpL1-IZrbQiaPUV42oKAtsVvwQJdAEtrOlLKG5bVGbPdgU6gM0TF25KAj8HFOsAkXf1p85TyTpcvvZcxVPTU5RAEXlI_VOTGevDFRlrgNAVmoCbJlwigTjabHsqRhUOT__yO9uwA2eaggZAQ5vFVZAgYHr_SGsrh3gB_ikbrRNaHBWeL2V3X2uBs0atEmbh317qpjimtx-gpmooiUcMU2TwGbUTW_bvAF1sRVALpgeVfXQs8LaD7idOAWUIwoE86sjxUSUuXU3A3x_Iy4sRKZIcX6mNgy6OxFvZD4YhZ1qk8ylsfjPkWdEwQ7fwK8g6yC03BVsQBCCb1CqYGqE503ps6-IQLT8kO8AHel3ygzXKfIS-sDiauOB3ggqLUFS9S2Hgs8bZVWjGc3edDvZRsDzNt3CpDyYAkAa4UjSnlQZnURnKFqDB_V93OWtwaXzvxCxfyTMaVY89r_6wVveWshXWF76UVhh_6PRj8I6droOspUx3Eio7UkRfTV_wKQhyhFSKpOuUuru8UaDN21NGth8zoQjUJk5mQDfA2ONHsuzZGzS-f--q6b1161MvXkT3QdCc_xhZAwu7qiWQ2k_ZA_F7VaDfCHuT-MQXcWP7nwZ6rtPEwI7E9DPyrmzP59ZkqCPNaO5Lpo1kLuAN31yQlF89u6h32dCU-hYf6cZapAnWCQLnTzl2zUwpguXWURXJj-w7OKnOWqJSQXyfNBEO_tly-RgjtROK4ACIJu5S7xVDJ2oG0xcnJTTmf2Gq59D76z8_MwP9f-U-qIt743pM8gODLRIdGNs_S4_SgOBhu-ZfFcgtniEnLfhhH_8dUkOl9mJsL7t3daRmw
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame 1439 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=0Gilto4pmO_HA7NOfw4BCw&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=4.0150777E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=336x280&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080807683300336028000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=12.0&adj0=0.0&tmax=300&s_ip=172.217.47.3&adj2=0.0&adj1=0.0&feedback_id=0Gilto4pmO_HA7NOfw4BCw&adtypes=0&mx_aabpc=0&reqid=0Gilto4pmO_HA7NOfw4BCw&sc=AU-NSW&sd=1&mowxReqId=30196797ecb44ba3a2bf596f4aa395cd_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1660974260076&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-131738877-34-13&coppa_enf=true&bdp=0.020&ct=Sydney&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=30196797ecb44ba3a2bf596f4aa395cd&actltime=19&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.011&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEH6y37mt5JNLabpebnM3gzQ&chnl=HARMONY&pst=0&reqsize=336x280&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1660974860331&lmt_status=N&reftype=0&prvAccId=131738877&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.011&pvdTmax=252&ltime=19.0&epc=131738877&ctr_vendor=EXCHANGE&prvReqId=9037990042285_1834818998_52982010441&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=26&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-jvq9f&currsrc_date=2022-08-19+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-20+05%3A44%3A20&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET7Dx1uZMMyIleAgHnhrOH_rcuz7UxVpVXX1OUvvpI0vkrWxGFBO2SZV6ft9u8io7VGM&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-qh8pw.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D472~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082000~iurl_b%3D63816.21~url_tkc%3D2~std%3D~last%3D~vis_url_b%3D0.17~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D74%2C74~et%3D9~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022081910~vis_b%3D166.93~url_b%3D0.02~url_tvi%3D1953~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D97335391a67a729904180958400b477a~sd%3D1~uid%3DaQw3JqVQWHmiX3ugh~btd%3D15749759548019670152535502477589427031368148274129145121892978740046573585367044~d2p_l%3D70~3pcf%3D1.65~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.96~ogd2p_b%3D0.93~vurl_b%3D0.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D22.01~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.95~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.81~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.011%7Edmm%3Dharmony%7Esuid%3DCAESEH6y37mt5JNLabpebnM3gzQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D4.0150777E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D252&utime=1934&sf=0&cpr=0.01391348091253497&evttyp=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 20 Aug 2022 05:44:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A195 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvHOQtXQAY_2RC6yH3LUPuYSZgAwAAAAAOAHgBAI&bg=!FxSlFFDNAAYUOm8VNDo7ACkAdvg8WsOtSqUc1oMayVG-CA3XbDzWwUaApdTnqIiX-l_fV_EmK3gLIAIAAAE0UgAAAAJoAQeZAueB0ptrIhEtkJIWVslMHL9eKJStxbK1gmF0BfipPZyeTOD3E7KfcndDScme2Dtd6EqN3QI4i5ChzaOpAgdEQnJm2IpY_LS59cE4DuE-1h0b6rvshmmmrx0jYcD3uXVlvvquTMjPLSnTe9_oLt_UqDgvv6qL82dRBbV61NpuU6AgD2uZR8Wm_cYaqOdOApQH5Nnize0Mvb6TdmuoCWURQCc6NZvl6a2bs4ojAzL_9YtQEtJ67leU1pQBJaY0XrfYNlaDkddxJPB12HXTwWlk4zWPmRo--HV_Cl2M73Ez4FqJSwluoHIySvElDpdO7sB35lLI3F2ALIVdUpCC5xo1_L5Wb2hlQoY7TnQ2OFWm8HUevx_pb3REnJ9aM94tl853B1158hqJvxgbAgPNEPYS5O1JaZS1E4iRjKAnflJVy4-azWc2lpOQg0ggOn6JgMelx5A6vjnMWvwdC_MaX1jkOZK3lPkHeTHnHNp8peipStfFHc7wPKTWtozlBRApgDBKsloC4Be51oCeMXExyX80IIVq-OyVccirBmzzepqFPblKznP_MMT_jnUN_XISidXP4SOJJUlS3GS8auguXv2DxGUgvWkDMHYp-O2bljBQBjdOOX3qp_jnFIRMMg4QsWL7Ei-sk15yiYcnaepa1y1Rr9Lvn75BLCyRADLtpnruzVqkQdOaHapMjmN0Vv20RfTkvTPEs8AEdgA9J022PTHZaPp0OVtdlDhWu1Xr32R1rax01PkujUOFsddnKD6nxNKjKN4pMvJzKrQz1FjAQogiSExCfgwWsydK8SDi8YsgAlPWKzTViGY52H1542i6PI_TAhj0kIctFeOPc9mMBXBxPUuZOmvhsw6-G_oGKjrPWsleXffddOWoZYijVdg0i6LiguBk3RhRIPYNCl5ZIpqXY4WjRKi4UsBvTkzqoDMRBQIXzxPzmGUosaUw0IkSdfuult8TkK6-LEjFHi6elGiSi93Bru6C_qpTYw
Requested by
Host: 7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
URL: https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 44B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c89a564e-d03d-4aee-9dd9-9f6285401c51&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=c89a564e-d03d-4aee-9dd9-9f6285401c51&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=c89a564e-d03d-4aee-9dd9-9f6285401c51&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 44B8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 44B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMPaNK3bq06WtrS3H4FEL6k&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMPaNK3bq06WtrS3H4FEL6k&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMPaNK3bq06WtrS3H4FEL6k&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44B8
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ5NTIwNjU2MzY1NTI0ODAzMjE1Mg%3D%3D
date
Sat, 20 Aug 2022 05:44:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 44B8
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1495206563655248032152&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1495206563655248032152&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b826e91c-1e21-4303-ba68-1c1e40b1dfc7&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b826e91c-1e21-4303-ba68-1c1e40b1dfc7&_noobservation=1&_expected_cookie=89bd8ce...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b826e91c-1e21-4303-ba68-1c1e40b1dfc7&_noobservation=1&_expected_cookie=89bd8cee3dfb68bc5494bb83e2af428d
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.101.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73d8d1208973aade-SYD
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b826e91c-1e21-4303-ba68-1c1e40b1dfc7&_noobservation=1&_expected_cookie=89bd8cee3dfb68bc5494bb83e2af428d
date
Sat, 20 Aug 2022 05:44:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73d8d11f482baade-SYD
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
adxcm.aspx
inv-nets.admixer.net/ Frame 44B8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1495206563655248032152&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1495206563655248032152&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
0
0
c.gif
c.bing.com/ Frame 44B8 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1495206563655248032152&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0B3CDDD77BAA4B1B8FDAD883EE7A5331 Ref B: SYD03EDGE1520 Ref C: 2022-08-20T05:44:23Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 44B8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1495206563655248032152?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-RX28FGdE2oR_384RxVdwHgu5S9hvGZoUItlmKFG4iw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-RX28FGdE2oR_384RxVdwHgu5S9hvGZoUItlmKFG4iw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 20 Aug 2022 05:44:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-RX28FGdE2oR_384RxVdwHgu5S9hvGZoUItlmKFG4iw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 44B8
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1495206563655248032152
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1495206563655248032152&dcc=t
0
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 44B8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=k4dDDyHR5_0mh5S14Lpc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NM2GIRCEPFEFE...
0
0
sd
us-u.openx.net/w/1.0/ Frame 99B9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2458727603983412140&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2458727603983412140&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2458727603983412140&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 99B9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c47beaea-e475-750a-f5ed-d82b2536456b&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c89a564e-d03d-4aee-9dd9-9f6285401c51&ttd_puid=c47beaea-e475-750a-f5ed-d82b2536456b&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c89a564e-d03d-4aee-9dd9-9f6285401c51&ttd_puid=c47beaea-e475-750a-f5ed-d82b2536456b&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c89a564e-d03d-4aee-9dd9-9f6285401c51&ttd_puid=c47beaea-e475-750a-f5ed-d82b2536456b&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 99B9
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwB0t8Co5soAAPB.iFIAAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwB0t8Co5soAAPB.iFIAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
26
Date
Sat, 20 Aug 2022 05:44:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":26,"gdpr":false,"ipv4":"173.245.209.33","key":"YwB0t8Co5soAAPB.iFIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40176"}
X-SO-Ads-Time
2
X-SO-Key
YwB0t8Co5soAAPB.iFIAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40176
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwB0t8Co5soAAPB.iFIAAAAA
Cache-Control
private
X-SO-HostName
a-ad40176.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40006.dc2p.scaleout.jp
X-SO-IP
173.245.209.33
sd
jp-u.openx.net/w/1.0/ Frame 99B9
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUPfCSsFsGMvks8ADsWuB84w588AAAGCucfxKQ
0
0
pixel
cm.g.doubleclick.net/ Frame 99B9 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgxNDM5MjAtMmQwMi0yYmFlLWUwMGQtODI5MmVmZDQ4YjBi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 99B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJKACxCDSVSYe33j__ZnoOw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJKACxCDSVSYe33j__ZnoOw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJKACxCDSVSYe33j__ZnoOw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D590 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAIn-lOsIa2HINmtHXp6bsOm30QE-035T-o_PmeBn4HV7N_xhG80vBadJQcNaJqKmoLEkgbHwfjH4KKoamCbNG9-vjjkcFCMYj6E4Vh1q3-md83NserfyPRL41WTqbsz5DviFkmSpidjdd1TQ_lvEnwZ-AlLUtZHC7pHz3E-UIOcndsdwYNDw9bD6cBy3OvjLzo_8BtZGmvYXCyOGutJHybTtlc2q3NDBAE3vCGFoT7549lN0JB3gALqUX3aL1-w_m-XWgwFnyP-urqQjbRozZWyVhdSxUrnsnirR-Ps7KO4GfHVoxR2oCsnzk-uPIhTK5bM55Iv17GZrvkO-xh8E87SYw88gd19h6RqAEuXGzwrTswM4l9mGG5vORJJSZIV9O5gUOwifxY7n0b3wPn35cLABz-DnZrisUbIEnTaeGOulWXXpYexgO2vNtYotFAibb-nmy3VmsyMCplO33PXD__SerIC-KYXjn9Pb9PT6Ye9hZHRoaO4bnKsvdiBNUw6Apu8-FO4tDCDlIu8EpkEEJvVlvbkd0PA4aH_up7_VmJgXIPEiJkSoldbbEHqrVvS_drmwfJJy3sXXA3I2Q15VKgL3E4lik1s_sUg1om3kEnKZj7flspGuIrprTHBPQFCkajFEiBCm_SerH4kSMMk1_My7MD0VWRhO9nyyQ0rO5in167zgSLBfcWjRCjKydh636w1kvRGM0rlwdwEuvzClMMpSOqC2tgjp6NUw7O97_2KL4R9OJtUieI1CUmeviG2cqinKgV-NS8r2NfFhTJf_Jgu70pUpQY76n4jrIEWJmRpBDQsYNhdnz017R66pPG_e6Ku_LfWXNZrTT1cP14yPonnI3a_9fV9l4wAWOtLqdm7clgRWklSERhp3YRgJY7W2vXi5moc7BIkhBB2i6ddt9jnO54edktOk1JKAcjrnfPKlwZtCbeMS-XdvrOEDoKG5oV81owx-HXMTuvS5upl2KkEoNUy7spTQd4Ppbiy2jTGjUyklXh5GoM6UY-jFRYP8qMCsXhvakzXBu2q51xrMsZAKJzKGYW2NhehgyVqq0dRQCoX9i0GUsoS686-3esxrL_LsQVYTCXi1Cfpj0Wa-Ml43qd75LYnBnzO9H4JxXZ6SQtc4YvttTifoOLZ3d9Afjzv1ch1eRmk73YMNQ7c19UXDD4aydbZ4D1WL64LjIt5QPolH7Y7MLpFXw6tf6fJW5Hk0GO2UcHuq-Kx8RYFk8JdXg&sai=AMfl-YSr261RWBaPQEyQAKhjHAUGtN1O4jogpqcHE0IFPlIxd3Z17CrXE1aUT0uE45m8o9GWd-Ou1_glrkvNoEW5UPQVRICxJ8BYpIogMF0Ys2vZvDsGcY0OxkPHwpcK7mMiHdTEZbGVPjLUFLgMeyAqoHzcvi7pC9D-_glwYm2jnpsQ_h2AnB9vPxbx62iOUbsaAsZvai_Jkju6ZL0jq1fmdKhI&sig=Cg0ArKJSzJDjkoLxYxdUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1670&vt=11&dtpt=838&dett=3&cstd=829&cisv=r20220817.72006&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Disclaimer.svg
s0.2mdn.net/sadbundle/7654897982036809312/ Frame 62C9 		225 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7654897982036809312/Disclaimer.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 02:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97132
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29254
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Aug 2023 02:45:31 GMT
kirsty_img1.png
s0.2mdn.net/sadbundle/7654897982036809312/ Frame 62C9 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7654897982036809312/kirsty_img1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
c148e1428078e0dcaa31bfb042d4206b14350b37af9eb890007e471d32e78de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:16:46 GMT
x-content-type-options
nosniff
age
131257
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50147
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 17:16:46 GMT
kirsty_img2.png
s0.2mdn.net/sadbundle/7654897982036809312/ Frame 62C9 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7654897982036809312/kirsty_img2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
da9411908b166ea5ffd91ae9206128a43fa7129bad64cb40ca166ff01ac58580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 03:39:32 GMT
x-content-type-options
nosniff
age
525891
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57062
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Aug 2023 03:39:32 GMT
Kirsty1.svg
s0.2mdn.net/sadbundle/7654897982036809312/ Frame 62C9 		48 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7654897982036809312/Kirsty1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
06d1371c50d31ecc01e2c8bce98212d11448628b083c920d2322a0972f01b077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1500
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11989
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Aug 2023 05:19:23 GMT
Kirsty2.svg
s0.2mdn.net/sadbundle/7654897982036809312/ Frame 62C9 		42 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7654897982036809312/Kirsty2.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
9821bf9ff27575f64888eaec440d73223387d4219930c0fb03e060974f75a7e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 22:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110680
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12662
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 22:59:43 GMT
CTA.svg
s0.2mdn.net/sadbundle/7654897982036809312/ Frame 62C9 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7654897982036809312/CTA.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 22:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372606
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3171
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Aug 2023 22:14:17 GMT
Frame3.svg
s0.2mdn.net/sadbundle/7654897982036809312/ Frame 62C9 		34 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7654897982036809312/Frame3.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7654897982036809312/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 15:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395536
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10826
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Aug 2023 15:52:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C48E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfaIp5ZF5qy5qZtYFYscR5XKkRZkJeSgUiSMvucz7gUuVNHgVBzU3EGJ9Gq6KolS2P-owBuuYCtnvuRwi7tHVrrO5w4NV-E5Ui5wkXE4uFZVP21aH9eFy0TMWb0quOix3dsQCt1SBz1Fe38T7opHKznbadBu-LN4s1SPzR7QsETK0-LngG-f3mCRK0teTAMns6oANIUo0LMlww87Ih8Ho2RkmDlFZ4Zd6zzhsYkx172-qVh6ck6rJQvxaEKXglxMOg2dnpNtLd2nybdXVWp_I6ksnabJYPmO8T6klFT-TBJzKUrguacytIGwe6Wmy8PYiK3bMzv9LV0CtXEDU50V7VQK4241wyowOlk9e3sq8h-FiCM1vjtMi2oUUDiftPpS3gz91_VexMqSO_Nsti7tgyrCpPVXYlEOzFoa6xxt4ZblZ8LWBr777tuWKBc0M3zB8KkS0DgrzgfX8na9kQ9nnYCfAuvwC6Uevd7l6YzRAx6oQJ3E7-LQJPwuWXmztqjPXpxHRxOOfJ1hlWQuDn87JdYXwr095FGWam2wQVBsC-hBqrd5sHqnudM06QVt6L-RfRxeBzL15jjpIWdcFxjyxQygBJ31KUYFSDwB90Mlsqmudnt0F0qbZjEQEvdv9RFPpmK6YBFxomG3HKp5S3RpJ5VGbiADShdzABdKMF3s3mp7hmS6YncvmdasTk63cqiWgR_jX9MI6L02cdM6xaZZB9WBOYKbKMOc7kVMzni54v5016LpSt4Nn3aei-sH6X4RitdtgNZcKtE7_RYIG4tJ3C3ZqW5oAWxSB8y0N2NZvESLiHxoVdPtipIRuiI7Ph8rMK0TmjYCGntJ-n9KkI5j-EVBCId4t6wvfjTZFoHnNiv2HM4JhnUWitRw2ySre0S5wGprzNi2mXkyxxtY3Uxk9d5mB3S_wcCbjCJFsXIahYTjV8DaaBNPQDrlonNX6WkqfcY8SdkIsuyr3AlZMsiArthBS5sbU83PkAz7f3Bv2zmHbzoUj8MGhx2ZzabNWqAkJZYv4vx8KAfT9lhpx-2W94K3gDKPv97Ty6cG0f1JmWdyq_E66IWWXxQXLhIRAn-tBA2E_SEpDYkjut1ReLhZ4wlKTxP64hk7OsjUwtm5-Ptfh4_Rcq2HPhNdRta59ShcpCDyx1V4EcNfFNEINFp65MGKtfwc1ojfKvisaO7N3AhFygx8sDpWoaeVUeaNNsLWQbSIg9kA3mQVo8ouYj1hoQz7q-GaDP&sai=AMfl-YQkd81-6wXygLCysJeak8wWxzhjN_QIRXKudHuw-scVnUTYfr-X5yWG6Ahp35avWYB7K1-x4tBugOl8XJ4FgVKY0HC1bO9xQbRWCWBMOIjyajv4bM6xUxPgOje95lx9_k00EdBVVwK-wwTI1_khhut-CxKJFjTUPZDlOoj9b7WNqs-R9fpvNG-TI6Ttby84Dst7l-J7LSq_vwm_KUrYoGfN&sig=Cg0ArKJSzIa-tEhFv3zeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1660&vt=11&dtpt=764&dett=3&cstd=894&cisv=r20220817.61207&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
disclaimer_common.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame AA92 		224 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/disclaimer_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 03:38:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7566
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36700
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Aug 2023 03:38:17 GMT
sam_img1.png
s0.2mdn.net/sadbundle/11589256862032369085/ Frame AA92 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/sam_img1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
4afac04c5fd0b8d418ba0f07626755756e3d1808cbd0f1d436a103ddfaf444ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 03:38:17 GMT
x-content-type-options
nosniff
age
7566
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25436
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Aug 2023 03:38:17 GMT
sam_img2.png
s0.2mdn.net/sadbundle/11589256862032369085/ Frame AA92 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/sam_img2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
42406888614f5578e2585d3a467f266f367f688782c680b0f50c71c13639707c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 00:00:44 GMT
x-content-type-options
nosniff
age
366219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26812
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 00:00:44 GMT
sam1.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame AA92 		44 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/sam1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
bfbe4083cd7f48a312e81db70959942348412dea1900bb643fc715e5c04d09df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 03:38:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7566
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11539
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Aug 2023 03:38:17 GMT
sam2.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame AA92 		40 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/sam2.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
dd98325b703df4f13c3a2ebcb93a7726270304b854afc75f4d5dfe5f27852937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 02:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13263
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Aug 2023 02:36:42 GMT
cta_common.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame AA92 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/cta_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 11:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3188
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Aug 2023 11:40:27 GMT
frame3_common.svg
s0.2mdn.net/sadbundle/11589256862032369085/ Frame AA92 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11589256862032369085/frame3_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11589256862032369085/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180534
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10443
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 03:35:29 GMT
sync
gum.criteo.com/ Frame D4C2 		61 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1877
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
usync.html
eus.rubiconproject.com/ Frame 866E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Aug 2022 05:44:24 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 20 Aug 2022 05:44:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 4BD9
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Drkt%26refUrl%3D%26vid%3D097426325530397586268225400...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3039758626822540000V10&type=rkt&refUrl=&vid=09742632553039758626822540000V10&ovsid=1975461764844743079
0
0
cksync
cs.media.net/ Frame D4C2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c89a564e-d03d-4aee-9dd9-9f6285401c51
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c89a564e-d03d-4aee-9dd9-9f6285401c51
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c89a564e-d03d-4aee-9dd9-9f6285401c51
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E87E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dpba%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165997
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 20 Aug 2022 05:44:23 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 03:51:00 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame D4C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dapx%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=apx&refUrl=&vid=09742632553039758626822540000V10&ovsid=4025926254539303744
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=apx&refUrl=&vid=09742632553039758626822540000V10&ovsid=4025926254539303744
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 20 Aug 2022 05:44:23 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
X-Proxy-Origin
173.245.209.33; 173.245.209.33; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3d9ade8a-36c9-482a-ace4-7bca0d8c4d35
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=apx&refUrl=&vid=09742632553039758626822540000V10&ovsid=4025926254539303744
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame D4C2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3039758626822540...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3039758626822540000V10&type=opx&refUrl=&vid=09742632553039758626822540000V10&ovsid=0c578375-4f75-4fea-96a2-a64597d9d7b7
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3039758626822540000V10&type=opx&refUrl=&vid=09742632553039758626822540000V10&ovsid=0c578375-4f75-4fea-96a2-a64597d9d7b7
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 20 Aug 2022 05:44:23 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

date
Sat, 20 Aug 2022 05:44:23 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3039758626822540000V10&type=opx&refUrl=&vid=09742632553039758626822540000V10&ovsid=0c578375-4f75-4fea-96a2-a64597d9d7b7
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame D4C2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dr1%26refUrl%3D%26vid%3D09742632553039758626...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8768167107
  • https://sync.1rx.io/usersync/tradedesk/c89a564e-d03d-4aee-9dd9-9f6285401c51
  • https://sync.targeting.unrulymedia.com/csync/RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=r1&refUrl=&vid=09742632553039758626822540000V10&ovsid=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=r1&refUrl=&vid=09742632553039758626822540000V10&ovsid=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 20 Aug 2022 05:44:24 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 20 Aug 2022 05:44:24 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=r1&refUrl=&vid=09742632553039758626822540000V10&ovsid=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004
date
Sat, 20 Aug 2022 05:44:23 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXebee5caceccc41d9bb616b0556e9f406004
content-type
text/html
cksync
cs.media.net/ Frame D4C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAzOTc1ODYyNjgyMjU0MDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB3WmdFtEVp0IKsm00b6G90&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D4C2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09742632553039758626822...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=dxu&refUrl=&vid=09742632553039758626822540000V10&ovsid=wXe0tAWi1Ophhs5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=dxu&refUrl=&vid=09742632553039758626822540000V10&ovsid=wXe0tAWi1Ophhs5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 20 Aug 2022 05:44:23 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:23 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0ba97292cfef13069@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=dxu&refUrl=&vid=09742632553039758626822540000V10&ovsid=wXe0tAWi1Ophhs5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D4C2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=70dd1183-314d-409f-8081-0ef3360f9f00
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=70dd1183-314d-409f-8081-0ef3360f9f00
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 20 Aug 2022 05:44:23 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 20 Aug 2022 05:44:23 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:22 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=70dd1183-314d-409f-8081-0ef3360f9f00
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1580966
content-length
0
expires
Sat, 20 Aug 2022 00:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame D4C2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
0
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame D4C2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dzem%26refUrl%3D%26vid%3D09742632553039758626822540...
  • https://stags.bluekai.com/site/23178?id=mOPz_9FatwTS680qvVcV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLNJ5IHUXZZIZQXI52UKM3DQMDROZLGG...
0
0
sync
rtb.mfadsrvr.com/ Frame D4C2 		0
0
um
cs.emxdgt.com/ Frame D4C2 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Demx%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.75.132 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame FA83 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5ee3e2b294521befd0025c189e612ed2543efd6d36327b254569da26a8a96e88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58933
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Sat, 20 Aug 2022 22:06:36 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7386 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d600b9954cad616ff158479481deb48e735cac679a694dce338fcd45d192fd

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73d8d11cf97ba83e-SYD
content-encoding
br
content-type
text/html
date
Sat, 20 Aug 2022 05:44:24 GMT
dropped-udsids
39|230|241|73|18|81|8|57
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEEGQK%2BG3Yh5TXfrBMOynnz4NBkzaXRSUQHx8TqKSInjyNyWwn%2FzYFl6Ns%2BK6YFXskTUBzsoo4KmUuwORYJDJAW6qcm6c7ETCgF3nip4kh0cZk43jFX9b1YMRpDiLLk71ZV%2BghqfKA1JYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 1C25 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxr3HCfiEof-tz5NBwppv5Kprty9Kin0oEothorqtkf_H5i7spno2l-B6fFPi9_OdJDHGdScFxglV5rmDSEBY87Z3sXRj58hrMCPiH2viZ7-38zOdf-f7T6GuyAxESusCa8oxEmW9l4Q&sai=AMfl-YS_91qNlyiPIDgKX-m0ollW8D6YbbgZmQqNIZDjU1qHsdX5iHwIWbUl5kvMKBVafOWhBOc3sbLNSEviv0lQ_1ERTv0e9E_T6y07ED7lDbwO70xXuDw1Lz5tTyp5&sig=Cg0ArKJSzAO60n_QxJrLEAE&cid=CAASFeRo5sSjKU8joPl2a2z7u-FOtZdxlw&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660974260571&rpt=2109&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2ECA 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
89a2dba7f361fa29f672e6e57ea403824f8acd6fbae46dce81b2f3974ddb281c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10979
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5F53 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
51493c4ff19c6c01b8df55b1ac314142efab12903db56853f74c8c97a34817e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10958
x-xss-protection
0
bqi.php
lg3.media.net/ Frame 1439 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2882&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8POHZR87R&katbid=-103&katen=1&cme=l4x29x8SoNu3r_FcabJVR7omFK6Pd8DqNPh8l07A22AYCEAjUtO9LFFx1OMKSuuWdLwyuPa-L-G_SWm1QGOTeWWZ3Ui1Er4iR5tkiLSAkyLrj_cpNv6ZSvQef3_Mz3rokhn2DuI832RMdOoMX7zbBCa85EupuFzwwbplRGgvZBBi6QA-F5mAUKvA_2LRwz-itbQLueoidPoLGSpKPm1daA==||zgYDFaY6yvv6gB2u6esx3AKMxrjBa8MgTZeLDyKS2yJuuEIffzKhF7t9BCZT0HknD4I4Mt8dAqO8ywAQpjQITmFlMntdc9g9dhF8ZdC--Uvr5RJl_KRTff_J4YvOAd5Phdc3M2W7nC_cOn1uJDEer_MD8f2qXZt59fvnDE9162oXlaCQCiiHNh90JRGSHi13zzLQpnJCGwqYvgCzLDkiHbSrc6h4iLLevY4ObDxv2Fo=|u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|a0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo=|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=131738877&requrl=https%3A%2F%2Fwww.bg3.co&vi=1660974261987125843&ugd=4&cc=AU&sc=NSW&bdrid=4&subBdr=186&startTime=1660974261984&l2type=sca&vgd_l1rakh=1660974261192702743&l1ch=1&sttm=1660974261993&upk=1660974262.20905&hvsid=00001660974261993029185682254426&acid=30196797ecb44ba3a2bf596f4aa395cd&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D472~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082000~iurl_b%3D63816.21~url_tkc%3D2~std%3D~last%3D~vis_url_b%3D0.17~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D74%2C74~et%3D9~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022081910~vis_b%3D166.93~url_b%3D0.02~url_tvi%3D1953~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D97335391a67a729904180958400b477a~sd%3D1~uid%3DaQw3JqVQWHmiX3ugh~btd%3D15749759548019670152535502477589427031368148274129145121892978740046573585367044~d2p_l%3D70~3pcf%3D1.65~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.96~ogd2p_b%3D0.93~vurl_b%3D0.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D22.01~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.95~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.81~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.011%7Edmm%3Dharmony%7Esuid%3DCAESEH6y37mt5JNLabpebnM3gzQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D4.0150777E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D252&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_sc=NSW&infr=1&twna=1&stime=1660974260413&vgd_ecrid=1700080807683300336028000000500&l1hcsd=l1!A12|5535&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p1162629177t202208200544&vgd_pgids=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660974259159&bpp=12&bdt=259&idt=422&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=7633386679772&frm=8&ife=1&pv=2&ga_vid=822722314.1660974260&ga_sid=1660974260&ga_hid=307432070&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31068737%2C31068991%2C44772039&oid=2&pvsid=4019489032167260&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.duf4qooaqmib&fsb=1&dtd=436
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 20 Aug 2022 05:44:23 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=67985
content-length
15
PugMaster
image6.pubmatic.com/AdServer/ Frame E87E 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90776185&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dpba%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d5f073457c96f8bfae91051433518d5bd41261d05318fc49307983717afed48c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
aax-eu.amazon-adsystem.com/s/ Frame FA83 		0
0
token
token.rubiconproject.com/ Frame FA83 		0
0
tap.php
pixel.rubiconproject.com/ Frame FA83
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c89a564e-d03d-4aee-9dd9-9f6285401c51&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c89a564e-d03d-4aee-9dd9-9f6285401c51&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c89a564e-d03d-4aee-9dd9-9f6285401c51&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame FA83
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHbAJIxTznOL_pDDWthXybk&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHbAJIxTznOL_pDDWthXybk&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHbAJIxTznOL_pDDWthXybk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
token.rubiconproject.com/ Frame FA83 		0
0
dcm
s.amazon-adsystem.com/ Frame FA83
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
0
0
token
token.rubiconproject.com/ Frame FA83 		0
0
esync
token.rubiconproject.com/ Frame FA83
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A071 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e2e5baf86025b4272537a2536a46ac70078ccb4ee34604618157c8bcb708486f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11113
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0F1E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c892a2dc1db2b00757a84d74f09a43cdef4fb1e7ec1aa17e1667501966bbeef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Aug 2022 05:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11160
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5F53 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2ECA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:24 GMT
rum
dsum-sec.casalemedia.com/ Frame 7386
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c89a564e-d03d-4aee-9dd9-9f6285401c51&expiration=1663566264&gdpr=0&gdpr_consent=
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c89a564e-d03d-4aee-9dd9-9f6285401c51&expiration=1663566264&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73d8d11fec68a977-SYD
pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ao2IT6rgxXUraXIuqoC0A1HGFSPv7WuON71BqCkmqB8AO%2FZ4Ab8WFsCJFB9uUApCGk7FGkYdznonqKWkBWWWasfiM5E6LCRmXj5t0Nlq66s45VMaxYoj27oauF1w3lCMnH%2BVRVQ0JfmtDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c89a564e-d03d-4aee-9dd9-9f6285401c51&expiration=1663566264&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 7386
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELvy2O9E4Xf5O6Df5Dpw9v8&google_cver=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELvy2O9E4Xf5O6Df5Dpw9v8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73d8d1204d12a83e-SYD
pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhHE3eESII9KmfRQ8Bgntsobx2q2QyFWOxnHakZ4gyQoHzMHLtiQSu83hmnSHD0X%2Fr5zYZJXgIHyCUj4WLetVuIhYNUOOOYpyP7keo15kSAFnaQaUGAC1isUe31awVBQHtZBcUJZR%2F9%2BUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELvy2O9E4Xf5O6Df5Dpw9v8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7386
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&dcc=t
0
0
YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7386 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.148.4 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-148-4.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ix
s.company-target.com/s/ Frame 7386 		0
0
rum
dsum-sec.casalemedia.com/ Frame 7386
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=K-dIKirgGikwtUkuJOJVLy3gGysw5B55f-wAFVHe
43 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=K-dIKirgGikwtUkuJOJVLy3gGysw5B55f-wAFVHe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73d8d1204cd9a977-SYD
pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFD%2B97OtbjE2vsNFybx3A4xPN%2Fpj2Whbhf7oj27sBHlizeq8oSPg9OIrX8RoPvjW0eHQaIMfm9x%2Bm7%2FEKwqODIrQ3%2BKMvkiSv%2FDg5JN%2BNdBwe3Ev0m7eDQoBj9O1%2FgTG66W0gSEmLPaHrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=K-dIKirgGikwtUkuJOJVLy3gGysw5B55f-wAFVHe
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix.gif
beacon.lynx.cognitivlabs.com/ Frame 7386 		0
0
cm
p.rfihub.com/ Frame 7386 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7386 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YwB0tZPh8AfnYMN3HnlXIwAA%26264
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
cf-cache-status
HIT
age
118
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73d8d1205d8d5593-SYD
expires
Sat, 20 Aug 2022 09:44:24 GMT
async_usersync
ib.adnxs.com/ Frame E6F6 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 20 Aug 2022 05:44:24 GMT
X-Proxy-Origin
173.245.209.33; 173.245.209.33; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4dc49672-a335-4a0c-ba58-03e0a97d6e9d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame B82A 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 11F8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16216300-74b6-4a00-85ec-3230667a2662&gdpr=0&gdpr_consent=
0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame B7A5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
0
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 2963 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5AF4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5EC3
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wqrsyxkp27p
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 94BB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wXe0tAWi1Ophhs5&gdpr=0&gdpr_consent=
0
0
sync
x.bidswitch.net/ Frame 7E1A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004&rndcb=334848583
0
0
pxd
dps.jp.cinarra.com/ Frame F895 		0
0
bridge
cm.adgrx.com/ Frame E010 		0
0
pubmatic
gocm.c.appier.net/ Frame 03C6 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame F75A
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8ddb717f789a42aeada1283a35a46b94
0
0
/
csync.loopme.me/ Frame 8E41 		0
0
cookiesync
core.iprom.net/ Frame A627 		0
0
i.match
a.tribalfusion.com/ Frame 30D4 		43 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dpba%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
73d8d1207f4854f7-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 20 Aug 2022 05:44:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
141
match.deepintent.com/usersync/ Frame E055 		0
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 6643
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f732461-c350-4431-a2ce-2484853ae446-tuct9f9fa38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
0
cksync.php
contextual.media.net/ Frame 248B 		45 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3039758626822540000V10&type=pba&refUrl=&vid=09742632553039758626822540000V10&ovsid=BB595AF2-025F-409B-88EA-412B41F1E70A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dpba%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Sat, 20 Aug 2022 05:44:24 GMT
expires
Sat, 20 Aug 2022 05:44:24 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E87E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=u1la8gJfQJuI6kErQfHnCg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dpba%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.44.0.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=165996
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 22 Aug 2022 03:51:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Aug 2022 05:44:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1000.gif
idsync.rlcdn.com/ Frame E87E
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BB595AF2-025F-409B-88EA-412B41F1E70A
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEJCNTk1QUYyLTAyNUYtNDA5Qi04OEVBLTQxMkI0MUYxRTcwQRAAGg0IuOmBmAYSBQjoBxAAQgBKAA
0
0
SPug
image4.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=16216300-74b6-4a00-85ec-3230667a2662
0
0
Pug
image2.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkI1OTVBRjItMDI1Ri00MDlCLTg4RUEtNDEyQjQxRjFFNzBB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDNizq7m-UPXX_LLfs3BrQI&google_cver=1
0
0
pubmatic
um.simpli.fi/ Frame E87E 		0
0
BB595AF2-025F-409B-88EA-412B41F1E70A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E87E 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BB595AF2-025F-409B-88EA-412B41F1E70A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3039758626822540000V10%26type%3Dpba%26refUrl%3D%26vid%3D09742632553039758626822540000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.148.4 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-148-4.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c89a564e-d03d-4aee-9dd9-9f6285401c51
0
0
Pug
image2.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4025926254539303744&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gtx0DYPbJg6ZjnUJjdlpCITbJwyZ3yJe1teyqQFD
0
0
sync
x.bidswitch.net/ul_cb/ Frame E87E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
SPug
image4.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BB595AF2-025F-409B-88EA-412B41F1E70A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k08T1V5E2uVjK8m6m2tNkjbPGhF4uZg-~A&gdpr=0&gdpr_consent=
0
0
match
c1.adform.net/serving/cookie/ Frame E87E 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2458727603983412140&gdpr=0&gdpr_consent=&us_privacy=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BB595AF2-025F-409B-88EA-412B41F1E70A&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=63831616e31e1b4d&is_secure=true&networkId=17100&version=1&nuid=BB595AF2-025F-409B-88EA-412B41F1E70A&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALXbI3irPKNgNSNUDSAAAAAAA&expiration=1661060664&nuid=BB595AF2-025F-409B-88EA-412B41F1E70A&...
0
0
getuid
secure.adnxs.com/ Frame E87E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
0
0
d1ba4609
rtb.gumgum.com/getuid/ Frame E87E 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C0D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165996
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 20 Aug 2022 05:44:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 03:51:00 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 5039 		0
0
/
onetag-sys.com/usync/ Frame 0B71 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 164A 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame 3E15 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b823e7ab080ba4d9ad6345692575143e78ae37077e71a684b87fdbb121b6814

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73d8d1203d0ca83e-SYD
content-encoding
br
content-type
text/html
date
Sat, 20 Aug 2022 05:44:24 GMT
dropped-udsids
46|4|3|88|191|47|11|105
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfqqUs%2BBip1pEuhvnbyMRKXJ77zf2qCQSHvvoEQ%2BdcJAspwpGT6bahraQskCZVGx1%2Bj3XPmb3TXvss1ywkQ6Nwj4T6fO4rsNvB%2BQlBnPYJZtEzrE3pTSzsya7GwWUNrCTnFN80T88HghtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 95AC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
0
0
setuid
x.yieldlift.com/ Frame 954C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L71H6SDO-11-5XSJ&gdpr=0&us_privacy=1YN-
0
0
sync
ads.servenobid.com/ Frame 954C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4025926254539303744
0
0
merge
ce.lijit.com/ Frame 954C 		0
0
pixel
ap.lijit.com/ Frame 954C 		0
0
getuid
x.yieldlift.com/ Frame 954C 		0
0
sync
x.bidswitch.net/ Frame 954C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004&rndcb=5066954339
0
0
cm
p.rfihub.com/ Frame 954C 		0
0
usa
sync.go.sonobi.com/ Frame 954C 		0
0
getuid
ib.adnxs.com/ Frame 954C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F75%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D47fd1e62-03ac-4cf9-9bc1-1652a2c55832%26bidder%3Dappnexus%26cbx%3Da...
0
0
sync
ads.servenobid.com/ Frame 954C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A
0
0
redirectuser
ssp.disqus.com/ Frame 954C 		0
0
sync
ads.servenobid.com/ Frame 954C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A
0
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A071 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A23 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
142740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A409 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
11c1597787373f89401d2e74e548b39e2605b6f6a6196483352e5da6c3f4dba0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k4q0FvW4CzX1lSC-rONvjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-k4q0FvW4CzX1lSC-rONvjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:24 GMT
expires
Sat, 20 Aug 2022 05:44:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A0C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
142740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0C32 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
a7ad64467344e3d533364b6c6e2750df7e698810211f5964861816483ce4c72b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qgiOKo-yeddOyz-_HAgs8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-qgiOKo-yeddOyz-_HAgs8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:24 GMT
expires
Sat, 20 Aug 2022 05:44:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0F1E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 05:44:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 05:44:24 GMT
usync.js
eus.rubiconproject.com/ Frame 866E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5ee3e2b294521befd0025c189e612ed2543efd6d36327b254569da26a8a96e88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:44:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58932
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Sat, 20 Aug 2022 22:06:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E4F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
142740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 18C8 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
a9c18054279b9147f7c8ebe18144bf5be22f4d4c018dbbb08ed8b02d094ec0d2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O6H7VwhoK9MHAP8d2WLvCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-O6H7VwhoK9MHAP8d2WLvCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:24 GMT
expires
Sat, 20 Aug 2022 05:44:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 54B1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
142740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 14:05:24 GMT
expires
Fri, 18 Aug 2023 14:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D02C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
979d4bbbbb5cc21e316b7122e1334eceaa6493539567599be551c83d3c4daeed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ls5j6N893nLDKLQTPIgyGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-ls5j6N893nLDKLQTPIgyGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 05:44:24 GMT
expires
Sat, 20 Aug 2022 05:44:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame A409 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=1443283227394013&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C32 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=4206563028032491&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/yao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getuid
secure.adnxs.com/ Frame 3E15 		0
0
cs
ad.turn.com/r/ Frame 3E15 		0
0
img
sync.mathtag.com/sync/ Frame 3E15 		0
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 3E15 		0
0
index
dmp.brand-display.com/cm/api/ Frame 3E15 		0
0
crum
dsum-sec.casalemedia.com/ Frame 3E15
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=wXe0tAWi1Ophhs5
0
0
index.gif
euexchangesync.digitaleast.mobi/usersync/ Frame 3E15 		0
0
ssp
d.adroll.com/cm/index/ Frame 3E15 		0
0
sync
ads.servenobid.com/ Frame 3E15 		0
0
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 2A23 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 21:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
289656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:16:48 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 7A0C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 21:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
289656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:16:48 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 866E 		0
0
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 1E4F 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 18C8 		0
0
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 54B1 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D02C 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOF2ym3GvyhqheCBhZLTn6v7B_xIC_LYtCr9TTTA&google_push=AehlK4Cvt2nfb7UafH8Eak_zClFZl7UDmZLt0rVNfwgTl7wEkeA7EiTyxCMV-5AzVLClQtndTIPvKxMHR1hyq5jglcTt4HOEZrrIwQ
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOvCD7J-UXh8ZWdCx1czZp8XVVEi0LeMxlHZWXRw&google_push=AehlK4CorNa17Z4Ubt6olW8uKwlRUa_fnIRty_v28yy-NZstwMaV88QD1DygSLe42b_7BMHX6U2KC5JQN2BMU1GwblqVqEKb37dnD55m23poZcXGPfRYjdgXHOkRCMuH_VDCEzy7fn9emZ_gWg
Domain
inv-nets.admixer.net
URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3Dc284023d-649b-403d-8974-23522a8e001f%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1495206563655248032152&dcc=t
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NM2GIRCEPFEFENK7GBWWQNKTGE2EY4DD
Domain
jp-u.openx.net
URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUPfCSsFsGMvks8ADsWuB84w588AAAGCucfxKQ
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.html?cs=8&vsid=3039758626822540000V10&type=rkt&refUrl=&vid=09742632553039758626822540000V10&ovsid=1975461764844743079
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLNJ5IHUXZZIZQXI52UKM3DQMDROZLGGVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDSNZUGI3DGMRVGUZTAMZZG42TQNRSGY4DEMRVGQYDAMBQKYYTAJTWONUWIPJTGAZTSNZVHA3DENRYGIZDKNBQGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3039758626822540000V10
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=26594
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=36584
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB&dcc=t
Domain
s.company-target.com
URL
https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/ix.gif
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=2079
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=BB595AF2-025F-409B-88EA-412B41F1E70A
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:16216300-74b6-4a00-85ec-3230667a2662&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YwB0uAAHvinZpwAK
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wqrsyxkp27p
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:wXe0tAWi1Ophhs5&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004&rndcb=334848583
Domain
dps.jp.cinarra.com
URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=BB595AF2-025F-409B-88EA-412B41F1E70A
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8ddb717f789a42aeada1283a35a46b94
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
match.taboola.com
URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5f732461-c350-4431-a2ce-2484853ae446-tuct9f9fa38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEJCNTk1QUYyLTAyNUYtNDA5Qi04OEVBLTQxMkI0MUYxRTcwQRAAGg0IuOmBmAYSBQjoBxAAQgBKAA
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=16216300-74b6-4a00-85ec-3230667a2662
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDNizq7m-UPXX_LLfs3BrQI&google_cver=1
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c89a564e-d03d-4aee-9dd9-9f6285401c51
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4025926254539303744&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gtx0DYPbJg6ZjnUJjdlpCITbJwyZ3yJe1teyqQFD
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k08T1V5E2uVjK8m6m2tNkjbPGhF4uZg-~A&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2458727603983412140&gdpr=0&gdpr_consent=&us_privacy=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALXbI3irPKNgNSNUDSAAAAAAA&expiration=1661060664&nuid=BB595AF2-025F-409B-88EA-412B41F1E70A&is_secure=true&gdpr_consent=&gdpr=0
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
rtb.gumgum.com
URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L71H6SDO-11-5XSJ&gdpr=0&us_privacy=1YN-
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=312&uid=4025926254539303744
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004&rndcb=5066954339
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F75%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D47fd1e62-03ac-4cf9-9bc1-1652a2c55832%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=337&uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=339&uid=y-8sJzfP9E2uEPSuV2ce3yHA8nQCx1mKdTXNLPZD0-~A
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=wXe0tAWi1Ophhs5
Domain
euexchangesync.digitaleast.mobi
URL
https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/ssp
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=333&uid=YwB0tZPh8AfnYMN3HnlXIwAAAQgAAAAB
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L71H6SDO-11-5XSJ
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=4019489032167260&rc=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=3251581882486024&rc=

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| ucf object| request string| paramsString object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias object| google_reactive_ads_global_state number| ampAdSlotIdCounter string| currentState object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla function| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ggeac object| google_tag_data object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| descriptionPage object| dataLayer function| gtag undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_127 object| Criteo_prebid_127

89 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQutWfzqswCgoIgQIQutWfzqswCgoI4gEQutWfzqswCgoI5gEQutWfzqswCgoIhwIQutWfzqswCgkICRC61Z_OqzAKCQg6ELrVn86rMAoJCAsQutWfzqswCgoIjAIQutWfzqswCgkIXxC61Z_OqzA=
.aralego.com/ Name: sspid
Value: fa058385-d5e3-3a2e-bd1f-64e85090c579
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: a7ea8da2-bca0-48aa-a3dd-b9f8021053e2
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 17d7d5b3-4df2-4afd-af3b-10c341117696
.bg3.co/ Name: __gpi
Value: UID=000008ccc6487a3a:T=1660974257:RT=1660974257:S=ALNI_MaAO46-V0PxrRMyky5ZR2N9lXtvuQ
.adpushup.com/ Name: ap_uid
Value: 22023740-204b-11ed-9ca7-000d3ac92781
.adpushup.com/ Name: ap_usid
Value: 22023741-204b-11ed-9ca7-000d3ac92781
.openx.net/ Name: i
Value: 17d7d5b3-4df2-4afd-af3b-10c341117696|1660974258
.rubiconproject.com/ Name: khaos
Value: L71H6SDO-11-5XSJ
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwsumBmAY4AUABSAEQsumBmAYYAA..
.adnxs.com/ Name: uuid2
Value: 4025926254539303744
.prebid.a-mo.net/ Name: __amc
Value: 1_1660974258_1660974258
.a-mo.net/ Name: amuid2
Value: 47fd1e62-03ac-4cf9-9bc1-1652a2c55832
.prebid.a-mo.net/ Name: sd_amuid2
Value: 47fd1e62-03ac-4cf9-9bc1-1652a2c55832
www.bg3.co/ Name: cto_bidid
Value: Dmq-2V80VXJoZ25WRlkzS09FT3kxRDU2ckxON0N3Q0NQTUlHUVkzd2k5U1FFTUtXOGowbmYlMkJaOXdRYlphT1l3TUEyRW43ZU9RWDBCYjF5ZVZRNm01VSUyRnJMWXclM0QlM0Q
www.bg3.co/ Name: cto_bundle
Value: 9j4QnV9sZjRWSHhKVDVETFdUWDJZOFo4JTJCcGtOeVAwTmU1VllUbXI1Q0VsVkRIQ0dBd3d6WUROZVFTYkF2bDMydU9CVnZGbyUyRks0QVhYbnIzNWZ3NWNDeUFLclB1SEhwUXROZDF3ODNwUThBRFpmT0klM0Q
.teads.tv/ Name: tt_viewer
Value: 50ba0da6-0812-471c-ae63-2c28009c3bc9
.quantserve.com/ Name: mc
Value: 630074b3-a1496-504c1-0fcb8
.bg3.co/ Name: __qca
Value: P0-184661653-1660974259555
.doubleclick.net/ Name: IDE
Value: AHWqTUkm01gptfs2S7jo6VFIkicW95penuP8LqupaMvy94a14NbY-rCjwPr4fX3Y73A
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1660974260.1.0.1660974260.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1887609561.1660974260
.bg3.co/ Name: __gads
Value: ID=e7c30907dbbc8048-22ff9358b4d5004e:T=1660974257:S=ALNI_MbFYQ7SIi5orxYfngTap_f00ErXgw
.casalemedia.com/ Name: CMID
Value: YwB0tZPh8AfnYMN3HnlXIwAA
.casalemedia.com/ Name: CMPS
Value: 264
.casalemedia.com/ Name: CMPRO
Value: 264
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In<?^*+9!@wnfH8K6pQK`!5=E<*L5?%LlfziaO1gYh'g0Rv@Y@Jfa6:/2aAccVAe^nW-%nugO%v4VB%no*A*?c'S
.ctnsnet.com/ Name: cid_f97112dc0c4443478e412bbe9c1d2ed9
Value: 1
.ctnsnet.com/ Name: gid_CAESEHmoc8V_Uj01yOu54chvit4
Value: 1
.c.appier.net/ Name: _auid
Value: S6mL-2UOD1SjODaytnQAYw
.c.appier.net/ Name: _gu
Value: CAESEDbBGY_ohpV28_xop9eLsDY
.ctnsnet.com/ Name: cid_8ddb717f789a42aeada1283a35a46b94
Value: 1
.ctnsnet.com/ Name: gid_CAESEFFXLCeBK2XFNpUVv3gxtPw
Value: 1
.yieldmo.com/ Name: yieldmo_id
Value: g9f838fc512a7ed352ef%7C1660974262429%7C0%7C
.3lift.com/ Name: tluid
Value: 1495206563655248032152
.casalemedia.com/ Name: CMTS
Value: 905
.tribalfusion.com/ Name: ANON_ID
Value: aNnseFyg6AarA7u8QGkofkNXTFn55p5YxbIFQrWUgeYTjZdXrJZbuZcgpGwydhTZaZclYC0MoQn5lZaV46qCnECokS
.w55c.net/ Name: wfivefivec
Value: wXe0tAWi1Ophhs5
.fout.jp/ Name: uid
Value: sxW7rjWTEqSGAhXjqgPniEHBmj4
.adsrvr.org/ Name: TDID
Value: c89a564e-d03d-4aee-9dd9-9f6285401c51
fksnk.com/ Name: AWSALBCORS
Value: NNCidT55VTzaf3BaZsmJly1HXhOesnaSgK0cUHKx44F4pWB3j1JuCWZHJ22ht7/Zot5K+9HwnMcJHzSuN3NkJFiFXmmWPQO70GbU7i9kG2epFL1xHdy83Zb4wf5i
.fksnk.com/ Name: f_001
Value: B18BB23D1EE8D22A
.fksnk.com/ Name: g_001
Value: 1
.mathtag.com/ Name: uuid
Value: 16216300-74b6-4a00-85ec-3230667a2662
.mathtag.com/ Name: mt_mop
Value: 4:1660974262
.w55c.net/ Name: matchgoogle
Value: 5
.media.net/ Name: visitor-id
Value: 3039758626822540000V10
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22c89a564e-d03d-4aee-9dd9-9f6285401c51%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-20T05%3A44%3A22%22%7D
.smaato.net/ Name: SCM
Value: 862d37ee
.smaato.net/ Name: SCMg
Value: 862d37ee
.openx.net/ Name: pd
Value: v2|1660974262|jElYiuvOiahI
.adingo.jp/ Name: ID
Value: 0d83bee23854111be6463c9a893ea3fd
.dap.fw-ad.jp/ Name: user
Value: 7dc58f4a-4cff-3e58-bfd2-7053534754ed
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1660974262983000
.sharethrough.com/ Name: stx_user_id
Value: 0d5c83fc-795a-4fa3-8ae6-595f8c6eeb6a
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 424dd8f4dd8e1ffe
.inmobi.com/ Name: idsp_c
Value: 281dd88f-4d6a-49ce-b241-e5b026654c34
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d5fb1bff-82c8-4f31-552b-b7eaa6d7d6d1.RzAxuP0DVDMjQLQ2p69GZ9C0xTELw53oRral0jUK93o
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1fsb_4LITzFVK7fqptfW0a310SE.98IhahDsB6fAJF8EHHvG1mLYDNuFl%2BA4de%2FInAXUIO8
.yandex.ru/ Name: yuidss
Value: 6846841681660974263
.yandex.ru/ Name: yandexuid
Value: 6846841681660974263
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.openx.net/ Name: univ_id
Value: 537072971|c89a564e-d03d-4aee-9dd9-9f6285401c51|1660974263290440
.w55c.net/ Name: matchmedianet
Value: 5
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIwBSBb36dROrUyebV3a1stem5QmDzhwdchyhRUl9Yw7CtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Em9dRdKCTFZDCax3pyYFnS0=
.bing.com/ Name: MUID
Value: 00AC52DCA1A465AE0A0040DAA096649A
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-g
Value: CAESEB3WmdFtEVp0IKsm00b6G90~~6
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjK4JTGuJ6BOxAFOAFaC2FkY29uZHVjdG9yYAI.
.reemo-ad.jp/ Name: deviceIdentifier
Value: UwkSGpLSHGutLvZeoRKvUEXLZaryawvI
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.linkedin.com/ Name: li_sugr
Value: b826e91c-1e21-4303-ba68-1c1e40b1dfc7
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9df595cf-ee28-4b4e-8a60-2f2abd039615"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2422:u=1:x=1:i=1660974263:t=1661060663:v=2:sig=AQHIMWF_5_kA0xjMmTOllYadso8PCWuc"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BB595AF2-025F-409B-88EA-412B41F1E70A
.zemanta.com/ Name: zuid
Value: mOPz_9FatwTS680qvVcV
.analytics.yahoo.com/ Name: IDSYNC
Value: 196y~26ot
.yahoo.com/ Name: A3
Value: d=AQABBLd0AGMCEP_itlpHRaJMFcSRykj84YoFEgEBAQHGAWMKYwAAAAAA_eMAAA&S=AQAAApaFv6xmmhLq5ufMblX66Xw
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYwOTc0MjYzfQ
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ebee5cac-eccc-41d9-bb61-6b0556e9f406-004%22%7D
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.media.net/ Name: data-xu
Value: wXe0tAWi1Ophhs5~~8
.media.net/ Name: data-o
Value: 0c578375-4f75-4fea-96a2-a64597d9d7b7~~8

3 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyao-rang-zhen-min-yong-you-xing-fu-gan-dong-gang-zhen-min-dai-biao-huang-zhen-xiang-can-xuan-zhen-chang.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.adpushup.com/42753/L2EveWFvLXJhbmctemhlbi1taW4teW9uZy15b3UteGluZy1mdS1nYW4tZG9uZy1nYW5nLXpoZW4tbWluLWRhaS1iaWFvLWh1YW5nLXpoZW4teGlhbmctY2FuLXh1YW4temhlbi1jaGFuZy5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f5d742c27d9c5efaa359a54b334c188.safeframe.googlesyndication.com
7e1c7df6cbb92b6640cf05f567ee929d.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
af572ee63eab6a874a02e62220a834c1.safeframe.googlesyndication.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bidder.criteo.com
c.bing.com
c.eu1.dyntrk.com
c1.adform.net
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
core.iprom.net
cs.emxdgt.com
cs.media.net
csync.loopme.me
d-33308842932164443182.ampproject.net
d.adroll.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dps.jp.cinarra.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocm.c.appier.net
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
match.taboola.com
mweb.ck.inmobi.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.dsp.reemo-ad.jp
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.mathtag.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
y.one.impact-ad.jp
aax-eu.amazon-adsystem.com
ad.turn.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
c1.adform.net
ce.lijit.com
cm.adgrx.com
contextual.media.net
core.iprom.net
csync.loopme.me
d.adroll.com
dmp.brand-display.com
dps.jp.cinarra.com
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
g2.gumgum.com
gocm.c.appier.net
hb-api.omnitagjs.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
inv-nets.admixer.net
jp-u.openx.net
match.deepintent.com
match.taboola.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.company-target.com
secure.adnxs.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
token.rubiconproject.com
um.simpli.fi
x.bidswitch.net
x.yieldlift.com
103.229.10.171
103.229.205.242
103.229.206.240
103.231.98.196
104.16.88.20
104.18.101.194
104.18.12.76
104.18.18.126
104.18.19.126
104.18.35.11
104.211.156.162
104.254.151.69
104.26.3.91
104.26.4.103
104.45.178.220
104.65.228.195
104.83.196.24
104.83.197.63
13.107.42.14
13.227.254.2
13.227.254.65
13.228.176.16
13.228.221.159
13.251.107.224
13.33.33.27
13.76.45.37
139.162.23.100
142.251.10.113
142.251.10.138
142.251.10.148
142.251.10.154
142.251.10.95
142.251.12.103
142.251.12.132
142.251.12.154
142.251.12.94
145.40.89.200
148.251.121.152
150.95.47.242
162.19.80.92
172.217.194.132
172.217.194.156
172.253.118.156
18.136.32.109
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.25.248.23
202.232.238.37
202.241.208.56
204.79.197.200
209.58.171.197
209.58.188.181
23.15.148.136
23.36.48.24
23.36.49.63
23.44.0.196
23.44.1.2
34.107.148.139
34.234.80.8
34.98.64.218
35.186.193.173
35.213.109.249
35.71.178.8
37.157.2.236
42.99.128.160
42.99.140.161
42.99.140.201
50.116.239.135
51.79.234.100
52.203.75.132
52.223.40.198
52.51.102.69
52.68.209.218
52.74.162.2
52.77.148.4
52.84.45.129
54.243.184.83
54.64.11.100
54.95.0.189
69.16.175.10
69.173.158.64
69.173.158.65
70.42.32.127
74.118.186.45
74.125.200.94
74.125.200.97
74.125.24.113
74.125.24.155
74.125.24.156
74.125.24.94
74.125.68.100
74.125.68.132
84.17.37.44
89.207.22.140
93.158.134.90
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
06d1371c50d31ecc01e2c8bce98212d11448628b083c920d2322a0972f01b077
07911f80d027f5d10a099a849cadfec5d9b62cc21897b8d6688a587642d43e14
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09fe3a339dce9f0599a961a0562139acac9160b7617f912704f9a9d794263c80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9aa48a9dff744077cecac94c091930d9495b118a53160a65090bc8e1ae37fc
11c1597787373f89401d2e74e548b39e2605b6f6a6196483352e5da6c3f4dba0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
163bfb71e678051ec4084f1b780bc6f561a55b923d335b4450a76223fe0ad819
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
19dedac0d27d9363dedd26336e2a427761508f646d8bf6a7ee590c1eea2bec73
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
205314c4de632c91258c6099846461a3288ca46bd2861e28978e65ed83c51353
210b354d320b8e70dadb27e4b456fb516c3e3f8c49999c076850c4d645729459
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
21f6d7e99eb4821d7d8937b37a4b273172ff942aa1fa3b32b4942c44985c01ed
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2a32f145ebce429e33c7295b9ee1f383ae8b8cf476bd137924c2f26636003087
3057368a96c56c12aeeb96ba4bc5700265696e2e69ce3c1672d063118f91f99b
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
326de17256a9cc75656c8f20f8f35078d1a5d5d94cc690020ed91e15a6c7572f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3631ef029fba34c1b9e27946fba41c118111c96f7764f7796802621ced0ab8c3
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
370efdd0ddc70b544bd783d661fedac6c7d9960740c2d6640c36395f1b412946
377e246022b620e211db98564b08efd0cf750618c366ad5737f8207de3a1d776
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3870eb9d1d25279ec904448c152056b9427ca15d6b077fc78fd4f2f6eb0f7b62
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
42406888614f5578e2585d3a467f266f367f688782c680b0f50c71c13639707c
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49c820a88d1b3608b5b1c10d6357d9260bd34a32e1150a9967a0c9ff7ee2667f
4afac04c5fd0b8d418ba0f07626755756e3d1808cbd0f1d436a103ddfaf444ce
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbbd8001269beac1f780e81463066362e6d3fdf95ebdc53ac2cb00989594623
4bc9e83fca2d2ae4967da16dc2533cf48a9778dfdd2bf2765b267745a1979a12
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
4c36d0f7c513412dbda36a10dde18897df5a6865a9bfd6a5ebbc32650bdd1040
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a5ccd40c32161109aada87c54530237ce56da3fcba4530ae94ed91d7b61151
51493c4ff19c6c01b8df55b1ac314142efab12903db56853f74c8c97a34817e7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
572ebdeba9e3125c3bc1090e75e8d8f3a6af9da8b6658d0b66b15bfd25735e97
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
583f2392f3653d6bdfaf3809bca9e6f2eaf9ea667b32f889e350dc865bc405f5
58ff3810fdaaeb3ce75f88c1c9e6f13b3b4da2f7ae2a458efc3efcf858e4c7a2
5b823e7ab080ba4d9ad6345692575143e78ae37077e71a684b87fdbb121b6814
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
5e5394e4870fbf2ccb3f0a573c956ba994fbd27f9fa37e17ae36735cec59cba2
5ee3e2b294521befd0025c189e612ed2543efd6d36327b254569da26a8a96e88
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62595d93db984ca635bbf920da3a9480a0f537f8007135f9b761427361a57404
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
649b84d1f05a260e86dfcb7ab4f4e03e33994a7ecdd45e772bec2a1ea83b3b70
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67f895dc44f9c1df5a7e56ac784c4a8e9b8b64c2bfd1db81b0dd50639da7ee35
684a1bce9034f8a819e98aa54442bc390df922415123edb369a492c164ebd7e0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c27ec4f8f27aff15e2a2785626fb6f807b5a60088dd62cf9623c4c292dc7ca6
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
70a84a49257812c4c1717b760ed7c37ce52a13387e2cb6750ffb96ec49f263a4
728709bb752d1283ec57290b7343f81e5b38e27516d90f9eacc60b28242ad17c
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74065ce015044360dcb6423a2cb498a5a6697ebe541249b387d6323cdad85b24
755a3941416203cadf1a3aa429701144d0ad9413eae03232b0d0a960b659aa5b
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7dd282152ea026b481b7a56499936bf67eb2dfea143989816d41ef02762b0441
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
83cd5b5ee5caf9aeb5430ad97e146c6e8820396aea5ae41c00401d97e6f11431
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
862e9a07529e72bb39c8cc71572c748adf5aead4a08a3715a5fb3bfa8d4be87a
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89a2dba7f361fa29f672e6e57ea403824f8acd6fbae46dce81b2f3974ddb281c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8bb81d2e3072817635fd84e620fd7c670e0b1c8b213f68e79e17aa6b587403d7
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
979d4bbbbb5cc21e316b7122e1334eceaa6493539567599be551c83d3c4daeed
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9821bf9ff27575f64888eaec440d73223387d4219930c0fb03e060974f75a7e4
987b1201ac7cb1eebda2b0575d0895f503fc93c57e7d78a669124e93fafa6619
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc869c95057ac1e84d2d2ae85bce2a0ff7108283010734d8b56a3b05037d84d
9d9e838e11e53e28982fab39b9239fd02223517740e15a36d80cc781c2d2cfcf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a48c69a359585388a187b13a9ba94617f005703e47c7b60a72b4c3782d988e77
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51abdc945bd68a425eddc829372fe5380aff8fe0343c7246784db121f65f994
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7ad64467344e3d533364b6c6e2750df7e698810211f5964861816483ce4c72b
a87b8427c7d1d494cd441b27836db8d531335abe072323532d4340e4d02d6f88
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a9c18054279b9147f7c8ebe18144bf5be22f4d4c018dbbb08ed8b02d094ec0d2
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b
aa227dc0a845cd2898cfa3a5759f244db73e690a7596ff5af2512b836ed3440c
ad4958c76900083c53f5f0aac32262fb71d7726f7714120a73961bc6c495cb89
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32a5302c2c29f53fe831716d9e414dc52119c4ec18cd216ada91e105d7b8d7e
b5def0cb9e5f7cbbcb3a8da32fddc4199d875440fdf40e9423a4f75857b8f07f
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
b8fabde5975e307223faa6b22dd0ce1c28981b5e0eb151fb1d8d939b5588f71e
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4d689a987054d9df721d239e3a414047409135d2b1122de1eee0c2db59839a
bce7b7a333407f4649b212295c4ae99cfc020e26db50d87e3c92138bcf0426a8
bfbe4083cd7f48a312e81db70959942348412dea1900bb643fc715e5c04d09df
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c148e1428078e0dcaa31bfb042d4206b14350b37af9eb890007e471d32e78de3
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720
c3b67eb6f6ef773c2180143485f4a2fdbd98efaf0da420c864ab1441182d3c2e
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c528c41a5d6e2c5f27f6f823ebb3c3f31a027d70c78d63faeb43349ef58148af
c53f4706b6959f19ff2d7b6ac019b91cb3eb325d8e5024c6613e226506d6d71e
c6b1aa1499455ee132e09924aaa6b02e85cce2505027791f6dc43ae16d18d847
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c815e6129b5532c4cf76bd81235efb0ad865e0e180ebccb52dc222d9a86c61ee
c892a2dc1db2b00757a84d74f09a43cdef4fb1e7ec1aa17e1667501966bbeef9
c8d04fee070c60bf0f78a52074f6d3e6bfdd9dcc9fee3d83df476907014e8af1
c8fdec7ade53f6db530b7b1d57f6228b3f04ffa5e82214b8e108072e8c2e983b
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d32484f9967623ac308f1d5406d313bf0674e8be1b369152accaf66733c2b028
d4e12c724bd3565d49fe59938a5f95207a56e2648c14e771bd0080f2708725e0
d5f073457c96f8bfae91051433518d5bd41261d05318fc49307983717afed48c
da6fb9e65d6e2a0e5e834bbb4acc3c778dfad0a287b6b4916c50634212d65e8b
da9411908b166ea5ffd91ae9206128a43fa7129bad64cb40ca166ff01ac58580
dc5a5296ee533695e29ff23e85882eb74bd094482d5c31a0aeacc635b3b4775c
dd98325b703df4f13c3a2ebcb93a7726270304b854afc75f4d5dfe5f27852937
de4507703d0e0926c8521840a1fd8df3d52f32c0fa7dded58a5a945e7f72ad66
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e07f2a6e452e9ec0f26ed7f102a6ea9a6cf1f4247a135032060e53162809abe3
e2e5baf86025b4272537a2536a46ac70078ccb4ee34604618157c8bcb708486f
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
e8cbdf1688bae05833c4d3ae337ef116923d92748a8c59539e63cb9cc928f05d
e9586027420209db9003ae6157cbd1ae6fad347acdae2abf5b07d85fa50dc7c3
e9c650b33f52e34e00446a248140a8bcd04d831ed6ecd06c6b6d8d80c6b55c12
eb2e7310186a18f67a70e29a4955a80db843db879b6748e34cc7add166dcd09a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee0a58bac715609350fa12100e1b78dbf7b4bcc170319a64379dcb6271166897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1535199f71b96d423d3f991a5a0a92ca5779e74d2e23a509b5022ef347129a2
f18cebda19308aeea6be683ac234fe77dcf2d644517b6b31fa5b47144688e409
f1d600b9954cad616ff158479481deb48e735cac679a694dce338fcd45d192fd
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e
f3492fc9275c57dcca4ce182c78f6a557fa9cbe765cba5aa447c9bc4eff2ba4f
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fcd44867c62e54c1e0ea6f78bdab55fb5f5da37e1433b789a1cfce226b22ff70
fcd86feec018c01e74bc7c39bfbd3be5ceffcfa6e8057081abde3c01254a662f
fda386053b17355faa5ebb575579ce1b0a605a773c884a9cbb2adbfe85f89e04
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e